mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com Open in urlscan Pro
3.130.242.255 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Submission: On June 16 via api (June 16th 2024, 3:18:38 am UTC) from US — Scanned from US

Summary HTTP 302 Redirects Links 94 Behaviour Indicators

Summary

This website contacted 82 IPs in 2 countries across 54 domains to perform 302 HTTP transactions. The main IP is 3.130.242.255, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 24th 2023. Valid for: a year.

This is the only time mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	3.130.242.255 3.130.242.255	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:440... 2606:4700:4400::6812:2894	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.238.49.67 18.238.49.67	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
2	2600:9000:24f... 2600:9000:24f1:800:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	34.171.47.125 34.171.47.125	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
1	18.238.49.105 18.238.49.105	16509 (AMAZON-02) (AMAZON-02)
2	52.85.61.120 52.85.61.120	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
1	23.56.163.191 23.56.163.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
1	18.238.49.62 18.238.49.62	16509 (AMAZON-02) (AMAZON-02)
25	2606:4700:10:... 2606:4700:10::6816:a40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
5	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
1	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c21::9b	15169 (GOOGLE) (GOOGLE)
3	142.250.72.100 142.250.72.100	15169 (GOOGLE) (GOOGLE)
2 18	54.83.235.193 54.83.235.193	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:23c... 2600:9000:23ca:e000:3:9dfe:0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	3.5.132.192 3.5.132.192	16509 (AMAZON-02) (AMAZON-02)
1	18.210.213.167 18.210.213.167	14618 (AMAZON-AES) (AMAZON-AES)
7	2600:9000:26f... 2600:9000:26fa:dc00:18:a82e:7180:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:26f... 2600:9000:26fa:5200:f:c7b3:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 7	108.138.106.50 108.138.106.50	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	172.67.74.152 172.67.74.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.139.29.122 108.139.29.122	16509 (AMAZON-02) (AMAZON-02)
1	35.153.26.62 35.153.26.62	14618 (AMAZON-AES) (AMAZON-AES)
3	18.173.219.5 18.173.219.5	16509 (AMAZON-02) (AMAZON-02)
2	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.82.243.165 54.82.243.165	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:266... 2600:9000:266a:3c00:e:8add:c340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	18.164.124.24 18.164.124.24	16509 (AMAZON-02) (AMAZON-02)
3	108.138.115.149 108.138.115.149	16509 (AMAZON-02) (AMAZON-02)
11	2600:9000:26f... 2600:9000:26fa:200:f:c7b3:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	142.250.65.200 142.250.65.200	15169 (GOOGLE) (GOOGLE)
1	44.208.97.87 44.208.97.87	14618 (AMAZON-AES) (AMAZON-AES)
2 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.107.165.188 34.107.165.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.106.33 108.138.106.33	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:26f... 2600:9000:26fa:a400:8:4487:bd00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:823::2006	15169 (GOOGLE) (GOOGLE)
1	108.138.106.70 108.138.106.70	16509 (AMAZON-02) (AMAZON-02)
8	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.65.238 142.250.65.238	15169 (GOOGLE) (GOOGLE)
1	23.201.174.84 23.201.174.84	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.56.163.14 23.56.163.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.47.170.102 23.47.170.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	68.67.160.117 68.67.160.117	29990 (ASN-APPNEX) (ASN-APPNEX)
1 7	52.32.228.149 52.32.228.149	16509 (AMAZON-02) (AMAZON-02)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
1	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
1 2	23.105.14.106 23.105.14.106	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 1	2620:112:f008... 2620:112:f008:200::101	26120 (RHYTHMONE) (RHYTHMONE)
4	3.23.7.186 3.23.7.186	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	208.70.69.156 208.70.69.156	21858 (ASCENT-DA...) (ASCENT-DATA-LLC)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
302	82

34 3.130.242.255 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-242-255.us-east-2.compute.amazonaws.com

mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::6812:2894 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.49.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-67.jfk52.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

cloud.typenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24f1:800:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.171.47.125 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 125.47.171.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.35.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-105.jfk52.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.61.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-120.ewr53.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

fastly-cloud.typenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

803fdae72fe670ac65bcac8d4ee7a82e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.70 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.163.191 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-191.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-62.jfk52.r.cloudfront.net

measure.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:10::6816:a40 (United States)

ASN13335 (CLOUDFLARENET, US)

files.triblive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-varnish.triblive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.81.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.72.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.83.235.193 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-235-193.compute-1.amazonaws.com

www.civicscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
get.civicscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23ca:e000:3:9dfe:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.sided.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.5.132.192 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

search-module.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.213.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-213-167.compute-1.amazonaws.com

web.adblade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:26fa:dc00:18:a82e:7180:93a1 (United States)

ASN16509 (AMAZON-02, US)

discovery.evvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26fa:5200:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2zqfs55y95cft.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.138.106.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-50.jfk50.r.cloudfront.net

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embedcdn.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-122.jfk50.r.cloudfront.net

cdn.sided.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.153.26.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-26-62.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.219.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-5.jfk52.r.cloudfront.net

discovery.evvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.82.243.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-243-165.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266a:3c00:e:8add:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)

mp.mmvideocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.164.124.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-24.jfk50.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:26fa:200:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.civicscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.200 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.208.97.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-97-87.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.165.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.165.107.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-33.jfk50.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26fa:a400:8:4487:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.mktg.evvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-70.jfk50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual-analytics.wunderkind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.174.84 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-174-84.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.163.14 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-14.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.170.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-170-102.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.117 (Colonia, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.32.228.149 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-228-149.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.66 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.105.14.106 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.106.rdns.racklot.com

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f008:200::101 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.23.7.186 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-7-186.us-east-2.compute.amazonaws.com

ckxj10om5j.execute-api.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.70.69.156 (Coal Center, United States)

ASN21858 (ASCENT-DATA-LLC, US)
PTR: cdn.mesearch.ai

mesearch.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	elasticbeanstalk.com mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com	2 MB
29	civicscience.com 2 redirects www.civicscience.com — Cisco Umbrella Rank: 5597 get.civicscience.com — Cisco Umbrella Rank: 17550 cdn.civicscience.com — Cisco Umbrella Rank: 7267	74 KB
28	googlesyndication.com 803fdae72fe670ac65bcac8d4ee7a82e.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136 tpc.googlesyndication.com — Cisco Umbrella Rank: 172	487 KB
25	triblive.com files.triblive.com — Cisco Umbrella Rank: 456380 assets-varnish.triblive.com — Cisco Umbrella Rank: 126173	1 MB
21	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 ad.doubleclick.net — Cisco Umbrella Rank: 164 googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 stats.g.doubleclick.net — Cisco Umbrella Rank: 132 cm.g.doubleclick.net — Cisco Umbrella Rank: 276	181 KB
14	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 1783 a.ad.gt — Cisco Umbrella Rank: 1995 p.ad.gt — Cisco Umbrella Rank: 2229 ids.ad.gt — Cisco Umbrella Rank: 1762 pixels.ad.gt — Cisco Umbrella Rank: 2151 seg.ad.gt — Cisco Umbrella Rank: 3273	24 KB
13	evvnt.com discovery.evvnt.com — Cisco Umbrella Rank: 35557 cdn.prod.mktg.evvnt.com — Cisco Umbrella Rank: 40403	377 KB
12	sendtonews.com 1 redirects embed.sendtonews.com — Cisco Umbrella Rank: 15513 embedcdn.sendtonews.com — Cisco Umbrella Rank: 17123 s2l.sendtonews.com — Cisco Umbrella Rank: 15393 player.sendtonews.com — Cisco Umbrella Rank: 19042	447 KB
12	cloudfront.net d2zqfs55y95cft.cloudfront.net d29xw9s9x32j3w.cloudfront.net	540 KB
10	amazonaws.com search-module.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 202741 ckxj10om5j.execute-api.us-east-2.amazonaws.com — Cisco Umbrella Rank: 179345	176 KB
10	bounceexchange.com tag.bounceexchange.com — Cisco Umbrella Rank: 5010 assets.bounceexchange.com — Cisco Umbrella Rank: 2833 api.bounceexchange.com — Cisco Umbrella Rank: 3118	174 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	551 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 457 fonts.googleapis.com — Cisco Umbrella Rank: 77 imasdk.googleapis.com — Cisco Umbrella Rank: 538	173 KB
6	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 9481	114 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 171 www.google.com — Cisco Umbrella Rank: 5	127 B
5	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 135
5	adsrvr.org 2 redirects js.adsrvr.org — Cisco Umbrella Rank: 1419 match.adsrvr.org — Cisco Umbrella Rank: 415 insight.adsrvr.org — Cisco Umbrella Rank: 1061	7 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68	21 KB
4	bouncex.net events.bouncex.net — Cisco Umbrella Rank: 2604	490 B
4	gstatic.com fonts.gstatic.com	191 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 351 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 733	82 KB
4	33across.com 1 redirects cdn-ima.33across.com — Cisco Umbrella Rank: 1470 lexicon.33across.com — Cisco Umbrella Rank: 1767	13 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 515	1 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1659 mab.chartbeat.com — Cisco Umbrella Rank: 2982	26 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 3171	73 KB
2	mesearch.ai mesearch.ai — Cisco Umbrella Rank: 194361	91 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1512	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 522	2 KB
2	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 666 token.rubiconproject.com — Cisco Umbrella Rank: 509	695 B
2	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 601 image2.pubmatic.com — Cisco Umbrella Rank: 1064	262 B
2	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2062	23 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	25 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 756	12 KB
2	ipify.org api.ipify.org — Cisco Umbrella Rank: 2557	229 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	sided.co cdn.sided.co — Cisco Umbrella Rank: 71525	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	74 KB
2	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 35597 cdn.firstimpression.io — Cisco Umbrella Rank: 33375	94 KB
2	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 35996 measure.analysis.fi — Cisco Umbrella Rank: 148369	2 KB
2	typenetwork.com cloud.typenetwork.com — Cisco Umbrella Rank: 55917 fastly-cloud.typenetwork.com — Cisco Umbrella Rank: 56547	27 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1389	443 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 523	99 B
1	wunderkind.co contextual-analytics.wunderkind.co — Cisco Umbrella Rank: 4036	299 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1328	17 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 348	17 KB
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1121	306 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 7983	300 B
1	mmvideocdn.com mp.mmvideocdn.com — Cisco Umbrella Rank: 12939	22 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1477	201 B
1	adblade.com web.adblade.com — Cisco Umbrella Rank: 117230	7 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2093	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	306 B
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 5197	449 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 333	31 KB
302	54

	Domain	Requested by
34	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com ajax.googleapis.com
24	assets-varnish.triblive.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
17	www.civicscience.com	1 redirects mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com get.civicscience.com tagan.adlightning.com www.civicscience.com
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com imasdk.googleapis.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com pagead2.googlesyndication.com imasdk.googleapis.com
11	cdn.civicscience.com	get.civicscience.com www.civicscience.com tagan.adlightning.com cdn.civicscience.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com tagan.adlightning.com
10	d29xw9s9x32j3w.cloudfront.net	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com embed.sendtonews.com
10	discovery.evvnt.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com discovery.evvnt.com tagan.adlightning.com
7	ids.ad.gt	1 redirects mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
6	assets.bounceexchange.com	tagan.adlightning.com assets.bounceexchange.com
6	embed.sendtonews.com	1 redirects mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com embed.sendtonews.com
6	search-module.s3.us-east-2.amazonaws.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
6	www.googletagmanager.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com www.googletagmanager.com p.ad.gt
6	cookie-cdn.cookiepro.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com cookie-cdn.cookiepro.com
5	www.googleadservices.com	pagead2.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com p.ad.gt
4	ckxj10om5j.execute-api.us-east-2.amazonaws.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com search-module.s3.us-east-2.amazonaws.com
4	events.bouncex.net	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
4	fonts.gstatic.com	fonts.googleapis.com
4	s2l.sendtonews.com	embed.sendtonews.com
3	pixel.tapad.com	3 redirects
3	api.bounceexchange.com	tagan.adlightning.com
3	cdn.prod.mktg.evvnt.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
3	match.adsrvr.org	2 redirects js-sec.indexww.com
3	c.amazon-adsystem.com	embed.sendtonews.com c.amazon-adsystem.com
3	fonts.googleapis.com	embed.sendtonews.com cdn.civicscience.com
3	www.google.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com tagan.adlightning.com
3	tagan.adlightning.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com tagan.adlightning.com
2	mesearch.ai	search-module.s3.us-east-2.amazonaws.com
2	sync.smartadserver.com	1 redirects mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
2	cm.g.doubleclick.net	1 redirects mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
2	secure.adnxs.com	2 redirects
2	a.ad.gt	cdn.hadronid.net p.ad.gt
2	id.hadron.ad.gt	cdn.hadronid.net
2	lexicon.33across.com	1 redirects mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
2	cdn.hadronid.net	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com a.ad.gt
2	cdn-ima.33across.com	tagan.adlightning.com mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
2	imasdk.googleapis.com	tagan.adlightning.com
2	cdnjs.cloudflare.com	tagan.adlightning.com embed.sendtonews.com
2	js-sec.indexww.com	tagan.adlightning.com
2	api.ipify.org	ajax.googleapis.com
2	www.facebook.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
2	d2zqfs55y95cft.cloudfront.net	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
2	cdn.sided.co	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com cdn.sided.co
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com connect.facebook.net
2	static.chartbeat.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	insight.adsrvr.org	tagan.adlightning.com
1	seg.ad.gt	p.ad.gt
1	pixels.ad.gt	p.ad.gt
1	d.turn.com	1 redirects
1	sync.1rx.io	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	token.rubiconproject.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	image2.pubmatic.com	1 redirects
1	p.ad.gt	a.ad.gt
1	contextual-analytics.wunderkind.co	ajax.googleapis.com
1	eus.rubiconproject.com	tagan.adlightning.com
1	ads.pubmatic.com	tagan.adlightning.com
1	secure.cdn.fastclick.net	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	s0.2mdn.net	imasdk.googleapis.com
1	player.sendtonews.com	embed.sendtonews.com
1	api.rlcdn.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	mp.mmvideocdn.com	embed.sendtonews.com
1	ping.chartbeat.net	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	embedcdn.sendtonews.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	get.civicscience.com	1 redirects
1	web.adblade.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	files.triblive.com	securepubads.g.doubleclick.net
1	measure.analysis.fi	ecdn.analysis.fi
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	mab.chartbeat.com	static.chartbeat.com
1	widgets.outbrain.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	ad.doubleclick.net	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	803fdae72fe670ac65bcac8d4ee7a82e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fastly-cloud.typenetwork.com	cloud.typenetwork.com
1	ecdn.firstimpression.io	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	ecdn.analysis.fi	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	tag.simpli.fi	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	ajax.googleapis.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	cloud.typenetwork.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	tag.bounceexchange.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
1	www.googletagservices.com	mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
302	89

This site contains links to these domains. Also see Links.

Domain
www.tribliveoffers.com
signup.triblive.com
mediakit.triblive.com
classifieds.triblive.com
jobs.triblive.com
e.triblive.com
tribhssn.triblive.com
triblive.com
adclick.g.doubleclick.net
community.triblive.com
podcast.triblive.com
video.triblive.com
obituaries.triblive.com
www.legacy.com
www.facebook.com
twitter.com
instagram.com
pittsburghpennysaver.com
tribtotalmedia.com
advertisers.triblive.com
www.instagram.com
www.linkedin.com
apps.apple.com
play.google.com
bestofthebest.triblive.com
contests.triblive.com
realestate.triblive.com
cookiepedia.co.uk
www.cookiepro.com
onetrust.com

Subject Issuer	Validity	Valid
*.triblive.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-24` - `2024-08-05`	a year	crt.sh
cookiepro.com E1	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
tag.bounceexchange.com R3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
cloud.typenetwork.com R10	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
analysis.fi Amazon RSA 2048 M01	`2023-10-04` - `2024-10-31`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2023-11-28` - `2024-12-05`	a year	crt.sh
fastly-cloud.typenetwork.com R11	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-25` - `2024-06-23`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.civicscience.com Amazon RSA 2048 M03	`2024-03-05` - `2025-04-03`	a year	crt.sh
sided.co Amazon RSA 2048 M03	`2024-01-02` - `2025-01-29`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2024-02-29` - `2025-02-12`	a year	crt.sh
adblade.com Amazon RSA 2048 M02	`2024-02-16` - `2025-03-16`	a year	crt.sh
discovery.evvnt.com Amazon RSA 2048 M02	`2024-02-12` - `2025-03-11`	a year	crt.sh
ipify.org GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh
assets.bounceexchange.com WR3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
sendtonews.com Amazon RSA 2048 M02	`2023-10-22` - `2024-11-19`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.sendtonews.com Amazon RSA 2048 M02	`2024-03-18` - `2025-04-15`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
mp.mmvideocdn.com Amazon RSA 2048 M02	`2024-03-27` - `2025-04-25`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
rkdms.com Amazon RSA 2048 M03	`2023-10-04` - `2024-11-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
cdn.prod.mktg.evvnt.com Amazon RSA 2048 M02	`2024-05-07` - `2025-06-04`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
*.wunderkind.co R3	`2024-06-03` - `2024-09-01`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-05-29` - `2024-08-27`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-07` - `2025-04-03`	a year	crt.sh
id.hadron.ad.gt E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
a.ad.gt E6	`2024-06-09` - `2024-09-07`	3 months	crt.sh
p.ad.gt Cloudflare Inc ECC CA-3	`2023-11-09` - `2024-11-07`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2023-07-18` - `2024-06-28`	a year	crt.sh
*.execute-api.us-east-2.amazonaws.com Amazon RSA 2048 M02	`2024-05-01` - `2025-05-30`	a year	crt.sh
pixels.ad.gt E1	`2024-05-10` - `2024-08-08`	3 months	crt.sh
seg.ad.gt E1	`2024-05-10` - `2024-08-08`	3 months	crt.sh
mesearch.ai Sectigo RSA Domain Validation Secure Server CA	`2024-05-01` - `2025-05-08`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Frame ID: 63A089C54EB741BB702CD4A9AAB088D0
Requests: 211 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 7310430E4C6876E0F73E877DF413533E
Requests: 1 HTTP requests in this frame

Frame: https://803fdae72fe670ac65bcac8d4ee7a82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C17170D9CC3EE7118B15FFF920648E8C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIOi_WlxjTfn8Grm3hFUKh1cOUuA2VUCKr7SBMREYT8SfcNk1cSGX4fKHvr9GJZGL4j0gaJE57q11KthcM8nnobFOMf-ks2n_cmce5746kPhbariYe4U4DacL-aNG6Ou6dEwcktBxS0jrA_wr_RuNCg3ppDMCUDM34q8nl1y_mpm1zyhBbn2axrqJ9yJ-4lopDT5cWtzMHPrTWvdAXxeRbsoIrxeq3cZdSrtvzpwSkp852z5ispOxufC1O6gpyxkrEP6qy6n6Az2isHkKfJrTblQOBNVn5S7P-TuzVSX6mIDBifRm07GX5uYe7PoQnN4KpJl3B6b9GFgl1ygwy6olvIFn63orNNiFe9PmX36HYt6UCWgte9-vXm3c3qcBNCrUQ5dP5HwWGuhsuRk03_g&sai=AMfl-YQY1AaCQpOpm25ywKSzRhYNZF6b5GfzBHpqKVixRIMz6K5mDBg13XjY8f5U3cGwsYQ_l3Q-c0hrzavvA-LQWYc4b0IMTNkryT-Jd9viCVx1yRIuF45U61tVxd9fbD-9i9egTotyuZNGbSV00RoOd5c&sig=Cg0ArKJSzM9USAFG8At0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D94DD5C80732AC48AC23BB235024F0B8
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ8TsLH_hB6bYwBO53FHs40l4DFx3qv442e-IKct3Y6NnulTV_S17PmRNT3cpPosKQBSn4fY0odGx0zgGEmVOTL8FVDZEp8EZJ3ivRniqJa_dTypbKt7TXhQzTJtDRQR9l-9wv7fgIFRkjRPdokBt3N12VIhCZfi5-w_m1KBAmlzqCWVfv7Dr9j3jDYOedRhAOG_eHVHC_l4mNkGYJHiOLXw92fd2fAlwR01nq41pEW8ogwnPeIs4MajCTZdrljinqB1xjmNVgyuQMzKgsk1mqQIS9Q9k7v9u5wWpoPAwB2VwZEMwCpouErN6TwARHHT58aRwUPQxyd3nFZ2fa0M9CxN0E3DQtueQvwNsuIPoh-wrA3RoPOt6a8r6OFj2DUtfOKAc8tpzstgqUkzM7bIvCe6UkZ_HP2jXkoVsN6iiWVGO8OBk8EI1tQD7gEfwawA&sai=AMfl-YREuJjeYI_sglegWnHqRxjBcCOya3ppSFIEOepvK1uK0Bz1TmtmZOOZGcFxGq8X2To5L3rtgqI5fXlZ15XvkYxY4yWbQGNN8w0a8I5aDGFLsvO5DqcMdTs77aWqWAMj_kOe8QZazRnPu1dmHF1HOMQ&sig=Cg0ArKJSzCpK8X3CwlvrEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D26E1FCFD0F4912656DAFD82C4A1F255
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTmwpkO_WS2UKc-T276RoiOuamk4vDqWJwheJzY4inZOsZ0kgtORCqLUQvymauH_cNEOBY1uNvmCx_1bgWmLtqrbk4siI7K2ij7JY3G1PDGeBHv6fs6B60jxK5cR-CM402UgCYha3NFGPcqwgSp4e9X8H5LVSakGzN16NVYOI-5sAPVo8ai5RH4K991x7FIhUujMYSdKyGU5JenlxpkbVjuqGskCC_xekzjc6MYfKSQ__33UXMGvabZT6eQ9UXVI5V2d-MlsCwaDaQgm3qUE8PklFEHPJ6mvyFZYwjJlzo0b9qEYC_I24GyN0JDTbu1xt_TzLPtfp0U_618WqJZ4bdopBtjBrfrdQpEWw0gNd5bzo_3QLTZjlLFbHa9JcOJr5IIqPtAVI3zWR6QXxtGSthYxHjI6CrWeuSBZCj2PNhpluSAR0K72RDh1w&sai=AMfl-YSouhuHAK0DqjPfAcDjIPDAuekBP_r1t6tCKw-AlHFCfvUfY7X5l9YHt6X8uBLIev9NHmyF1SMFZ8McNSkSMnLJ9J39ajAL7WXB9kCDCMARu-mvWpiQo_1lwq8GADlcp6TIuyKmov3dGfjMEvvoFm8&sig=Cg0ArKJSzCTR17vzItqjEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 162664A25B19B913B4DCFCD69CF2D97A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk6pXtBCqbFBuLePLpeSEdUXgkOp4OEQ6ELCoHJM5M_ns-CuaoAlNNoQ0bk2Qi48iVfH7c4beR0eePjgTjTi_DbzLtqdVJK72rU2pziCJbLTrPZ6zCd1irS1LWUVHbLDjsAuwmr2yKj2zvqTY286qoXloSbyEmIRk5Kt_JQ4x7j43nyeNnmBbXw0DKXZdjl9_PtPKwQn6h_e9GvLOK0C2ESkGhENZGO8cap9u7_hfhp0BNfvyUSqsEbWzDbHflNI7iLWJqVQVT6AqIyyhTB6OKMQmWyA2bEcxFYvuLMs7aW_exu6u_xh2cLNChGaRbAuIWKfQsqsZspGL2f5oUXBTvYhJMXAfNvT_l8RTrkHcgJsbWc7adDCIwE78qExMWpsoaILAso1vIxtvDV3ZUa5VuThk&sai=AMfl-YTIPdcC6EdcDgycTUdgYY9b0JVi4d6YOoTzb9CVou_uZbp9wy3Td6S2tqol3jM3XKHHOp_3wgF_oPHNJtx4ghFwpSpztDX7FnZaK_9rNYdxMx938eZV8LUwlEBy6cwPJuf0ZnUjo7BmJonPpUr72L8&sig=Cg0ArKJSzLpQ_CxzUpETEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 3FF3C0415757474DF7F552AE500087F3
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw5He1JdrBCnjkv6Xyl1uSTVDb4qb1c-bjaGKLtOVBWCurTIeggKysb15xqLaZ-I9R9V-eQBJiv5G_OfNI_eVmzq8jE5i1zWaJSrCrPFfAR6f-dRxWqUttt4Oj57PmCyaj8KPzcfFn_1wCTDf7oOsE_z14YDwgAn8VV1U6sEy09XLFOFPA2kJhx6g9tVpLnhp9cgbfZwRLsN6jOMDXun2UPpwsk5QAIw6p4S3E82gNe4hwE4pWwKRQMQQ_yohsN5MzKcTuCBF9FgtEk3lGX8N1dSDKJl-_7YbjT3cCUctQTpHeSxiN6HWEM_KcH0dNmdHF824uj5Al1r8TrImLObPBBTjEYs5dgkij3FBkmlI93B4dDj-yk54Vy01yhqFTeSXaqxJHC9F_UY5EUT_zWHUZw8s&sai=AMfl-YQfsUld5Plee6Fato8O3QwiqUdqumoZNuK14Ohexei5fBY3n-PVCCrGb5AUegJuDMIiVjEpLJBlglh6PI90yFnJHqS8Wm1wxijtFhn6-ZTmmCnnZpR-mBrAMIx_CIlvQLEgZG3Lwk3fGZXwz-AlvuY&sig=Cg0ArKJSzNnrxeb6r2wjEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: FF2EBE93D15028C406BAEE7900DD1C34
Requests: 7 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: CB12F45373430DA5140CE9674B493F40
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 2977EC1F297A5B8F702CC7C8F2BB26A1
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 77A40F2D5358EB8BB4FEC5E8AAE67D01
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: FF5A6D2A9624E06930901DA4AFAAC42C
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: F96E6C1D9910E4BE2EE31DD5EABEF9C4
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 209E1128BF52E293A6A67CC44037452A
Requests: 31 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 7789869A32D8A083A942319B2F0A558F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.646.1_en.html
Frame ID: 56ADD02ADEC628C7B40A0A8F68052405
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5CF3D571C9E59DF5F3474CA3F6686E98
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4F34774532B2FD8968FD3934117EAD50
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: B82CF4112119580A4645D5D86F61B2A4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Frame ID: 96A3177EBDD51900AEDC584181FA3FD8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.civicscience.com/jspoll/5/csw.5.4.24.css?pv=5.4.24
Frame ID: B0BB1303604639450CAE0942201B0AEC
Requests: 6 HTTP requests in this frame

Frame: https://cdn.civicscience.com/jspoll/5/csw.5.4.24.css?pv=5.4.24
Frame ID: 9D33EDDA21337D99ED18037407CB0022
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&upid=f0zoguk&upv=1.1.0
Frame ID: EEC7FC992860FA13C03914A07A9E71C2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 627C444C82DEB152B38D208DB89E5105
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 019506984CD92133EF9C64A4288D1B06
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

302
Requests

84 %
HTTPS

35 %
IPv6

54
Domains

89
Subdomains

82
IPs

2
Countries

6895 kB
Transfer

14797 kB
Size

177
Cookies

94 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tribliveoffers.com/
Title: SUBSCRIBE

Search URL Search Domain Scan URL

URL: https://signup.triblive.com/
Title: NEWSLETTERS

Search URL Search Domain Scan URL

URL: https://mediakit.triblive.com/
Title: ADVERTISE

Search URL Search Domain Scan URL

URL: https://classifieds.triblive.com/
Title: CLASSIFIEDS

Search URL Search Domain Scan URL

URL: https://jobs.triblive.com/
Title: JOBS

Search URL Search Domain Scan URL

URL: https://e.triblive.com/
Title: E-TRIB

Search URL Search Domain Scan URL

URL: https://tribhssn.triblive.com/
Title: HIGH SCHOOL SPORTS NETWORK

Search URL Search Domain Scan URL

URL: https://triblive.com/community/
Title: TRIBLIVE LOCAL

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvsA5NCNg0M-Ni_yg-bRauyi_ZGv7sFuyKltHUBail0upyRkCokbI2RIDJZC_AzLLYy9oh5aHz7QnFFZCTrcMPtXvRhER-VVpi1XDV1iVyDcHkPp4ThhAuKe_Q1OqcxdDvvQyx1Iy3kCwXiCOIs-MmOBmvp4DM9iBvjFiM6qs6vWN0-eAPAehBGnxqGckAZKTMDvVe3q2SYSAz3YbzP-MWfCmpSWhynqRbZO3xtZ-hpnP9WJoJK_FX3bEtp86oS_dZfO5FJIs0jxkzRREylsyE7Wsy22YDsnwb88PQqyTdjzKorbSxNSBlzj2K2ZLIotUx5Lwd944EnRrqlLGld_DywhHNb5xBLsHMTn4FSOjEF9K3g3bpO4UKqEUoepIiEINVU1IDRQR2jonIUcsHxiqri&sai=AMfl-YQDiBoMk9t89GFLE7A5evdWzbO0o1n6GCCXvFkuuylQSmTcphinwL41eAMYWEd2ez76s6B6YqXSdE9cDFcCaQZlrLTnmfND3aMfgU8VM3NG-tGrYxcR93lBsq-zbzNaXT_3RBa5ABAPeEvKkFE_YhI&sig=Cg0ArKJSzIJb6BOi3u8NEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://www.bryerpaving.net/

Search URL Search Domain Scan URL

URL: https://community.triblive.com/
Title: Local

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/bethel-park-journal/
Title: Bethel Park Journal

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/bridgeville-signal-item/
Title: Bridgeville Signal Item

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/fox-chapel-herald/
Title: Fox Chapel Herald

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/hampton-journal/
Title: Hampton Journal

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/monroeville-times-express/
Title: Monroeville Times Express

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/murrysville-star/
Title: Murrysville Star

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/north-allegheny-journal/
Title: North Allegheny Journal

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/north-hills-journal/
Title: North Hills Journal

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/norwin-star/
Title: Norwin Star

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/penn-hills-progress/
Title: Penn Hills Progress

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/penn-trafford-star/
Title: Penn-Trafford Star

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/pine-creek-journal/
Title: Pine Creek Journal

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/plum-advance-leader/
Title: Plum Advance Leader

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/sewickley-herald/
Title: Sewickley Herald

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/shaler-journal/
Title: Shaler Journal

Search URL Search Domain Scan URL

URL: https://community.triblive.com/c/south-hills-record/
Title: South Hills Record

Search URL Search Domain Scan URL

URL: https://triblive.com/sports/sports-columnists/tim-benz/
Title: Breakfast With Benz

Search URL Search Domain Scan URL

URL: https://podcast.triblive.com/
Title: Podcast Network

Search URL Search Domain Scan URL

URL: https://video.triblive.com/
Title: Video

Search URL Search Domain Scan URL

URL: https://obituaries.triblive.com/us/obituaries/triblive/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-tribune-review/today
Title: Tribune-Review

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/triblive-valley-news-dispatch/
Title: Valley News Dispatch

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-signal-item/browse
Title: Carnegie Signal Item

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-the-herald/browse
Title: Fox Chapel Herald

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-hampton-journal/browse
Title: Hampton Journal

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-times-express/browse
Title: Monroeville Times Express

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-murrysville-star/browse
Title: Murrysville Star

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-north-journal/browse
Title: North Journal

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-norwin-star/browse
Title: Norwin Star

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-penn-hills/browse
Title: Penn Hills Progress

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-penn-trafford-star/browse
Title: Penn-Trafford Star

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-pine-creek-journal/browse
Title: Pine Creek Journal

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-advance-leader/browse
Title: Plum Advance Leader

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-sewickley-herald/browse
Title: Sewickley Herald

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-shaler-journal/browse
Title: Shaler Journal

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-south-hills-record/browse
Title: South Hills Record

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/triblive-online-only/today
Title: Online Only

Search URL Search Domain Scan URL

URL: https://obituaries.triblive.com/obituaries/triblive/
Title: All Obituaries

Search URL Search Domain Scan URL

URL: https://www.facebook.com/triblive

Search URL Search Domain Scan URL

URL: https://twitter.com/TribLIVE

Search URL Search Domain Scan URL

URL: https://instagram.com/triblive/

Search URL Search Domain Scan URL

URL: https://pittsburghpennysaver.com/
Title: CLASSIFIEDS

Search URL Search Domain Scan URL

URL: https://triblive.com/local/western-pennsylvania-juneteenth-celebration-a-weekend-of-empowerment-and-joy/
Title: Western Pennsylvania Juneteenth Celebration a weekend of empowerment and joy

Search URL Search Domain Scan URL

URL: https://triblive.com/sports/nascars-cup-series-comes-to-iowa-but-its-not-same-track-drivers-remember/
Title: NASCAR's Cup Series comes to Iowa, but it's not same track drivers remember

Search URL Search Domain Scan URL

URL: https://triblive.com/sports/pirates-place-henry-davis-on-concussion-il-recall-jason-delay-to-serve-as-backup-catcher/
Title: Pirates place Henry Davis on concussion IL, recall Jason Delay to serve as backup catcher

Search URL Search Domain Scan URL

URL: https://triblive.com/local/valley-news-dispatch/aspinwall-to-start-posting-council-meeting-videos-online/
Title: Aspinwall to start posting council meeting videos online

Search URL Search Domain Scan URL

URL: https://triblive.com/local/valley-news-dispatch/fire-destroys-longtime-avonmore-bar/
Title: Fire destroys longtime Avonmore bar — the third one to burn in 6 years

Search URL Search Domain Scan URL

URL: https://triblive.com/sports/riverhounds-winless-streak-hits-6-with-loss-at-hartford/
Title: Riverhounds' winless streak hits 6 with loss at Hartford

Search URL Search Domain Scan URL

URL: https://mediakit.triblive.com/about/who-we-are/
Title: About Us

Search URL Search Domain Scan URL

URL: https://mediakit.triblive.com/advertising-services
Title: Advertise

Search URL Search Domain Scan URL

URL: https://tribtotalmedia.com/jobs/
Title: Career Opportunities

Search URL Search Domain Scan URL

URL: https://mediakit.triblive.com/contact-us/
Title: Contact Advertising

Search URL Search Domain Scan URL

URL: https://triblive.com/news/contactus/
Title: Contact Newsroom

Search URL Search Domain Scan URL

URL: https://tribtotalmedia.com/subscriber-services/customer-feedback/
Title: Feedback

Search URL Search Domain Scan URL

URL: https://triblive.com/resource-center/
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://tribtotalmedia.com/triblive-scholarship-program/
Title: Scholarship Opportunities

Search URL Search Domain Scan URL

URL: https://triblive.com/opinion/send-a-letter/
Title: Send Letter to the Editor

Search URL Search Domain Scan URL

URL: https://tribtotalmedia.com/subscriber-services/
Title: Subscriber Services

Search URL Search Domain Scan URL

URL: https://mediakit.triblive.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://advertisers.triblive.com/onlineMagazines/
Title: eFeatures

Search URL Search Domain Scan URL

URL: https://www.instagram.com/triblive/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/triblive
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://mediakit.triblive.com/marketing-minute/
Title: Marketing Minute

Search URL Search Domain Scan URL

URL: https://tribtotalmedia.com/tribune-review-store-and-other-retail-sales-locations/
Title: Store Locations

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/triblive-news-sports/id328217517
Title: TribLIVE App - App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.tribtotalmedia.triblive&hl=en_US
Title: TribLIVE App - Google Play

Search URL Search Domain Scan URL

URL: https://triblive.com/aande/
Title: Arts & Entertainment

Search URL Search Domain Scan URL

URL: https://bestofthebest.triblive.com/
Title: Best of the Best

Search URL Search Domain Scan URL

URL: https://community.triblive.com/businesses/
Title: Business Directory

Search URL Search Domain Scan URL

URL: https://triblive.com/circulars/
Title: Circulars

Search URL Search Domain Scan URL

URL: https://contests.triblive.com/
Title: Contests

Search URL Search Domain Scan URL

URL: https://triblive.com/news/coronavirus/
Title: Coronavirus

Search URL Search Domain Scan URL

URL: https://triblive.com/lifestyles/
Title: Lifestyles

Search URL Search Domain Scan URL

URL: https://triblive.com/local/
Title: Local

Search URL Search Domain Scan URL

URL: https://triblive.com/news/
Title: News

Search URL Search Domain Scan URL

URL: https://triblive.com/opinion/
Title: Opinion

Search URL Search Domain Scan URL

URL: https://mediakit.triblive.com/advertising-services/
Title: Our Publications

Search URL Search Domain Scan URL

URL: https://realestate.triblive.com/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://triblive.com/sports/
Title: Sports

Search URL Search Domain Scan URL

URL: https://triblive.com/news/weather/
Title: Weather

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: Cookie Settings

Search URL Search Domain Scan URL

URL: https://triblive.com/termsofservice/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://get.civicscience.com/jspoll/5/csw-polyfills.js HTTP 302
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

Request Chain 109

https://embed.sendtonews.com/player3/embedcode.js?fk=vIM6lqgG&cid=6108&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
https://embedcdn.sendtonews.com/easy-stn-player/7.32.20/embed.js

Request Chain 156

https://www.civicscience.com/jspoll/5/csw-polyfills.js HTTP 302
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

Request Chain 245

https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.11.0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.11.0&b=1&g=cpyDI3GJmFkml6%2FzzDUVMbnnNFiOZZBdD3F9Z7nN3Fw%3D

Request Chain 258

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&adnxs_id=1447797381590436190&gdpr=0

Request Chain 259

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001718507912-ZSL7TGKF-2QIV&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=73ded3fb-f278-44ca-b585-e3ed7a583ed1&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV

Request Chain 260

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=B189D484-52ED-4153-9C61-F2C13B189207&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV

Request Chain 262

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=762d2973-37f1-4ba8-a3a8-936295cb82a7%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001718507912-ZSL7TGKF-2QIV%252526tapad_id%25253D762d2973-37f1-4ba8-a3a8-936295cb82a7%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=73ded3fb-f278-44ca-b585-e3ed7a583ed1&ttd_puid=762d2973-37f1-4ba8-a3a8-936295cb82a7%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001718507912-ZSL7TGKF-2QIV%2526tapad_id%253D762d2973-37f1-4ba8-a3a8-936295cb82a7%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&tapad_id=762d2973-37f1-4ba8-a3a8-936295cb82a7

Request Chain 263

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&google_gid=CAESEOrecNrDJveWXW9I8l2vZU8&google_cver=1&google_ula=450542624,0

Request Chain 264

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxODUwNzkxMi1aU0w3VEdLRi0yUUlW

Request Chain 266

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&sas_uid=[sas_uid]&gdpr=0&cklb=1

Request Chain 267

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=3826354025297189963&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV

302 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/ 146 KB
146 KB 513ms
291ms Document
text/html 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 76bf244306d8cd21c0a92a27dff2d373982081082765133743ee5c52138f820f

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 16 Jun 2024 03:18:27 GMT
link: <https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/>; rel=shortlink
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips

GET
H2 200 fp.js Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/functions/scripts/ 46 KB
46 KB 128ms
126ms Script
application/javascript 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/functions/scripts/fp.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: f562b156c87077217e04efb44c5d87ef05f9bbe800ec355a86c7d73686c9f44d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "b7e9-61acaa8161780"
content-length: 47081
content-type: application/javascript

GET
H2 200 ttmTools.js Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/functions/scripts/ 7 KB
8 KB 127ms
125ms Script
application/javascript 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/functions/scripts/ttmTools.js?ver=2024-06-15pm
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 4ee4c59b6a89d90dcd3ecd7ffe67f75c011409bc5732163dfe608284a36daef2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "1d4f-61acaa8161780"
content-length: 7503
content-type: application/javascript

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 135ms
51ms Script
application/javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 03:18:27 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: YmFgVUTeB0lXZXM9YgX19A==
age: 14333
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Thu, 30 May 2024 01:33:03 GMT
server: cloudflare
etag: 0x8DC804872C8CD68
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3d6320ca-f01e-0055-20f8-b23b37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8947a71509579ab9-MIA
expires: Mon, 17 Jun 2024 03:18:27 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/triblive/ 14 KB
7 KB 396ms
62ms Script
application/javascript 18.238.49.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/triblive/op.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-67.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c13d04ce8a8ae9d5ef4e8f1f915b759ccc9646386a4f743d9b46528a6d818b7e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:09:04 GMT
content-encoding: gzip
via: 1.1 7933995c46b01504206ecd6d3dfa5d10.cloudfront.net (CloudFront)
x-amz-version-id: RCUxcQdK55hQ.pRnMGtYE890gCldYnR9
x-amz-cf-pop: JFK52-P3
age: 565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6666
x-amz-meta-git_commit: 904ac2d
last-modified: Sat, 15 Jun 2024 17:53:01 GMT
server: AmazonS3
etag: "3f765a36b788e55366cd4d9a89cafc4f"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: NrCNpzG77qL-y7mhS6jDvIuF-zP0ADrvU-6W_0s52JbIEQE3MFBnbA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 96 KB
31 KB 296ms
134ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24cb81adf275f417b3171c20437dd23d50284758093dad74ab48dd71c95f60d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30767
x-xss-protection: 0
server: cafe
etag: 87 / 19890 / m202406110101 / config-hash: 2657906958883330822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 03:18:27 GMT

GET
H2 200 i.js Show response
tag.bounceexchange.com/3398/ 6 KB
3 KB 351ms
34ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/3398/i.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 86260408ac5824b944780a7997b9a938fabeb055171807f11ced8465d93ea41a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:17:23 GMT
content-encoding: gzip
x-envoy-decorator-operation: tag-router.tag-router.svc.cluster.local:80/*
via: 1.1 google
age: 65
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2671
server: istio-envoy
etag: 38bb061814c145
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect

GET
H2 200 smartbanner.min.css
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/css/ 3 KB
3 KB 134ms
134ms Stylesheet
text/css 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/css/smartbanner.min.css
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: a5a5e4b90634f91553bde7476a11e4f49ec83ae15f5be30304644b8b6b9202dc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "c9b-61acaa8161780"
content-length: 3227
content-type: text/css

GET
H2 200 story.css
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/css/ 5 KB
5 KB 115ms
112ms Stylesheet
text/css 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/css/story.css
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 0124b695c7c31d57d715eebe668e348a03ca1cb5cbb573fa1e79aa2ce6b3210d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "153c-61acaa8161780"
content-length: 5436
content-type: text/css

GET
H2 200 triblive.min.css
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/css/ 206 KB
206 KB 118ms
115ms Stylesheet
text/css 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/css/triblive.min.css
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 9baac1819a4feff56a27ebf6c019a035217c7738af8fd1515281e2b27c0769fb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "33621-61acaa8161780"
content-length: 210465
content-type: text/css

GET
H2 200 mesearch.css
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/css/ 108 B
280 B 116ms
113ms Stylesheet
text/css 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/css/mesearch.css
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: c646ff7bcc2b746ff149c41b6495ee20edbe3398903ca6678f85e92486f6cfe8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "6c-61acaa8161780"
content-length: 108
content-type: text/css

GET
H2 200 trib-custom.css
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/css/ 23 KB
24 KB 181ms
179ms Stylesheet
text/css 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/css/trib-custom.css
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 6b7f5b25c667479eba0f35c8a6235fff3a8e30ca06aff6599e7f1818391db0fa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "5d55-61acaa8161780"
content-length: 23893
content-type: text/css

GET
H2 200 /
cloud.typenetwork.com/projects/367/fontface.css/ 1 KB
2 KB 116ms
32ms Stylesheet
text/css 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.typenetwork.com/projects/367/fontface.css/

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b25e755bb5c3beb124f7997f0026a6d3b072d99a07031293166a542ef0cfb3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
date: Sun, 16 Jun 2024 03:18:27 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
x-amz-request-id: tx00000321a354164d4a01f-00656a25c2-7a135a4e-nyc3c
age: 240569
x-envoy-upstream-healthchecked-cluster
x-cache: HIT
x-amz-meta-surrogate-control: max-age=604800
content-length: 1152
x-served-by: cache-mia-kmia1760031-MIA
last-modified: Thu, 06 Apr 2023 16:09:39 GMT
server: cloudflare
x-timer: S1718507907.454749,VS0,VE0
x-amz-meta-tn-allowed-domains: triblive.com localhost newsengin.com
etag: "39b5afa9dee323caa82e9bdab4260641"
x-amz-meta-surrogate-keys: license-305866 license-305865 projectlicense-1796 projectlicense-1797 project-367
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
x-do-cdn-uuid: e0b8e117-600f-44bb-8bea-69893ced3820
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 83158eea2d21daad-MIA
x-cache-hits: 92

GET
H2 200 fontawesome.min.css
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/css/ 79 KB
79 KB 115ms
114ms Stylesheet
text/css 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/css/fontawesome.min.css
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: f8bd27657d5373067aa3e9d8885497855c6284d495706dfb1ccdf0cdc0bc3391

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "13bb7-61acaa8349c00"
content-length: 80823
content-type: text/css

GET
H2 200 brands.min.css
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/css/ 18 KB
19 KB 181ms
179ms Stylesheet
text/css 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/css/brands.min.css
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: f4ab507a816906136d0ea985f089ee666acd8a10850ec718e67cd98ca23a8081

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "49a7-61acaa8349c00"
content-length: 18855
content-type: text/css

GET
H2 200 solid.min.css
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/css/ 572 B
744 B 113ms
112ms Stylesheet
text/css 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/css/solid.min.css
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 4de6067d6c116b81dd1a4fcd252e3c3e2297ae01c576b63fabac8f8655b4787a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "23c-61acaa8349c00"
content-length: 572
content-type: text/css

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 504ms
70ms Script
application/x-javascript 2600:9000:24f1:800:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:800:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 02:28:25 GMT
content-encoding: gzip
via: 1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 3003
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: GLJiZhP3Ylpv9gHzaf9BLIxRxlAnyRWc94p3QBqePlSQ1jbklzHhpA==
expires: Sun, 16 Jun 2024 04:28:25 GMT

GET
H2 200 TribLIVElogo.png
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/head/ 2 KB
2 KB 153ms
153ms Image
image/png 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/head/TribLIVElogo.png
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: da4737985a1f7986caa995482679b3aaded91548740b995975e3f48ebd6511e3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "758-61acaa8349c00"
content-length: 1880
content-type: image/png

GET
H2 200 classic-themes.min.css
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-includes/css/ 291 B
462 B 153ms
153ms Stylesheet
text/css 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-includes/css/classic-themes.min.css
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:20 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "123-61acaa7ba8a00"
content-length: 291
content-type: text/css

GET
H2 200 51cb34ae-6aa9-4f80-834a-1bf7ceab89ca.json Show response
cookie-cdn.cookiepro.com/consent/51cb34ae-6aa9-4f80-834a-1bf7ceab89ca/ 2 KB
2 KB 260ms
195ms XHR
application/x-javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/51cb34ae-6aa9-4f80-834a-1bf7ceab89ca/51cb34ae-6aa9-4f80-834a-1bf7ceab89ca.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

002223751afd83ca7107f5b8081a10597a3d42526b4423d8dcad8c041fc19537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 03:18:27 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: 9BQTyzB6XzRx0nZqgCqnpQ==
content-length: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 18 Aug 2020 11:15:23 GMT
server: cloudflare
etag: 0x8D843680071FA40
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 34bb9ed4-901e-000e-1fa9-bd020c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8947a71639fb099a-MIA

GET
H2 200 sassy-social-share-public.css
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/plugins/sassy-social-share/public/css/ 10 KB
10 KB 70ms
69ms Stylesheet
text/css 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "2752-61acaa8161780"
content-length: 10066
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 198ms
60ms Script
text/javascript 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 370480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 20:23:47 GMT

GET
H2 200 58c54340-9e85-0136-3ff3-06659b33d47c Show response
tag.simpli.fi/sifitag/ 0
449 B 401ms
76ms Script
application/javascript 34.171.47.125
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/58c54340-9e85-0136-3ff3-06659b33d47c
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.171.47.125 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 125.47.171.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:28 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
x-request-id: F9ld1meRpPN1fpkQ6jBB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nnnicon.png
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/other/ 6 KB
6 KB 70ms
69ms Image
image/png 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/other/nnnicon.png
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: ca648ea619ca5219bdb5c7aaa4a9d15527e9f9b8afb314602bc84311ed5217a8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "1602-61acaa8349c00"
content-length: 5634
content-type: image/png

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/ 463 KB
144 KB 66ms
60ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2f25671517f19b9c477ca58527ed79a2f3902d04de4d0032c91caede08c885f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 02:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3810
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147307
x-xss-protection: 0
server: cafe
etag: 17342946017096099043
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 16 Jun 2025 02:14:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 108 B
112 B 247ms
122ms XHR
application/json 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

4c616e8e0976d1f702bfd412be45dc574b304cfc8f40c758f3a5b800c31f5adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:27 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 134ms
57ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8947a717fd9ca569-MIA
access-control-allow-headers: Content-Type

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 352 KB
111 KB 431ms
116ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNZ6CV4

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec2f607eb8d72d02304be94e060dae64a93a875fae8dcdc36f8ff36e3f9ab6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113278
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jun 2024 03:18:28 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 365ms
59ms Script
application/javascript 18.238.49.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-105.jfk52.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:08:20 GMT
content-encoding: gzip
via: 1.1 38d213e81ab517fd857234c4eccd4632.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
age: 608
x-cache: Hit from cloudfront
content-length: 1696
last-modified: Fri, 19 Apr 2024 13:10:40 GMT
server: Apache/2.4.54 (Debian)
etag: "1090-61672d079f400-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: EvyYcwFzWeMFJErvb8sLgU_Tbm_gA1O8Ifn0zlw9DYatjO_sMfr6Aw==

GET
H/1.1 200
OK fi_client.js Show response
ecdn.firstimpression.io/ 353 KB
92 KB 395ms
90ms Script
application/javascript 52.85.61.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-120.ewr53.r.cloudfront.net

Software

Apache/2.4.54 (Debian) / PHP/8.2.0

Resource Hash

17cdbd32fb1ba8f4e2087492e8a3f648fecc18ef52a44fc86e5fba2d1e48df49

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 03:00:58 GMT
Content-Encoding: br
Via: 1.1 e5bd532dbdee524acdf00690205f3b5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-P1
Age: 1050
X-Powered-By: PHP/8.2.0
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 0
Last-Modified: Sun,16 Jun 2024 03:00:58 UTC
Server: Apache/2.4.54 (Debian)
ETag: W/"95f51b22643f9dfc234d44d3686daaab"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-Amz-Cf-Id: a6V7N2S9nVt7RWUAlhEXYtEESymRj7Z8_6i5ABo4U88n_Gsbo3KFkA==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 512ms
82ms Script
application/x-javascript 2600:9000:24f1:800:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:800:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 02:13:11 GMT
content-encoding: gzip
via: 1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 3917
etag: W/"665fad8c-9895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: VvcDo0y60x_exN1ZrrfecwTBiaQ8xY0_FXkdS8virGAHUUnNKbPplA==
expires: Sun, 16 Jun 2024 04:13:11 GMT

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.4.0/ 324 KB
68 KB 47ms
46ms Script
application/javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.4.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d165f84e466f4d1c4e4840e7bddf5e6e0114e114cf2c555078c40719498430dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 03:18:27 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: OXmd51EQ9oHx+DG8SQeJEg==
age: 32086
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68972
x-ms-lease-status: unlocked
last-modified: Thu, 06 Aug 2020 19:47:46 GMT
server: cloudflare
etag: 0x8D83A4197860979
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e2b22bae-701e-004b-22c3-79d7ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8947a7187dfc9ab9-MIA
expires: Mon, 17 Jun 2024 03:18:27 GMT

GET
H2 200 opensans-regular-webfont.woff2
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/fonts/ 18 KB
18 KB 250ms
249ms Font
application/octet-stream 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/fonts/opensans-regular-webfont.woff2
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 9cde9396699620f67d5b594f00c4e52a2c33f16f262425e416717a5f59d2af34

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "4914-61acaa8161780"
content-length: 18708

GET
H2 200 fa-solid-900.woff2
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/webfonts/ 147 KB
147 KB 251ms
250ms Font
application/octet-stream 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/webfonts/fa-solid-900.woff2
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/css/solid.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/css/solid.min.css
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:27 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "24a04-61acaa8349c00"
content-length: 150020

GET
H2 200 711_vdef_baa6e6f83f_705.woff2
fastly-cloud.typenetwork.com/projects/367/ 24 KB
25 KB 377ms
122ms Font
font/woff2 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fastly-cloud.typenetwork.com/projects/367/711_vdef_baa6e6f83f_705.woff2?ddc0ee1b29f22d0bf691ca97fc73962a4cad3c8e

Requested by

Host: cloud.typenetwork.com
URL: https://cloud.typenetwork.com/projects/367/fontface.css/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bff6fed30551c83dc284d4251dfe05dd2206f8824682cb7cdb462c672ce57f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cloud.typenetwork.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
date: Sun, 16 Jun 2024 03:18:28 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
x-amz-request-id: tx000004fd19937d3ff4aa8-00666b14e6-a43333bb-nyc3c
age: 0
x-envoy-upstream-healthchecked-cluster
x-cache: MISS
x-amz-meta-surrogate-control: max-age=604800
content-length: 24852
x-served-by: cache-mia-kmia1760063-MIA
last-modified: Thu, 06 Apr 2023 16:09:42 GMT
server: cloudflare
x-timer: S1718507908.193717,VS0,VE90
x-amz-meta-tn-allowed-domains: triblive.com localhost newsengin.com
etag: "fb0b559cb730ca7135035fab37ed2be3"
x-amz-meta-surrogate-keys: style-1809 family-194 project-367 projectlicense-1797
access-control-allow-methods: GET
content-type: font/woff2
access-control-max-age: 0
access-control-allow-origin: *
x-do-cdn-uuid: e0b8e117-600f-44bb-8bea-69893ced3820
x-rgw-object-type: Normal
cache-control: max-age=600
x-amz-meta-tn-plw-id: 1797
vary: Origin,Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 8947a71a3b526db0-MIA
x-cache-hits: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 7310 0
0 435ms
65ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28337
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 03:08:22 GMT
expires: Sun, 16 Jun 2024 03:58:22 GMT
last-modified: Mon, 10 Jun 2024 20:12:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 360 KB
34 KB 501ms
500ms Fetch
text/plain 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=765713998858300&correlator=3998496537337989&eid=31084450%2C31084575%2C44777901%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406110101&ptt=17&impl=fifs&iu_parts=207845991%2CSponsor_BTF_1%2CLeaderboard_BTF_1_NoAdx%2CSponsor_STF_1%2CLeaderboard_STF_1%2CSponsor_ATF_1%2CLeaderboard_ATF_1%2CSponsor_BTF_2%2CLeaderboard_BTF_2%2CBigBox_ATF_1%2CBigBox_BTF_1%2Crichmedia%2CPencil_Leavebehind_ATF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=224x90%2C728x90%2C224x90%2C728x90%2C224x90%2C728x90%2C224x90%2C728x90%2C300x250%2C300x250%2C1x1%2C978x106%7C976x30%7C976x300&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1718507907942&lmt=1718507907&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C320&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C178&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&url=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C960x0&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C960x0&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=823291055.1718507908&ga_sid=1718507908&ga_hid=2055098180&ga_fc=false&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1718507907269&idt=581&prev_scp=test%3Dlazyload%7Ctest%3Dlazyload%7Ctest%3Dlazyload%7Ctest%3Dlazyload%7Ctest%3Dlazyload%7Ctest%3Dlazyload%7Ctest%3Dlazyload%7Ctest%3Dlazyload%7Ctest%3Dlazyload%7Ctest%3Dlazyload%7Ctest%3Dlazyload%7C&cust_params=site%3Dtriblive.com%26cstmSctn%3DHomepage%26conType%3DPage%26content%3DHome%252CROS&adks=55598790%2C1568994610%2C1282860626%2C3823132508%2C2079050627%2C3153238195%2C3179190747%2C976320850%2C625904948%2C4040864865%2C592247950%2C672412093&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

75a6c35fc5243f7ad007302f8c4b966fb0e5679160cc1e9065a2240f8987e11a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34811
x-xss-protection: 0
google-lineitem-id: 6218453497,6047228381,858697991,-2,6737115483,6736251305,5972340911,-2,6736250528,6047227196,6737481508,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138422030627,138395502488,93025641791,-2,138479074966,138474767113,138386981120,-2,138474205118,138396092149,138479478289,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
803fdae72fe670ac65bcac8d4ee7a82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C171 0
0 392ms
83ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://803fdae72fe670ac65bcac8d4ee7a82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 03:18:28 GMT
expires: Sun, 16 Jun 2024 03:18:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fa-brands-400.woff2
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/webfonts/ 107 KB
108 KB 265ms
265ms Font
application/octet-stream 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/webfonts/fa-brands-400.woff2
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/css/brands.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/font-awesome-6/css/brands.min.css
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "1acf0-61acaa8349c00"
content-length: 109808

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/51cb34ae-6aa9-4f80-834a-1bf7ceab89ca/3565640a-c953-494d-858d-2827e8d08e64/ 133 KB
19 KB 339ms
338ms Fetch
application/x-javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/51cb34ae-6aa9-4f80-834a-1bf7ceab89ca/3565640a-c953-494d-858d-2827e8d08e64/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.4.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0649bd6e3b2432eb940d6f1758a4f4a560ea054495452fb967fff918d7a577e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 03:18:28 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: Y8G9aZYSJnUElnerFSVG5A==
content-length: 19640
x-ms-lease-status: unlocked
last-modified: Tue, 18 Aug 2020 11:15:29 GMT
server: cloudflare
etag: 0x8D84368042BFAAC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2d29c95c-601e-001a-30a9-bd4a63000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8947a719fdaa099a-MIA

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 195ms
59ms Image
image/x-icon 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 20:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 20:11:11 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 229ms
60ms Image
image/svg+xml 23.56.163.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.163.191 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Jul 2024 03:18:28 GMT
date: Sun, 16 Jun 2024 03:18:28 GMT
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1708851030.144644"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 BreakfastWithBenzPromo.jpg
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/mugshots/ 22 KB
22 KB 73ms
71ms Image
image/jpeg 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/mugshots/BreakfastWithBenzPromo.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 2be9d43e2e534c4819e1433d382c3b61c95c4c86fb450a4f8afbb6ef6b081a1c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "5662-61acaa8349c00"
content-length: 22114
content-type: image/jpeg

GET
H2 200 tv-talk-banner.jpg
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/other/ 13 KB
13 KB 76ms
76ms Image
image/jpeg 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/other/tv-talk-banner.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 51125ddd8c48732083e670f42844a8d409fcc9b7205f96ed17d6346ebb174000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "34e7-61acaa8349c00"
content-length: 13543
content-type: image/jpeg

GET
H2 200 GotNewsBannerCamera.png
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/other/ 14 KB
14 KB 74ms
74ms Image
image/png 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/other/GotNewsBannerCamera.png
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 73b28c8abb50de116892581c994318aae38e4c8b436abe1094daa7270e9081db

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "36af-61acaa8349c00"
content-length: 13999
content-type: image/png

GET
H2 200 handlebars.js Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/players/ 160 KB
160 KB 74ms
74ms Script
application/javascript 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/players/handlebars.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 02e9c70478b4ed0444cfa8a953983e0a0388b731ec7b07662bd667d56816bf2c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "27e1d-61acaa8161780"
content-length: 163357
content-type: application/javascript

GET
H2 200 fontawesome-webfont.woff2
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/fonts/ 70 KB
70 KB 80ms
79ms Font
application/octet-stream 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "118d8-61acaa8161780"
content-length: 71896

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.4.0/assets/ 12 KB
3 KB 200ms
186ms Fetch
application/json 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.4.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.4.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 03:18:28 GMT
content-encoding: gzip
cf-cache-status: MISS
content-md5: 6gV+HVzh3FZtolGVOUCRaQ==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3248
x-ms-lease-status: unlocked
last-modified: Thu, 06 Aug 2020 19:47:34 GMT
server: cloudflare
etag: 0x8D83A4190B593A4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a847101d-101e-002f-7e9b-bf2677000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8947a71b6f73099a-MIA
expires: Mon, 17 Jun 2024 03:18:28 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.4.0/assets/ 61 KB
15 KB 183ms
176ms Fetch
application/json 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.4.0/assets/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.4.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 03:18:28 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Ks8d5YTomxp0YggJVomz8A==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14901
x-ms-lease-status: unlocked
last-modified: Thu, 06 Aug 2020 19:47:35 GMT
server: cloudflare
etag: 0x8D83A41910E4DCD
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1862492c-f01e-0008-40a9-bd31b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8947a71b6f78099a-MIA
expires: Mon, 17 Jun 2024 03:18:28 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 197 B
519 B 157ms
67ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=triblive.com&domain=mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e47ce84991c458c8f17232fec78048b31136f5af236a4c4b256b387e951219cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 16 Jun 2024 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 161
x-served-by: cache-mia-kmia1760025-MIA
x-timer: S1718507909.513485,VS0,VE37
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Fri, 14 Jun 2024 03:18:28 GMT

GET
H/1.1 200
OK spc_fi.php Show response
cdn.firstimpression.io/delivery/ 2 KB
2 KB 260ms
123ms XHR
application/json 52.85.61.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=6888&url=%2F&charset=UTF-8&ch=17&ref=mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&viewerId=null&aad=1&referer=&_firid=98108992
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-120.ewr53.r.cloudfront.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: c8a6db0071ffad48a7e97d548c95976c40fcd145b57cb96eab4b9d0923577a25

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 03:18:28 GMT
Content-Encoding: gzip
Via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-P1
X-Cache: Miss from cloudfront
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Content-Length: 924
Pragma: no-cache
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: HTTcfzMtk1oL7fAGatFX6LJ4G-SU4GI-B6np6QulCXr3HjxXpxhTtA==
Expires: 0

POST
H2 200 / Show response
measure.analysis.fi/ 2 B
273 B 265ms
131ms XHR
application/json 18.238.49.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://measure.analysis.fi/
Requested by: Host: ecdn.analysis.fi
URL: https://ecdn.analysis.fi/static/js/fab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-62.jfk52.r.cloudfront.net
Software: /
Resource Hash: 5ec1f7e700f37c3d0b2981d04855fc34b94aaa15457b05ca571817442d228f81

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
via: 1.1 932eefec422d884c28f3c110319f29fe.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
x-cache: Miss from cloudfront
access-control-allow-methods: POST
access-control-allow-origin: *
content-type: application/json
x-amz-cf-id: 11KZsWfwhiQpfPqsDGVqUjzwoDg4-nGQzngmNDLkzmti_6lknByqxg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D94D 0
0 124ms
124ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIOi_WlxjTfn8Grm3hFUKh1cOUuA2VUCKr7SBMREYT8SfcNk1cSGX4fKHvr9GJZGL4j0gaJE57q11KthcM8nnobFOMf-ks2n_cmce5746kPhbariYe4U4DacL-aNG6Ou6dEwcktBxS0jrA_wr_RuNCg3ppDMCUDM34q8nl1y_mpm1zyhBbn2axrqJ9yJ-4lopDT5cWtzMHPrTWvdAXxeRbsoIrxeq3cZdSrtvzpwSkp852z5ispOxufC1O6gpyxkrEP6qy6n6Az2isHkKfJrTblQOBNVn5S7P-TuzVSX6mIDBifRm07GX5uYe7PoQnN4KpJl3B6b9GFgl1ygwy6olvIFn63orNNiFe9PmX36HYt6UCWgte9-vXm3c3qcBNCrUQ5dP5HwWGuhsuRk03_g&sai=AMfl-YQY1AaCQpOpm25ywKSzRhYNZF6b5GfzBHpqKVixRIMz6K5mDBg13XjY8f5U3cGwsYQ_l3Q-c0hrzavvA-LQWYc4b0IMTNkryT-Jd9viCVx1yRIuF45U61tVxd9fbD-9i9egTotyuZNGbSV00RoOd5c&sig=Cg0ArKJSzM9USAFG8At0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:28 GMT

GET
H2 200 wallpaper.js Show response
files.triblive.com/banners/wallpaper/ Frame D94D 1 KB
835 B 149ms
66ms Script
application/javascript 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.triblive.com/banners/wallpaper/wallpaper.js?1229168247
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6f12e6fe28dfb472be821df4993f21be3037426930b37aa29d78edad54f05f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
x-amz-version-id: eRgY8d1iVnBe8uXGXA64bAucnxLGlAkg
via: 1.1 1bcde066110a083e8018c44defbfda9e.cloudfront.net (CloudFront)
cf-cache-status: MISS
last-modified: Tue, 08 Nov 2022 21:36:08 GMT
server: cloudflare
x-amz-cf-pop: MIA3-P7
etag: W/"52908ee59045aab58b6e7d5baef648d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
content-encoding: br
cache-control: max-age=14400
cf-ray: 8947a71cfa868da2-MIA
x-amz-cf-id: tlpw37BNrbFmh0FnoSDlCFh7NRAlT3nd6rSvAfKwpTewTX9vfADm4g==

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D94D 211 KB
64 KB 193ms
59ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

1af4b04a9fb1a9a81fa7dceb938120b87e0676df404575691943b58479c6d19b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65936
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 04:05:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D26E 0
0 123ms
123ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ8TsLH_hB6bYwBO53FHs40l4DFx3qv442e-IKct3Y6NnulTV_S17PmRNT3cpPosKQBSn4fY0odGx0zgGEmVOTL8FVDZEp8EZJ3ivRniqJa_dTypbKt7TXhQzTJtDRQR9l-9wv7fgIFRkjRPdokBt3N12VIhCZfi5-w_m1KBAmlzqCWVfv7Dr9j3jDYOedRhAOG_eHVHC_l4mNkGYJHiOLXw92fd2fAlwR01nq41pEW8ogwnPeIs4MajCTZdrljinqB1xjmNVgyuQMzKgsk1mqQIS9Q9k7v9u5wWpoPAwB2VwZEMwCpouErN6TwARHHT58aRwUPQxyd3nFZ2fa0M9CxN0E3DQtueQvwNsuIPoh-wrA3RoPOt6a8r6OFj2DUtfOKAc8tpzstgqUkzM7bIvCe6UkZ_HP2jXkoVsN6iiWVGO8OBk8EI1tQD7gEfwawA&sai=AMfl-YREuJjeYI_sglegWnHqRxjBcCOya3ppSFIEOepvK1uK0Bz1TmtmZOOZGcFxGq8X2To5L3rtgqI5fXlZ15XvkYxY4yWbQGNN8w0a8I5aDGFLsvO5DqcMdTs77aWqWAMj_kOe8QZazRnPu1dmHF1HOMQ&sig=Cg0ArKJSzCpK8X3CwlvrEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240612/r20110914/client/ Frame D26E 3 KB
2 KB 212ms
62ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240612/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 21:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 21:00:29 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D26E 211 KB
0 181ms
181ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

1af4b04a9fb1a9a81fa7dceb938120b87e0676df404575691943b58479c6d19b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65936
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 04:05:41 GMT

GET
H2 200 16237830365066739347
tpc.googlesyndication.com/simgad/ Frame D26E 57 KB
57 KB 266ms
117ms Image
image/gif 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16237830365066739347

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ede3bf9e3f2e5db1586206300c29ef3a6ad704eaa7603b2ef7f8d46450b63b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 18:09:32 GMT
date: Wed, 12 Jun 2024 18:09:32 GMT
x-content-type-options: nosniff
age: 292136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58016
x-xss-protection: 0
last-modified: Fri, 03 May 2024 17:08:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1626 0
0 122ms
121ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTmwpkO_WS2UKc-T276RoiOuamk4vDqWJwheJzY4inZOsZ0kgtORCqLUQvymauH_cNEOBY1uNvmCx_1bgWmLtqrbk4siI7K2ij7JY3G1PDGeBHv6fs6B60jxK5cR-CM402UgCYha3NFGPcqwgSp4e9X8H5LVSakGzN16NVYOI-5sAPVo8ai5RH4K991x7FIhUujMYSdKyGU5JenlxpkbVjuqGskCC_xekzjc6MYfKSQ__33UXMGvabZT6eQ9UXVI5V2d-MlsCwaDaQgm3qUE8PklFEHPJ6mvyFZYwjJlzo0b9qEYC_I24GyN0JDTbu1xt_TzLPtfp0U_618WqJZ4bdopBtjBrfrdQpEWw0gNd5bzo_3QLTZjlLFbHa9JcOJr5IIqPtAVI3zWR6QXxtGSthYxHjI6CrWeuSBZCj2PNhpluSAR0K72RDh1w&sai=AMfl-YSouhuHAK0DqjPfAcDjIPDAuekBP_r1t6tCKw-AlHFCfvUfY7X5l9YHt6X8uBLIev9NHmyF1SMFZ8McNSkSMnLJ9J39ajAL7WXB9kCDCMARu-mvWpiQo_1lwq8GADlcp6TIuyKmov3dGfjMEvvoFm8&sig=Cg0ArKJSzCTR17vzItqjEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240612/r20110914/client/ Frame 1626 3 KB
0 203ms
203ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240612/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 21:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 21:00:29 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1626 211 KB
0 170ms
170ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

1af4b04a9fb1a9a81fa7dceb938120b87e0676df404575691943b58479c6d19b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65936
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 04:05:41 GMT

GET
H2 200 7986896832670283108
tpc.googlesyndication.com/simgad/ Frame 1626 60 KB
60 KB 291ms
154ms Image
image/gif 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7986896832670283108

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58e75c96398251a93276df6a8b8c82e861bf48c495ff42bc0b524fc5a1f2932f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 18:04:32 GMT
date: Wed, 12 Jun 2024 18:04:32 GMT
x-content-type-options: nosniff
age: 292436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61497
x-xss-protection: 0
last-modified: Fri, 03 May 2024 17:09:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FF3 0
0 125ms
124ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk6pXtBCqbFBuLePLpeSEdUXgkOp4OEQ6ELCoHJM5M_ns-CuaoAlNNoQ0bk2Qi48iVfH7c4beR0eePjgTjTi_DbzLtqdVJK72rU2pziCJbLTrPZ6zCd1irS1LWUVHbLDjsAuwmr2yKj2zvqTY286qoXloSbyEmIRk5Kt_JQ4x7j43nyeNnmBbXw0DKXZdjl9_PtPKwQn6h_e9GvLOK0C2ESkGhENZGO8cap9u7_hfhp0BNfvyUSqsEbWzDbHflNI7iLWJqVQVT6AqIyyhTB6OKMQmWyA2bEcxFYvuLMs7aW_exu6u_xh2cLNChGaRbAuIWKfQsqsZspGL2f5oUXBTvYhJMXAfNvT_l8RTrkHcgJsbWc7adDCIwE78qExMWpsoaILAso1vIxtvDV3ZUa5VuThk&sai=AMfl-YTIPdcC6EdcDgycTUdgYY9b0JVi4d6YOoTzb9CVou_uZbp9wy3Td6S2tqol3jM3XKHHOp_3wgF_oPHNJtx4ghFwpSpztDX7FnZaK_9rNYdxMx938eZV8LUwlEBy6cwPJuf0ZnUjo7BmJonPpUr72L8&sig=Cg0ArKJSzLpQ_CxzUpETEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240612/r20110914/client/ Frame 3FF3 3 KB
0 191ms
191ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240612/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 21:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 21:00:29 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3FF3 211 KB
0 159ms
159ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

1af4b04a9fb1a9a81fa7dceb938120b87e0676df404575691943b58479c6d19b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65936
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 04:05:41 GMT

GET
H2 200 7919733551619896505
tpc.googlesyndication.com/simgad/ Frame 3FF3 17 KB
17 KB 316ms
191ms Image
image/png 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7919733551619896505

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251043076ee86cfc57713724d4a7e04825ec726c56d90170b1f9e433d831f1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 18:10:59 GMT
date: Wed, 12 Jun 2024 18:10:59 GMT
x-content-type-options: nosniff
age: 292049
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17778
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 13:11:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF2E 0
0 123ms
122ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw5He1JdrBCnjkv6Xyl1uSTVDb4qb1c-bjaGKLtOVBWCurTIeggKysb15xqLaZ-I9R9V-eQBJiv5G_OfNI_eVmzq8jE5i1zWaJSrCrPFfAR6f-dRxWqUttt4Oj57PmCyaj8KPzcfFn_1wCTDf7oOsE_z14YDwgAn8VV1U6sEy09XLFOFPA2kJhx6g9tVpLnhp9cgbfZwRLsN6jOMDXun2UPpwsk5QAIw6p4S3E82gNe4hwE4pWwKRQMQQ_yohsN5MzKcTuCBF9FgtEk3lGX8N1dSDKJl-_7YbjT3cCUctQTpHeSxiN6HWEM_KcH0dNmdHF824uj5Al1r8TrImLObPBBTjEYs5dgkij3FBkmlI93B4dDj-yk54Vy01yhqFTeSXaqxJHC9F_UY5EUT_zWHUZw8s&sai=AMfl-YQfsUld5Plee6Fato8O3QwiqUdqumoZNuK14Ohexei5fBY3n-PVCCrGb5AUegJuDMIiVjEpLJBlglh6PI90yFnJHqS8Wm1wxijtFhn6-ZTmmCnnZpR-mBrAMIx_CIlvQLEgZG3Lwk3fGZXwz-AlvuY&sig=Cg0ArKJSzNnrxeb6r2wjEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240612/r20110914/client/ Frame FF2E 3 KB
0 67ms
67ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240612/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 21:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 21:00:29 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FF2E 211 KB
0 147ms
147ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

1af4b04a9fb1a9a81fa7dceb938120b87e0676df404575691943b58479c6d19b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65936
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 04:05:41 GMT

GET
H2 200 7605738261546233274
tpc.googlesyndication.com/simgad/ Frame FF2E 16 KB
17 KB 168ms
63ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7605738261546233274

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deaa2ebfb2a756cf9bafc0d0795e66c672f8451c4bdcb87822bdf80f6a43041f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 17:53:15 GMT
date: Wed, 12 Jun 2024 17:53:15 GMT
x-content-type-options: nosniff
age: 293113
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16603
x-xss-protection: 0
last-modified: Sun, 24 Jan 2016 16:25:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame D26E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5009c577d9292651b0a789b070bd6d75f4f6964f7561ea8454fdbfe7cce2af91

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1626 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 910ff73862ed4bdf535faeac229680eaeb85ce8daa6fe255db68ee1b85f79261

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3FF3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0b25ef5e049d75cfce4182c9138a659e8caf40a3a2466ec985a25eafe60081c

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FF2E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 403b968c802d8beab0dba7b3436a1557f0800a473e7f479b41d0b1680160d494

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
105 KB 99ms
98ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LDVDC9JYS4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNZ6CV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c043afdf87f8578799ea585dcdd043496fb359ded3c473db39872a497f1b4028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107900
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jun 2024 03:18:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 200ms
60ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNZ6CV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 01:51:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5199
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 16 Jun 2024 03:51:49 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 97ms
97ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-712386318&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNZ6CV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e4704ba515d8e85bdd09aab4863b48433cfdfcf1e69c800a64ee7060060654f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83670
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jun 2024 03:18:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 200ms
62ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Jun 2024 03:18:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=12, mss=1297, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: Nx7qgLlEPiq7Bj6aQv7Jy5mAgK57UGW0ydAJYA8mpjGL4EIrGsuVWn6qy4S1AgdbnWstv1ODFBGHNCXflB6f9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 211ms
59ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNZ6CV4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 09:23:40 GMT
Content-Encoding: gzip
Via: 1.1 06d42d2d80190e168b9494192458b51a.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 64489
ETag: W/"a7eb6794e868fe870db350518165c868"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: vpbMNNHo5r-Ti7ORGevYXdDAyvA3LvL7ZKTv31bnchE8ruIbm3Nhsw==

GET
H2 200 4613446007969054664
tpc.googlesyndication.com/pimgad/ 237 KB
237 KB 240ms
240ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pimgad/4613446007969054664?&79

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35049bd7284f12feabdc00514109054984d88ec7a32d4e59f2dac7fa5a08339c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sun, 16 Jun 2024 03:18:28 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 242337
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 20:10:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 16 Jun 2025 03:18:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF2E 0
0 122ms
121ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvzgU6ToaZB_KqHUOYgoi9jKIr0Ak8MsNWxSn8faOxv1F3Y2vv8yii4mlRSA-DUvNs4iKqqSa1tUOM7OKTWqdTKu1cotT4vhYgReVCyhDA7gUPkOVFlRQFBahsktaBx1JvXC0Yog7re1Km7NdRbgLO_rX1opfB_eADaLRP6ywfOEU5K_K-rmDpUBh4d3BDJY1NzpsEGVD3523G7zlz2LdTLO0MEGGEXnKEsD5L6I--yMO48_oBoipjS0QmZZki6RHI6Q4tcJB0bW2MRzHHSX9ky90CJV_TqKbW2Rox1j49zCxueJkI3DpkWCpUCuKRiVjCtQ8Rld3XehrLFsLgFv8IImdzWvGvCAexs5D-lXUI29vy0OyVHLSrZpbpqAajg4fa46fFzgoH2WK-d13z7mtFLFtoVA&sai=AMfl-YQ7PwknQQiNLJ7mGWQWWDf3PllSfrtlTtpIN9Lh0AdPV3O0Q_PJBm1H66993LVbuzGyU1bcyglhHJMjykJsih8X_NRkRcGpeHeK9wltQOyi1v2aOfKoZEyDd-202K4kArqVe0Y6RrwsIXSbEc8E6hY&sig=Cg0ArKJSzOQ5_0TriFfcEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D26E 0
0 122ms
122ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2xwg-qdfIgIzp511FFX5_nphWhiJ_zoTAgakePlJwSVuMnCEZ8m37pIhtt4zrSmfBuMiKMkDK7g9PGB8JfMycBIM6UvbKhZ7nJzjlAeDz36wEEg4SNpZGnmMWDNf-PEdGrISn_LQWQAnw164kfVlqdvyMxxKieKi5V5cEvXaMtDzjz3QXLSmIwDF_mZ-g_4eS9XMhaVpQlvxQnbNYQVJ6WHKglo9rp8ORkyvI-lJ3hkl3Jl0Of5rPurPcEsvsm5xpW1th3nV3qR1orghMvZgfZTl92fOdgP02BWB_SAbjmsBkkv9vnpo4vHOmxY4mQ63eo8QYZchRUrCqieR01eVuDR9mwL2A-9yrPxgu06TXNeHDQhaFXrH_0xJwi4Lq0-m-dSnCw4kkqfJoN4ifW0Cbzvbu8Hi7ZHUnuDN7mn3-NN2ZK342BmtAGCJDsF47-HNu&sai=AMfl-YSXsGFotwiJuDHGAF4nCs8z93E_bYZA9w9cx5_B2w9N1CshfuT8TN6dOEmgL8XDTKZvV6SFAPY_glw72N_UOGrzJfW9Bm1CidOpJeLYdiPaofIXrmAfgwsIR18lQ9LYU6UVTcJ6Af2O0xyLil0P9GQ&sig=Cg0ArKJSzCSXDijLcGKuEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1626 0
0 122ms
122ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsua4UYQ8hd1uDRI_FkqOfuBO7HDL4avL1OK1p8AWpOoUdmUCo-LIdSFAmXd_yHIdkq20tLCchdcMWlaGbYwwq_vB47S_p2NbwVtw8fuSLiK6abClCcH1ro4tSz0x1hVDWYb2bOVUnKXvZCrcRqg-DHLfT4KMLAbLoFtFhQSHzbe6e3vl7t5LCzANnC1KIwGFD9B7FtnehP5YoQSS4StOuFjbBFZqHuSHYOa3Q9LAkqxj05BQJXvNkW7FPHnm_bE3XGVhGSNMiawXgdvlOUHWEOcCGu7mr6Cv-VzYNB3LuSpmGh6k4jb9Etuz6dGvOrv5d89jXvR3VRi3WV6azDM0svU-sZpuTI1dCr8vvCDWFacNt1CsY3ar1TBAAJaJ9e-XIV8XtGeT9Dvn-pdNpmi8eDoVuT8Y6oeMZkEmJjXJ6zFssiv6S6u-EvuihXPhQ&sai=AMfl-YSzGGlSAIuARah1oRcj8hWWiceHPLbPh8KVWHGhje1eb2FmusdLl6PTYG4qgtw7pTXjiD4F4AmMyON1GxonQD5CB4RCGeqnlZzELKw0Nuku3RUOui9YwYsY11EBTzf5q778iQgtst2t2q5VOIWZcLE&sig=Cg0ArKJSzHWOKHYCeoiZEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:29 GMT

GET
DATA 200
OK truncated
/ Frame D94D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6113e9800a31c7830969cc082c2c14e5b52e794170118e525812cd7469f156bc

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D94D 0
0 122ms
122ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5agwIbGeTMV7ay1Um9-nvG1EMaoZTthIoXIm1D3Z0Gyzk_kyQtiUxn4bO2p9xQkv__dhvu5YoLh3mGZ1nBRJzewUCn5DYn9TMD6TILTEsujFri2HWxKcwxXxhYBvO5iZLaEc0WxhWGEnMIPEcHfLgA9a3jpvtCNr7LyPJ9TBFqI-AYv5nsZedNATvV_NdOlLy4hSlEr2Oxdh93Mspizf5apl0p-TvB2-khaI9ezOFkBccRZxUZH_m44xq_7U8cKBw_INgnm11Z31LKEysdpqnnuh2K1uShGGO_Z-EMvOMR1KQjs3OD336QvHaNHvUNXeD_BkCRzym6Y43QacKnqYEADp529-2SMMwcQm12ZvqaHSY7T15a4RdJwJQhJDoYgozlwsKGYWlgi37buRHB_r1&sai=AMfl-YQHYKYaAXVRxMjFDzL_enqw8ih2Dq0QxgXs1PtIXSfe2J_zL4mkrumJEOOEjra1Hxjqb5N21f6AfO8X5tE52aSDGsyM9sv65EuYabtg-BxQP62L6xG6cpuJtx23ElxgwU_hPCw9bcPI7h4UsBgrIm4&sig=Cg0ArKJSzF9HflnQBCXiEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FF3 0
0 122ms
122ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIH9s4ALJuVTbAmUWGZAbaOP9iCrht1LcF0yIxne46fcWsPhGnvSICVl4d2hSlg6eOZo5ANgkWHBqTSAsf5hincHFIhSVYPgpyCMgVFdz3IHyA1_IYBOIGhLd0w2VWMrlT1vDAD-Cbbww_ugDmbh6OFUdmAtnSuQ4VskdvmIcaI91rcdl0C3SHtVPHcYCA9p1mnyxVCeu6AR2PVrW7R6Y3BcyKWgBmq3Xk-RHJNQnxUMmiuV9Ji9AmRXcrEiU6WkPsQBnllRul5rdkRMWM_uej7INDetPNQ4B4TgZSHMlLeuMcdNY0bL831_c8wv4nE9tE6XBTvnVfCZtnoAMW9_vF6Wq_oH8xVf643-5_r0RMkW9iRN_HtxW1x0QGD3iAzXQU5FGacbhTtO5wIiz0O2wGhbJuYA&sai=AMfl-YT6ZB9oMukq9xXvwCABf6px2iRxh1bpaQsdmoOUiSdhKTrArgfiSV08ly23vYVyRNg-QQqUxLtUgOjYQCOBlIUXA4Q-yBpyyYlINwl7yL3i_O-ahNV-meYZXlNPEFfOYJTKn1fF-R3Vr10jyZUr_tU&sig=Cg0ArKJSzIH1fH_JC4YJEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:29 GMT

GET
H3 200 reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame CB12 0
0 198ms
120ms Document
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-encoding: br
content-length: 69
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 03:18:29 GMT
etag
expires: Sun, 16 Jun 2024 03:18:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 2977 0
0 194ms
194ms Document
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-encoding: br
content-length: 69
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 03:18:29 GMT
etag
expires: Sun, 16 Jun 2024 03:18:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 77A4 0
0 190ms
190ms Document
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-encoding: br
content-length: 69
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 03:18:29 GMT
etag
expires: Sun, 16 Jun 2024 03:18:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame FF5A 0
0 183ms
183ms Document
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-encoding: br
content-length: 69
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 03:18:29 GMT
etag
expires: Sun, 16 Jun 2024 03:18:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame F96E 0
0 185ms
185ms Document
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-encoding: br
content-length: 69
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 03:18:29 GMT
etag
expires: Sun, 16 Jun 2024 03:18:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/ 3 KB
1 KB 214ms
89ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/?random=1718507909067&cv=11&fst=1718507909067&bg=ffffff&guid=ON&async=1&gtm=45be46c0z8810558189za201zb810558189&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&label=QypPCO3atvACEI7O2NMC&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20TribLIVE.com&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-712386318&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

a3c958c938d9d52413ae68cea527bead597709ee377b3db0b6c5b7e801878bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1483
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 135ms
44ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LDVDC9JYS4&gtm=45je46c0v878928073z8810558189za200zb810558189&_p=1718507907879&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=823291055.1718507908&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718507909&sct=1&seg=0&dl=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&dt=Home%20%7C%20TribLIVE.com&en=page_view&_fv=2&_ss=2&ep.article_title=Home&ep.original_article_title=Home&ep.author=&ep.publish_date=&ep.article_id=0&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&ep.search_term=&ep.category=Home&ep.previous_page_url=&ep.content_group=Home&ep.ga4_client_id=48fbce84-5ab6-4f93-8ae8-cc895a1a1ec3&ep.community_name=&ep.page_url=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&tfd=2373&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDVDC9JYS4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 191ms
65ms Ping
text/plain 2607:f8b0:4004:c21::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LDVDC9JYS4&cid=823291055.1718507908&gtm=45je46c0v878928073z8810558189za200zb810558189&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDVDC9JYS4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c21::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
235 B 77ms
75ms XHR
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2055098180&t=pageview&_s=1&dl=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20TribLIVE.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAEK~&jid=1236732649&gjid=1612097618&cid=823291055.1718507908&tid=UA-32912589-1&_gid=1990951235.1718507909&_slc=1&gtm=45He46c0n81PNZ6CV4v810558189za200&cg1=Home&cd1=Home&cd2=Home&cd3=&cd4=&cd5=0&cd6=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&cd7=&cd8=Home&cd10=&cd15=d88063d1-a963-4fc9-b9ef-7c163f6e732c&gcd=13l3l3l3l1&dma=0&tag_exp=0&cd14=823291055.1718507908&z=2029934514

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
374 B 122ms
65ms XHR
text/plain 2607:f8b0:4004:c21::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-32912589-1&cid=823291055.1718507908&jid=1236732649&gjid=1612097618&_gid=1990951235.1718507909&_u=YCDAgEABAAAAAGAEK~&z=407460964

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 16 Jun 2024 03:18:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1401480206566122 Show response
connect.facebook.net/signals/config/ 64 KB
15 KB 356ms
355ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1401480206566122?v=2.9.158&r=stable&domain=mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f68e9c110d872999e924d40ada1bfee213e791b9d4d5719ec6745b086b4210f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Jun 2024 03:18:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=64, mss=1297, tbw=63538, tp=-1, tpl=-1, uplat=293, ullat=0
pragma: public
x-fb-debug: xm0xabpqxlqW8rX45O2hahGCweHTuFhPu9k98a1mqnVxYKG4bs014w+DB4wYWJ0KsuAs2SNwNBJhTbBGFVFEvw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/712386318/ 42 B
64 B 210ms
77ms Image
image/gif 142.250.72.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/712386318/?random=1718507909067&cv=11&fst=1718506800000&bg=ffffff&guid=ON&async=1&gtm=45be46c0z8810558189za201zb810558189&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&label=QypPCO3atvACEI7O2NMC&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20TribLIVE.com&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLgCjZUqBRYXRi4llD82_Csr8Tu5ErtZeBD9jGg9YCh0-HiIuG&random=831321831&rmt_tld=0&ipr=y

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WebNewsTip.png
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/other/ 19 KB
19 KB 71ms
70ms Image
image/png 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/other/WebNewsTip.png
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 80b8d47e64fe0cd3e58d5b5f6c148a369eb9b4645821cf56334768ba37c56fea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "4c91-61acaa8349c00"
content-length: 19601
content-type: image/png

GET
H2 200 / Show response
www.civicscience.com/widget/jspoll/ 825 B
618 B 196ms
67ms Script
text/javascript 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/jspoll/?elt=4975cdfb-f5d1-3674-a102-b0dfe3b22e02&tgtid=50f54dd8-00fa-11e2-bb87-12313809f6d1
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: 4f1570f755876089f84b98bfc1ceef920cf11cc0c9ae0f55f14f94a7b6a74f50

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
content-encoding: gzip
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 load.min.js Show response
cdn.sided.co/embed-assets/ 6 KB
3 KB 233ms
66ms Script
application/javascript 2600:9000:23ca:e000:3:9dfe:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sided.co/embed-assets/load.min.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e000:3:9dfe:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e387ea41e08f3bb1ef39a8184ac534d13405ccff0d4795338c5989ea8f15c54a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:42:10 GMT
content-encoding: br
via: 1.1 8e923e72a50f75048382f193bf6c8c4e.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jun 2024 17:42:07 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 34580
x-amz-server-side-encryption: AES256
etag: W/"a4992081684fd9a81dcf28640656eb50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: k8rKv2oTuhp5NpNpO0LnD6OlCnVZKTTpKuo_aVN2wTmaKtGvCDBwQA==

GET
H2 200 TTM-logo.png
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/head/ 12 KB
12 KB 76ms
72ms Image
image/png 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/head/TTM-logo.png
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 7757f78ee01ca081e47831a495f02534510cfe510a41544bfe1a99fc9f2808c0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "30e4-61acaa8349c00"
content-length: 12516
content-type: image/png

GET
H2 200 clipboard.js Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/js/ThirtySix/ 9 KB
9 KB 72ms
69ms Script
application/javascript 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/js/ThirtySix/clipboard.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "23c8-61acaa8349c00"
content-length: 9160
content-type: application/javascript

GET
H2 200 scripts.min.js Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/js/ThirtySix/ 71 KB
72 KB 71ms
70ms Script
application/javascript 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/js/ThirtySix/scripts.min.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 2fb7f9c5ac604e1f50795236a51c4c1ae259986eeb1e84c052f52b8e7173a0ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "11df8-61acaa8349c00"
content-length: 73208
content-type: application/javascript

GET
H/1.1 200
OK mesearch-trib3-min.js Show response
search-module.s3.us-east-2.amazonaws.com/pubs/trib/ 146 KB
147 KB 255ms
85ms Script
application/javascript 3.5.132.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://search-module.s3.us-east-2.amazonaws.com/pubs/trib/mesearch-trib3-min.js?ver=2024-06-15pm
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.132.192 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 604188218977044d9d3ec19fbbe24ddf278d6a051f7e43d639c003504376aaa8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 03:18:30 GMT
x-amz-version-id: ye5.J5NB3Avs6IYbykMcTopU32pqMXZv
Last-Modified: Tue, 03 Oct 2023 23:15:28 GMT
Server: AmazonS3
x-amz-request-id: 3M6GJ64F1KGVZ22C
ETag: "daaa558fd39d2ee127e40a5e0348f2ac"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 149806
x-amz-id-2: TqeVyKGWX3R2vFpYfuokOo06SkeLtUQD6GsWqK57mGTp6yagGa4Nf2lNAETbsafmYBiO+oRPZmg3z4M9y+Y1Nw==

GET
H2 200 show.js Show response
web.adblade.com/js/ads/async/ 18 KB
7 KB 197ms
57ms Script
application/javascript 18.210.213.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://web.adblade.com/js/ads/async/show.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.213.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-213-167.compute-1.amazonaws.com
Software: /
Resource Hash: 035e9cc56eebb32c7f0ec20c074081823ec1923ea3f6cfd2d0f99bff864e0a4f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
content-encoding: gzip
content-type: application/javascript; charset=UTF-8

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 229ms
123ms Image
image/gif 142.250.72.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-32912589-1&cid=823291055.1718507908&jid=1236732649&_u=YCDAgEABAAAAAGAEK~&z=1961815320

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 evvnt_discovery_plugin-latest.min.js Show response
discovery.evvnt.com/prd/ 419 KB
122 KB 232ms
70ms Script
text/javascript 2600:9000:26fa:dc00:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:dc00:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fcfb15c53d7f3e3cf9a40336cb114d0c51f0b11500419f4a846a64e4e3dee70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 14:15:30 GMT
content-encoding: gzip
via: 1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 18:37:14 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 67152
x-amz-server-side-encryption: AES256
etag: W/"a69074b93cf8671377fc192dcfd8b6c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 965sU3U7LcZbJbCp8TV-3EaXlC10G4GyZ3nlw8N1oQoSIagD7oaVYA==

GET
H2

200

csw-polyfills.js Show response
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain

https://get.civicscience.com/jspoll/5/csw-polyfills.js
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

125 KB
41 KB

230ms
70ms

Script
application/javascript

2600:9000:26fa:5200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Server: 2600:9000:26fa:5200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81c263983ccd8fbb85c681d15bd19b34f1afcf7fbc43909e6217fb5615079b1e

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 15 Jun 2024 09:27:10 GMT
content-encoding: gzip
via: 1.1 a41c564554b07cc8611f5945b432513a.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 64280
etag: W/"5ffb7349d877e3871d5ed99b2165c917"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: IHkiqXIXA6OAZB4PfonfkPrg25GsRKyx0lykhCREN2g3CPxmEZck1g==

Redirect headers

location: https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date: Sun, 16 Jun 2024 03:18:29 GMT
server: awselb/2.0
content-length: 110
content-type: text/html

GET
H2

200

embed.js Show response
embedcdn.sendtonews.com/easy-stn-player/7.32.20/
Redirect Chain

https://embed.sendtonews.com/player3/embedcode.js?fk=vIM6lqgG&cid=6108&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
https://embedcdn.sendtonews.com/easy-stn-player/7.32.20/embed.js

7 KB
3 KB

84ms
59ms

Script
application/javascript

108.138.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedcdn.sendtonews.com/easy-stn-player/7.32.20/embed.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Server: 108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-50.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 343e172044532b028c3a2338d33cbee3806fb1fb0d75ab67363b00846d3c3f61

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 03:17:35 GMT
x-amz-version-id: NX_pr5lvNIVlgoC61xl2CARB1zn7or.C
content-encoding: br
last-modified: Tue, 28 May 2024 17:20:01 GMT
server: AmazonS3
via: 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/"6a9875c062a230b93d7db89d21e5d52b"
age: 55
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5AcGMg9sS6JgRuQYR4bJkQ18sYvbrVHNTXrnPMuHGPMzthq95CcNBw==

Redirect headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
x-cache: FunctionGeneratedResponse from cloudfront
location: https://embedcdn.sendtonews.com/easy-stn-player/7.32.20/embed.js
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: 6CCQXAq_RjiyalVGdB6lAfIex8OSLQ9ytnj1RpQNFfiDeb23cYQTiQ==

GET
H2 200 new-tab.js Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/plugins/page-links-to/dist/ 24 KB
24 KB 79ms
73ms Script
application/javascript 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/plugins/page-links-to/dist/new-tab.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "609e-61acaa8161780"
content-length: 24734
content-type: application/javascript

GET
H2 200 sassy-social-share-public.js Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/plugins/sassy-social-share/public/js/ 119 KB
120 KB 75ms
69ms Script
application/javascript 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 442ded1995bed09d71ebbac985047547e1d12bee2b9824486333e44b0d6365ca

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "1dd7f-61acaa8161780"
content-length: 122239
content-type: application/javascript

GET
H2 200 logout.js Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/trib-extra/tribextra-portal-src/js/ 2 KB
2 KB 81ms
75ms Script
application/javascript 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/trib-extra/tribextra-portal-src/js/logout.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: dc05dc90ce0b01c8a5ce83cfd140dab23acf313860619895420cdb420d76c013

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
last-modified: Thu, 13 Jun 2024 19:39:26 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "83b-61acaa8161780"
content-length: 2107
content-type: application/javascript

GET
H/1.1 200
OK triblive_mnbvcx.js Show response
search-module.s3.us-east-2.amazonaws.com/pubs/trib/ 8 KB
9 KB 225ms
86ms Script
application/javascript 3.5.132.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://search-module.s3.us-east-2.amazonaws.com/pubs/trib/triblive_mnbvcx.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.132.192 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9d63b6faac36178b1e48dcf9191d63c0e8c15f67d1874b99472e16c31ac7c10e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 03:18:30 GMT
x-amz-version-id: tR.MIR53kSV.SZpvcICBEp27HAadJ6UV
Last-Modified: Fri, 26 Jan 2024 00:18:38 GMT
Server: AmazonS3
x-amz-request-id: 3M6Z0QVFYDQTM1RZ
ETag: "3d5d6f7b33d0c75680f5aeee48e89734"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8240
x-amz-id-2: t7w9Kqhvi4DSFlu5FHmTMVXJQIRKzaccHWzVmRExy/C3JdmxHsdQqqKiTmQJnMT8P+uFpo/5wD4BY3uTIWDCDQ==

GET
H/1.1 200
OK adex.js Show response
search-module.s3.us-east-2.amazonaws.com/pubs/trib/ 114 B
585 B 221ms
82ms Script
application/javascript 3.5.132.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://search-module.s3.us-east-2.amazonaws.com/pubs/trib/adex.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.132.192 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e2e7cc185a2cd22f9557f6eed32c8409aefc9a528f880d33bcb5aa579cd16a4c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 03:18:30 GMT
x-amz-version-id: PP82jC0uIR6mSCwcvvdD_0Ta7jZBv_E5
Last-Modified: Mon, 04 Dec 2023 16:36:15 GMT
Server: AmazonS3
x-amz-request-id: 3M6KG3WNM25QRCGV
ETag: "c5a53623c7c2854c7a56609d51dc2ed8"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 114
x-amz-id-2: 3zauG4pR8GTkikKTrBD0Afoe3WPW4jwwQpUDAYHzVIsutrq1GaRHNb3gK4MIKmdfwkfJXziiaDMRtlbsI47BZw==

GET
H/1.1 200
OK adblockdetect.js Show response
search-module.s3.us-east-2.amazonaws.com/pubs/trib/ 20 B
490 B 174ms
77ms Script
application/javascript 3.5.132.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://search-module.s3.us-east-2.amazonaws.com/pubs/trib/adblockdetect.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.132.192 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 21cf09a0e9e4dca2c208eca20126a1bccbbdb66c40df1002c0e247217a3656f9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 03:18:30 GMT
x-amz-version-id: 3j8GYL4iiwLAaAoHEAwxF12l2xmTNMAP
Last-Modified: Tue, 05 Dec 2023 20:04:41 GMT
Server: AmazonS3
x-amz-request-id: 3M6KPPY7PNTZBT6V
ETag: "08d01da4eb8c09ad0c1e81686e6fc2cc"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 20
x-amz-id-2: rts0KK1oDDrejM9RbjINkxv6827VYB2IVuHuyedjd/1VwyzZgeBFZyDw5uOq0S6fESVdU2OpohOgtfGU02fydw==

GET
H/1.1 200
OK triblive_qwerty.js Show response
search-module.s3.us-east-2.amazonaws.com/pubs/trib/ 13 KB
14 KB 220ms
84ms Script
application/javascript 3.5.132.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://search-module.s3.us-east-2.amazonaws.com/pubs/trib/triblive_qwerty.js?20240615
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.132.192 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 179f79d98e3aa3134f22b606b9890532576ee83a553633794bafa86f198eb7d1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 03:18:30 GMT
x-amz-version-id: UMDN2PV7qOCc.nk2jJI8MHY0SMjUD8t2
Last-Modified: Tue, 30 Jan 2024 14:06:43 GMT
Server: AmazonS3
x-amz-request-id: 3M6HQ62D3JZP4K1P
ETag: "78b6d93d698e4e11ef920cdd856374a4"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 13352
x-amz-id-2: vd2FriQYK2UReKQtmbyyY1Z+xgY685svC4Hrhn2saBaldD/LwMyUrF2cDI4lMB3gGX+2hv6e2PY/wk/A+v61yw==

GET
H2 200 carousel.js Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/js/bootstrap/ 7 KB
7 KB 78ms
74ms Script
application/javascript 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/js/bootstrap/carousel.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: d77dc3ff69c567e1a16785b3cc814d96f492d058c4538f206d65145f07a9e4ad

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "1c81-61acaa8349c00"
content-length: 7297
content-type: application/javascript

GET
H2 200 smartbanner.min.js Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/js/smartbanner/ 17 KB
17 KB 79ms
76ms Script
application/javascript 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/js/smartbanner/smartbanner.min.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: e5da457f1a1fac2f05ec1e0c7e95f892351fd3558b907a6608ed74ee73ffa80a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "42d3-61acaa8349c00"
content-length: 17107
content-type: application/javascript

GET
H2 200 7448743_web1_vnd-AvomoreFire3-061624.jpg
assets-varnish.triblive.com/2024/06/ 27 KB
28 KB 54ms
41ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7448743_web1_vnd-AvomoreFire3-061624.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b853d534d582b2b5f8a79dbdbf7addc12f8882fc52c4bb2ac64b8a5a106a1801

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 8088bed6e8830a4b93ece0fd29c26828.cloudfront.net (CloudFront)
x-amz-version-id: zBUBPE0bRFyKOZEeymjkbI5NO_8Gv4bb
cf-cache-status: HIT
age: 11164
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=28805
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27855
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jun 2024 00:01:54 GMT
server: cloudflare
etag: "7f3e7806ba229563aba78e7d53228f02"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a722a89c8da2-MIA
x-amz-cf-id: OCT9GW51kb1-VE41FB52DTIhc_bOaZzDp6Ge4LRl02e8uYPsLNjN1g==

GET
H2 200 7448043_web1_ptr-FedExDriverCollapse-061624.jpg
assets-varnish.triblive.com/2024/06/ 67 KB
67 KB 48ms
47ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7448043_web1_ptr-FedExDriverCollapse-061624.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a8ce67fe741a9a597388d6972da38f254b06f2659d89be43910ba5cd9301f9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 ba909a19c27187e9d323c04aa5d94468.cloudfront.net (CloudFront)
x-amz-version-id: DgF9lY0RxjZMtwzgt4zkv_Fsx1BuqcRH
cf-cache-status: HIT
age: 35505
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=71399
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 68317
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 17:21:57 GMT
server: cloudflare
etag: "c7938f2f86338462558f6d39c6df16ab"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a722c8ca8da2-MIA
x-amz-cf-id: dA73F_8k15vuRa6Y9GIKRPjjkirUO5CTwBSKnImd018KIaFlWt9t2w==

GET
H2 200 7448287_web1_PSPvehicle2.jpg
assets-varnish.triblive.com/2024/06/ 33 KB
33 KB 40ms
40ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7448287_web1_PSPvehicle2.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c044b57641e6bd06e236932599393f9501acb0655012b09617dbe6124d78b40d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 006366fccb64005434f04cb7657f8dc8.cloudfront.net (CloudFront)
x-amz-version-id: lPc39swxGmqED84SqG7iB.NoR.25cALr
cf-cache-status: HIT
age: 21833
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=34365
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33513
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 21:13:11 GMT
server: cloudflare
etag: "7dc1eea61b03598df6c1b66070d3dfab"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a722c8cb8da2-MIA
x-amz-cf-id: D4dgQdh3XPdPOFISdhbf0OThgAxRaeFBFA_dPSzXazpiisBW2laN4Q==

GET
H2 200 7448024_web1_PTR-Second-Avenue-Commons-FILE.jpeg
assets-varnish.triblive.com/2024/06/ 63 KB
63 KB 58ms
57ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7448024_web1_PTR-Second-Avenue-Commons-FILE.jpeg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a9257ff3393c6dbf64b09e8b9e7ac2def45258f8e81a65b0178ab7cd63cae8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 5ae109f86d7ae6f6423c92c14b951cf6.cloudfront.net (CloudFront)
x-amz-version-id: BIpAwkFxRMmRnQS1gOyMWiRN.YCV.YK5
cf-cache-status: HIT
age: 36054
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=66762
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 64324
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 17:16:40 GMT
server: cloudflare
etag: "df66177b9c7b1cc717331f90b21e835a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a722e8f58da2-MIA
x-amz-cf-id: yoNaRI0lr0PLd6ATb2TVVMXe9g62N2Ypp3VdVxpYNcMSb6c3o1z6QA==

GET
H2 200 7447206_web1_ptr-BucsRockies01-050624.jpg
assets-varnish.triblive.com/2024/06/ 72 KB
72 KB 41ms
40ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7447206_web1_ptr-BucsRockies01-050624.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f863f4fe35f3d935c52ad4eb20534649464d132cd9d06ca5ff0c5076b9c90d64

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 c515a3646072bcbe1ed6a766aa806d66.cloudfront.net (CloudFront)
x-amz-version-id: Isy0gzh.bEJDx9coA9AH9RuFZ772KOdz
cf-cache-status: HIT
age: 28801
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=75616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 73542
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 19:15:43 GMT
server: cloudflare
etag: "dc39ceb69be95a0d24fe4e12b86e2975"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a72309238da2-MIA
x-amz-cf-id: q8YgtEYOyidOn3o4Bl7Izx3qNPR_LATWl5WUXVmTTHrmOJDro1cinw==

GET
H2 200 7447214_web1_Steelers01-061424.jpg
assets-varnish.triblive.com/2024/06/ 34 KB
34 KB 56ms
55ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7447214_web1_Steelers01-061424.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29b2e587c48b1ffc007e3fae3bf123cd885b6b0644685822f7128f80f97ac8c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 cb0d0f1e65d2d1561d8291b6a0a74b7a.cloudfront.net (CloudFront)
x-amz-version-id: rTj_w8fox_jX1J1DRm9WIVWtIa6WDzSg
cf-cache-status: HIT
age: 35163
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=36011
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 34865
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 17:28:52 GMT
server: cloudflare
etag: "2510e6d56348f439a49c454bdbb6e7a8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a723192a8da2-MIA
x-amz-cf-id: nl9vAxGseSLghWMWGqGKMjOA5am22iK71rVVvVRT3kYMJriLxHMnlw==

GET
H2 200 7446570_web1_Juneteenth4.jpg
assets-varnish.triblive.com/2024/06/ 56 KB
56 KB 43ms
41ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7446570_web1_Juneteenth4.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a6005a7fcf96135e34f7fef30e9fd16591bd7457b5ea0c396a25b40a39ba947

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 4491f677b159939aafd3462cd45568ec.cloudfront.net (CloudFront)
x-amz-version-id: WCNPA.TRYD.sHJEki9smEniXCEFjOGWM
cf-cache-status: HIT
age: 18063
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=59373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 56965
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 22:13:10 GMT
server: cloudflare
etag: "33994477f4f5596697a23d6a4ccc6fab"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a723495e8da2-MIA
x-amz-cf-id: M9FjTua0g-1j52DZufIBmC5pbhJoWQXB5iMJ0_8vK-Yc45XFL3cmoQ==

GET
H2 200 7448658_web1_North-Huntingdon-police-car.jpg
assets-varnish.triblive.com/2024/06/ 54 KB
54 KB 39ms
39ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7448658_web1_North-Huntingdon-police-car.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb390d9ec76311b4278dac158f9f636853bc77a6f4d4b0762e8b44d84723c5ca

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 e763a229a66d7c303966816658a2f986.cloudfront.net (CloudFront)
x-amz-version-id: 6ILS4PZPlr0nCZ9GfQ87wi218WvIHnBU
cf-cache-status: HIT
age: 14286
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=57018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 55003
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 23:19:35 GMT
server: cloudflare
etag: "d7e425a26a210939f8ddeac7cc93cae8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a72349618da2-MIA
x-amz-cf-id: VeqR6n_sr6Z_nF0kCv-cFyDVCeYHMlgxJsZC-rIdSnUVoQ9JpzdtFw==

GET
H2 200 7446847_web1_HER-AspMeetingVids-062724.jpg
assets-varnish.triblive.com/2024/06/ 36 KB
36 KB 39ms
39ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7446847_web1_HER-AspMeetingVids-062724.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86eafef69aa7f8de7be2564f5c01e107e3dd86993e3603eea9d4df2ebe79c6d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 a3d81350f207075a8a67e8d7ae50f6de.cloudfront.net (CloudFront)
x-amz-version-id: DjDMrx_UNkQ2DTVp.pwcsGI6SphnFIN2
cf-cache-status: HIT
age: 4878
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=37308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36388
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jun 2024 01:52:54 GMT
server: cloudflare
etag: "d3a01f0f8d2f7e981c1c9a9fcd413b25"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a72369858da2-MIA
x-amz-cf-id: 263IDqkEEY5mWkTCu47z1TLqb1weCzvpdisGDg2NB_cTDbzWJ41J1g==

GET
H2 200 7444801_web1_ptr-shuman-082521.jpg
assets-varnish.triblive.com/2024/06/ 53 KB
53 KB 38ms
38ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7444801_web1_ptr-shuman-082521.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c2b0d137df8c7cdee13a3ea427d7950d3f2f5ffe652f15a35ff3a46278052b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 96ef33fafb355df015bb2b6c144dad20.cloudfront.net (CloudFront)
x-amz-version-id: 95EItNkfJ3zGK1UW23DkKe66m8Ue9UqK
cf-cache-status: HIT
age: 133769
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=56566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 53856
cf-bgj: imgq:100,h2pri
last-modified: Fri, 14 Jun 2024 14:07:47 GMT
server: cloudflare
etag: "bd3f8b3c99be49a050bc6238e5862e26"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a723798c8da2-MIA
x-amz-cf-id: 4vy4dmE3QHkmtLKTcqSTByG-0w2lFVQOKXiqJz6N_O9IGQE0ILlbLg==

GET
H2 200 7447824_web1_web-PoliceLightsZZ.jpg
assets-varnish.triblive.com/2024/06/ 26 KB
26 KB 40ms
40ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7447824_web1_web-PoliceLightsZZ.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71649c7a9b577df0d23d604e8790430445a5d9f7b313c28fa05a2cc1f69e0551

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 6eab87502250913ab33482bd1eb3f5b0.cloudfront.net (CloudFront)
x-amz-version-id: g1kakkY2t_9ETBge5ZlK.XONqPfgRZ6Z
cf-cache-status: HIT
age: 46564
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=27346
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26515
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 14:17:19 GMT
server: cloudflare
etag: "55a71df76448f3c6a3bea5972530dfc4"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a723798e8da2-MIA
x-amz-cf-id: 7XWmbBxbG6Rv8RqHj5eCBHigf_fNtnx1AfUJGpPZrkKUk_SPJcVBZA==

GET
H2 200 7447916_web1_7447916-d191d785eb674a768d5c234d9c5e5a14.jpg
assets-varnish.triblive.com/2024/06/ 15 KB
15 KB 44ms
41ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7447916_web1_7447916-d191d785eb674a768d5c234d9c5e5a14.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7333122b15217620584bc0eb575f8b53552111c36b150c507d7d2dfd21fee4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 31c012f55b66639eccbd2d9914d97f34.cloudfront.net (CloudFront)
x-amz-version-id: RQoCqhzot0sV9I8S3f8AXZw9Joe68N9_
cf-cache-status: HIT
age: 42377
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=16777
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15067
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 15:29:08 GMT
server: cloudflare
etag: "ea332bab025b80b3554aced4135d75ee"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a72399ab8da2-MIA
x-amz-cf-id: yiHRIsGbnp4xncOtMaxd1rlaWaiCqPw2uUOWF6zSO8HVD3fKw0q96w==

GET
H2 200 7446005_web1_gtr-WillsAppoint2-092123.jpg
assets-varnish.triblive.com/2024/06/ 50 KB
50 KB 43ms
40ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7446005_web1_gtr-WillsAppoint2-092123.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84118fa5c9f27283692d0fb0bd058fc1a3c105a1bc8045e2a82ed19d52de237c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 f27d77f5cb464d2f833e73d78c3c2ccc.cloudfront.net (CloudFront)
x-amz-version-id: 1mXo0w6TIIf6dKcxs5sIE2YoxtAsG_oV
cf-cache-status: HIT
age: 65787
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=51778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 50729
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 09:01:24 GMT
server: cloudflare
etag: "c63e5b5da63331dd447d4d95a2905783"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a72399ac8da2-MIA
x-amz-cf-id: nOmLqxTVzlvgmaGpq4qqlhOgAAgnanwrR356M0Hfr7Non9xc-RN0bg==

GET
H2 200 7449497_web1_7449497-1856deac17b94fac8583a2b678de484d.jpg
assets-varnish.triblive.com/2024/06/ 52 KB
53 KB 43ms
42ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7449497_web1_7449497-1856deac17b94fac8583a2b678de484d.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef8eaf92e36a2407761a5345e0abc55f3bcf0e4bcd9262a1d24df3f03c7b992a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 873ea86a53e828bcd9ffd511bda586c8.cloudfront.net (CloudFront)
x-amz-version-id: YZZHOuA_I8PErK7qEUzQjQrrvLfE7ZpB
cf-cache-status: HIT
age: 149
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=55329
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 53469
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jun 2024 03:11:43 GMT
server: cloudflare
etag: "52f792e6e6cefd012788694a9eea5730"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a72399ae8da2-MIA
x-amz-cf-id: vfM2Ly48p6nvDYEHv-3z3fBogYrXjuX7hjtPZJqXIFM3vlI96-eS5A==

GET
H2 200 7442089_web1_ptr-LucindaWilliams1-061424.jpg
assets-varnish.triblive.com/2024/06/ 29 KB
30 KB 41ms
40ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7442089_web1_ptr-LucindaWilliams1-061424.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb2e3f9f35d24d83b2dd7c57453282a8cefd8a4a996e6b6f5f67f2285725c2f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 f7622d34f14a4da761ccec4819140f94.cloudfront.net (CloudFront)
x-amz-version-id: ar0XHWTuAEbFeCXp6MmlCPqEfPLL6O3N
cf-cache-status: HIT
age: 130150
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=30615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29992
cf-bgj: imgq:100,h2pri
last-modified: Fri, 14 Jun 2024 15:05:22 GMT
server: cloudflare
etag: "edfba6e4afb1017e2d49a5198a5c873e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a723b9d18da2-MIA
x-amz-cf-id: rA7dhtpCM7KKfx7qaAuI5OIZRqHDMJzUH_HZyZWk_dK4l8V-vAoWMQ==

GET
H2 200 7444811_web1_7444811-fa9f0fb62bc042fbb953b21551f9c29c.jpg
assets-varnish.triblive.com/2024/06/ 27 KB
27 KB 40ms
40ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7444811_web1_7444811-fa9f0fb62bc042fbb953b21551f9c29c.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3154300b6000424ff182221a9bb440cbb029c768e4e0de4ab7d2cb09ce2f02cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 6244b0c96d0f84618b18e0eae633c140.cloudfront.net (CloudFront)
x-amz-version-id: 4XQE9VaoVaEDkNv84tHiWKo1xir2.t2n
cf-cache-status: HIT
age: 134213
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=28472
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27141
cf-bgj: imgq:100,h2pri
last-modified: Fri, 14 Jun 2024 13:59:38 GMT
server: cloudflare
etag: "be42df14f53629a6a12a9f907301706d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a723b9d38da2-MIA
x-amz-cf-id: MYkGqJmCEcfQe-jea7Tpd9uUQ40XgmQoGlsHLepPUfiFywuWFjm3KQ==

GET
H2 200 7423256_web1_ptr-ViewingTip1-06162024-HouseOfTheDragon.jpg
assets-varnish.triblive.com/2024/06/ 69 KB
69 KB 42ms
41ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7423256_web1_ptr-ViewingTip1-06162024-HouseOfTheDragon.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf768e515e34c57aab6d7507d1192dbd63bd1b4af751275e41d823286f64c7f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 ca36547e4c089cf7a033b5970c38e816.cloudfront.net (CloudFront)
x-amz-version-id: c6_yOs0T6I9uLG.JPUoSuefVg8uC9MCM
cf-cache-status: HIT
age: 145076
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=72638
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70622
cf-bgj: imgq:100,h2pri
last-modified: Fri, 14 Jun 2024 11:00:07 GMT
server: cloudflare
etag: "e448de2be02996ddafca24a74f6fa8b1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a723b9e08da2-MIA
x-amz-cf-id: tPOcJXe4WswH7kY0QzcahFlQNxfGi1kNp8_f7VqNJaTS8shdO92wYA==

GET
H2 200 7397560_web1_part-bellaSummer-061324.jpg
assets-varnish.triblive.com/2024/06/ 54 KB
54 KB 43ms
40ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7397560_web1_part-bellaSummer-061324.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe3e965f1eb56e21e206d5ee74366f5d53cd187cbed9971258eedc74d8560d52

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 873ea86a53e828bcd9ffd511bda586c8.cloudfront.net (CloudFront)
x-amz-version-id: WQQZfHth8d2YKZ6.kwI2ib8L7165BUjc
cf-cache-status: HIT
age: 234718
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=57692
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 55405
cf-bgj: imgq:100,h2pri
last-modified: Thu, 13 Jun 2024 10:01:23 GMT
server: cloudflare
etag: "9b6165ab0ac0930f29b88da7548d7f98"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a723da1e8da2-MIA
x-amz-cf-id: kdOq07NzhSAFT4hh7uMFb2XTUcrlDQ8iuYi6vpFiWEJ33qA5oJPrPA==

GET
H2 200 7446851_web1_6456362-7b87333e04c242028910c7c95a57a1cc.jpg
assets-varnish.triblive.com/2024/06/ 37 KB
38 KB 45ms
42ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7446851_web1_6456362-7b87333e04c242028910c7c95a57a1cc.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f648e600f33f7e29ec39bd4d1d8ff5ecdea49742c4a2700d192737b812b547a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
via: 1.1 0ccbfb6540bd7c32dd0a28eee84ed060.cloudfront.net (CloudFront)
x-amz-version-id: LOwWBkX5ttBem381oXqDmD.xtgmGL_37
cf-cache-status: HIT
age: 98616
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=40386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38160
cf-bgj: imgq:100,h2pri
last-modified: Fri, 14 Jun 2024 23:49:27 GMT
server: cloudflare
etag: "db3ad1a724cfec017d242b0b75aa64fe"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a723da218da2-MIA
x-amz-cf-id: gJLYHH5RTV4_hkGXzCBdhSCrxrKteGkaPGzF1xuYQ121kBMOJ4Tdog==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D94D 0
0 237ms
119ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF2E 0
0 357ms
120ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1626 0
0 476ms
119ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D26E 0
0 593ms
118ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FF3 0
0 709ms
117ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 219ms
64ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1401480206566122&ev=PageView&dl=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&rl=&if=false&ts=1718507909606&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.3.1718507909603.618430016727651186&ler=empty&cdl=API_unavailable&it=1718507909210&coo=false&rqm=GET

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1297, tbw=2820, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 16 Jun 2024 03:18:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 244ms
133ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1401480206566122&ev=PageView&dl=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&rl=&if=false&ts=1718507909606&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.3.1718507909603.618430016727651186&ler=empty&cdl=API_unavailable&it=1718507909210&coo=false&rqm=FGET

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x54d0a7d9378db56c","source_keys":["1","2"]},{"key_piece":"0x80b158f686a81315","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 16 Jun 2024 03:18:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380935268237525728", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=12, mss=1297, tbw=3133, tp=-1, tpl=-1, uplat=69, ullat=0
pragma: no-cache
x-fb-debug: dt3XRsoAAMq2yPCAF/a2hXkaMTSKnl9P+YV04uKd6jIhHh1GvC13OBuI5xuV5VGJlBRFxsxGOEtoCdgDs7+wTQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380935268237525728"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
api.ipify.org/ 22 B
155 B 149ms
74ms XHR
application/json 172.67.74.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 605a3023c4c4790b6ffe8f588b564606916069afba8ee481b154e9519014b4bb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 8947a7245d4325a7-MIA
content-length: 22

GET
H2 200 / Show response
api.ipify.org/ 22 B
74 B 214ms
77ms XHR
application/json 172.67.74.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 605a3023c4c4790b6ffe8f588b564606916069afba8ee481b154e9519014b4bb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 8947a724cde725a7-MIA
content-length: 22

GET
H2 200 b-904ac2d-fcb7f207.js Show response
tagan.adlightning.com/triblive/ 70 KB
27 KB 68ms
67ms Script
application/javascript 18.238.49.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/triblive/b-904ac2d-fcb7f207.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-67.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ac9b61d78eb046b56e45011f250299ebb248dc8267155e9a097250d53246c66

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 07:09:56 GMT
content-encoding: gzip
via: 1.1 7933995c46b01504206ecd6d3dfa5d10.cloudfront.net (CloudFront)
x-amz-version-id: MXxYgwdXUrULzOfsz3khF6HELDm6FQG4
x-amz-cf-pop: JFK52-P3
age: 158914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27048
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 05 Feb 2024 16:00:11 GMT
server: AmazonS3
etag: "d360908a3d441f647d99a7b8ef1f5be8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7Y3h1_gjuf_zg7KJpYMLrh_14uZqU6SN-T_e0TVRVr2B5bliagIudQ==

GET
H2 200 bl-4c5f06a-0fc2c0fa.js Show response
tagan.adlightning.com/triblive/ 87 KB
39 KB 116ms
115ms Script
application/javascript 18.238.49.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/triblive/bl-4c5f06a-0fc2c0fa.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-67.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b39fc4afc6004dbae5a2e53bf954704b7970abf48b60542ac04ef94616dcaac9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 18:08:45 GMT
content-encoding: gzip
via: 1.1 7933995c46b01504206ecd6d3dfa5d10.cloudfront.net (CloudFront)
x-amz-version-id: 18WSF2IgucbsdN_9x3zp8vvNRg2GTire
x-amz-cf-pop: JFK52-P3
age: 32985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 39846
x-amz-meta-git_commit: 4c5f06a
last-modified: Sat, 15 Jun 2024 17:52:42 GMT
server: AmazonS3
etag: "2e075fe549961eb6f55e5638790466b7"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9KU9JxU7GR9EFjpYNUljCOx4aZCTaa0m0huy-OUFf-KhcjMiRi0Cqw==

GET
H2 200 runtime_6459738026535cda4232dc813c61447d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 219ms
31ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 14:02:47 GMT
content-encoding: br
age: 1602942
x-guploader-uploadid: ABPtcPpxAHTnwdBJpNKCrPHBy8la2Hi4v85v7mI9d6V0nh-1zjcKTjO2dq50Qzi1aVfagd755u56O7pdpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
last-modified: Thu, 23 May 2024 19:16:48 GMT
server: UploadServer
etag: "09512239cb2a22728ca9f8608dfc2181"
x-goog-generation: 1716491808832240
x-goog-hash: crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1316
accept-ranges: bytes
content-type: text/javascript

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST updateSession
cdn.sided.co/embed-assets/embed/ 0
0

OPTIONS
H3 403 updateSession
cdn.sided.co/embed-assets/embed/ Frame 0
0 152ms
88ms Preflight
application/xml 108.139.29.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sided.co/embed-assets/embed/updateSession
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.139.29.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-122.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=300
content-type: application/xml
date: Sun, 16 Jun 2024 03:18:29 GMT
server: AmazonS3
via: 1.1 d3041c3025b9205db460853b5b9626bc.cloudfront.net (CloudFront)
x-amz-cf-id: mgCBG6YAqkMJuzf89j5ZiF7xjzGjssHNjtHSGbvL5AcKCUFiZmjbjw==
x-amz-cf-pop: JFK50-P2
x-cache: Error from cloudfront

GET
H3 200 easy-stn-player.js Show response
embed.sendtonews.com/easy-stn-player/7.32.20/ 689 KB
193 KB 124ms
59ms Script
application/javascript 108.138.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-50.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dca4ddebc66503acdcdf9584f06df7e2ef6a730307d9700a7cc5d1e20554f84e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:17:31 GMT
x-amz-version-id: WNWczoTEFQkFK.BbjkQezRkCLioQ1H0V
content-encoding: br
last-modified: Tue, 28 May 2024 17:20:02 GMT
server: AmazonS3
age: 59
x-amz-cf-pop: JFK50-P3
etag: W/"51f3faefa76233b67cd3acb207357188"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
via: 1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tp2wC7ZOLb6VyDcEY9NDsP2rEiMgPx4IehUJFFMhIh9UBhj3CfRwPQ==

GET
H2 200 / Show response
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/ 146 KB
146 KB 377ms
377ms XHR
text/html 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 76bf244306d8cd21c0a92a27dff2d373982081082765133743ee5c52138f820f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
link: <https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/>; rel=shortlink
content-type: text/html; charset=UTF-8

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 187ms
56ms Image
image/gif 35.153.26.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=triblive.com&p=%2F&u=CbKmSgDKB_E7BjfibH&d=mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&g=66938&g0=Home%20%7C%20Home%2FHome&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6157&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&b=3145&t=DtAurSCvgH02C7-gDGDFaAp0s198P&V=147&i=Home%20%7C%20TribLIVE.com&tz=600&_acct=anon&sn=1&sv=CTZH1ZBXUbIMC0nIgBC3GuK_CNaXN9&sr=external&sd=1&im=061b0fff&_
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.26.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-26-62.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 16 Jun 2024 03:18:30 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2

200

csw-polyfills.js Show response
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain

https://www.civicscience.com/jspoll/5/csw-polyfills.js
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

125 KB
0

0ms
0ms

Script
application/javascript

2600:9000:26fa:5200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Server: 2600:9000:26fa:5200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81c263983ccd8fbb85c681d15bd19b34f1afcf7fbc43909e6217fb5615079b1e

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 15 Jun 2024 09:27:10 GMT
content-encoding: gzip
via: 1.1 a41c564554b07cc8611f5945b432513a.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 64280
etag: W/"5ffb7349d877e3871d5ed99b2165c917"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: IHkiqXIXA6OAZB4PfonfkPrg25GsRKyx0lykhCREN2g3CPxmEZck1g==

Redirect headers

location: https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date: Sun, 16 Jun 2024 03:18:29 GMT
server: awselb/2.0
content-length: 110
content-type: text/html

GET
H3 200 publisher_settings Show response
discovery.evvnt.com/api/publisher/590/ 6 KB
2 KB 124ms
59ms Fetch
application/json 18.173.219.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/api/publisher/590/publisher_settings
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.219.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-5.jfk52.r.cloudfront.net
Software: / Express
Resource Hash: 4772438aedb8628f28f6d46d2f7c960bd1dbe59e147978220007293e54904d43

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:17:29 GMT
content-encoding: br
via: 1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
age: 61
x-amz-cf-pop: JFK52-P1
x-powered-by: Express
etag: W/"18a4-YXh/4OwQstUbI5/g7JQP7avbyr4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mSY4SkDixcEFMNd14UazJ-Tfj0nkhUEX9cwx78x1hLQOIzB96wx1ZA==

GET
H2 200 jot
www.civicscience.com/ 0
0 171ms
59ms Fetch
text/plain 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=1799450380.2391080898&n=0&s=poll&t=created&d=%7B%22target%22%3A%22697%22%2C%22instance%22%3A%224975cdfb-f5d1-3674-a102-b0dfe3b22e02%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A0%2C%22cy%22%3A18%7D
Requested by: Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 bootstrap Show response
www.civicscience.com/widget/api/2/ 317 B
414 B 65ms
64ms Script
text/javascript 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/bootstrap?target=697&instance=4975cdfb-f5d1-3674-a102-b0dfe3b22e02&context=%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&mv=5&_=1718507909982&callback=jsonp_1718507909982_85700
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: b007d08336cbab51c2bea5ad4af136decdd0148f180015ad17005d7173070579

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 jot
www.civicscience.com/ 0
0 168ms
58ms Fetch
text/plain 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=1573934096.2944634962&n=0&s=poll&t=created&d=%7B%22target%22%3A%223c059610-d0fb-87f4-a925-25a361f2f72e%22%2C%22instance%22%3A%22civsci-id-599317404%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A30%2C%22cy%22%3A6151%7D
Requested by: Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 bootstrap Show response
www.civicscience.com/widget/api/2/ 329 B
423 B 71ms
71ms Script
text/javascript 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/bootstrap?target=3c059610-d0fb-87f4-a925-25a361f2f72e&instance=civsci-id-599317404&context=%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&mv=5&_=1718507909984&callback=jsonp_1718507909985_36205
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: f12b79d7404cc2fd5eae9cb8f473ef529abecda97ee2a07fc03983a082514404

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 main-v2_e3c047536bdaca2c8911cb1f6f6d8aa7.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 497 KB
109 KB 38ms
37ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_e3c047536bdaca2c8911cb1f6f6d8aa7.br.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 55ff3437d82bb81bc0f77e66a3a45559857def61b7a4963931a059e2b3251a4b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:12:06 GMT
content-encoding: br
age: 212784
x-guploader-uploadid: ABPtcPpTFF9Mppn02SlKL7u63VX5Yn9Du4T2Tf4Hq2FsIFMM6gd6GS1k4relcaqwzsD7eDpIkw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111168
last-modified: Thu, 13 Jun 2024 16:11:59 GMT
server: UploadServer
etag: "3fbbb0b4a7f4a2d85524c6561ad07555"
x-goog-generation: 1718295119218441
x-goog-hash: crc32c=E4S6Ew==, md5=P7uwtKf0othVJMZWGtB1VQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 111168
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D94D 42 B
65 B 123ms
121ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBLqQxkfcLoHMlyh4bpNChtCQsQnI_7taeFRonTugYgs_x3TWaMQwWeZJfwIVuYMXLobxea3DFR9ZWwLe7HoPf1oqDukjqKriVL9-5x18EVqliWoLUqlcogBWvxW7bHQN1WXv0sgtnx90r5vaiZ6S_goL5GWKiAzwZ2gfXmQ&sig=Cg0ArKJSzEncmBb6vLKOEAE&id=lidar2&mcvt=1002&p=204,799,205,800&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240612&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=592247950&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&vs=4&r=v&co=1444070800&rst=1718507908529&rpt=445&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D26E 42 B
65 B 123ms
122ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7OSuHzpgwDlHbinCceLVRI4PYYZilAi_6_kdDsLaalHVhf1XcqPjF0pos3KeplVa-aMXfw_DdOUC725svHBn43FpmNt5Y9E6ROl5myjQnqVS6wL9sWNcQVjUhoxuZ6-TsNdvlu3vxLNwTj4QqVNKPLUFWCPoAAsRGPm4GZQ&sig=Cg0ArKJSzPTi_x7lADQwEAE&id=lidar2&mcvt=1007&p=281,552,371,1280&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20240612&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3153238195&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&vs=4&r=v&co=1444070800&rst=1718507908542&rpt=371&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1626 42 B
65 B 135ms
135ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvH4g6cEuaSYp_s3aN2liPeEUbdO7UcGyyjino3AruWtLHizCWaxUUAqTJXvM5HVS8pp-f4IvTERTlaEw-PTfZfShKTJ1Xw9BifQyLvtWH1BNXEEgsD4ONtr3yMPsFZE1zuP0OFmU1qHzKuQLXBL6WSZnzc0DjcuDJhBcUJA&sig=Cg0ArKJSzLjNUsgneXHXEAE&id=lidar2&mcvt=1011&p=826,980,1076,1280&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20240612&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=625904948&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&vs=4&r=v&co=1444070800&rst=1718507908555&rpt=385&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3FF3 42 B
65 B 131ms
131ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn2tI30TkRa-hNk6ESASBBh1gA4db20rjweGj1QmRzTkp8cA33hHkhq9DshPc7rHwMBF5pPWrp7RCvtsonIiaFkTzcXfSfCKrb9o4ntiIsXdZ2H_vVkbWOoFJ1_Qqku0490VwstCoo3q-aI-XdOSW34XEX-e_KLHqv4qtIvg&sig=Cg0ArKJSzH_XKiYznINuEAE&id=lidar2&mcvt=1015&p=281,320,371,544&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20240612&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2079050627&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&vs=4&r=v&co=1444070800&rst=1718507908566&rpt=437&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jot
www.civicscience.com/ 0
0 89ms
58ms Fetch
text/plain 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=1390087491.2740283226&n=0&s=poll&t=created&d=%7B%22target%22%3A%223c059610-d0fb-87f4-a925-25a361f2f72e%22%2C%22instance%22%3A%22civsci-id-599317404%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A30%2C%22cy%22%3A6151%7D
Requested by: Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/5/csw-polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 bootstrap Show response
www.civicscience.com/widget/api/2/ 329 B
423 B 66ms
66ms Script
text/javascript 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/bootstrap?target=3c059610-d0fb-87f4-a925-25a361f2f72e&instance=civsci-id-599317404&context=%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&mv=5&_=1718507910062&callback=jsonp_1718507910063_88602
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: 4dc3ce0803ede101d65e8257f6b5cf9c81d939ffb21770a0d7588f236ea3bff8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 1bd5d34e3cb4c76be920.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 71 KB
24 KB 72ms
67ms Script
text/javascript 2600:9000:26fa:dc00:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/1bd5d34e3cb4c76be920.discovery_plugin.chunk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:dc00:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0bc803ded3eb30a6da6c3a037589f7554a759eb01357fe52de1adc19193d87b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 22:52:27 GMT
content-encoding: gzip
via: 1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 18:37:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 65901
x-amz-server-side-encryption: AES256
etag: W/"ab6c7c6a4c0562bc0790dbbc1880e29c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: V2GMDLLnIT8qDgxzKeHkVxC4cmxk-SJFhM4cCqzNEb281XnfS9n-pA==

GET
H2 200 0b1ce43b67eebae6e37b.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 22 KB
7 KB 75ms
70ms Script
text/javascript 2600:9000:26fa:dc00:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/0b1ce43b67eebae6e37b.discovery_plugin.chunk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:dc00:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6696ed43d6d776de48975f4c28e254e10917c6af9e789d85a0747dd0df73b011

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 22:38:22 GMT
content-encoding: gzip
via: 1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 18:37:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 61214
x-amz-server-side-encryption: AES256
etag: W/"4f392753ed293a648f9ee43ae26aab8a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: GeoKzlWpCGefAxxiQyh0JGaiiz4JivM_XUjBht4munwKp1ZZlluOxA==

GET
H2 200 1015f49f36c26dd0963e.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 33 KB
11 KB 75ms
71ms Script
text/javascript 2600:9000:26fa:dc00:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/1015f49f36c26dd0963e.discovery_plugin.chunk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:dc00:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1c47b530099b2d4785e3e97e6d84c67a1fef2563fe7499715948fd060a80e68

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 22:48:22 GMT
content-encoding: gzip
via: 1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 18:37:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 29456
x-amz-server-side-encryption: AES256
etag: W/"d2864425b91c12c5964886492143258c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: M5xIRxhqkuSB4c3djuehw3fZkPdkbVThigNq77k5DtaQAsjKDc8VLw==

GET
H2 200 d58c17a2c028150554d8.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 20 KB
7 KB 77ms
74ms Script
text/javascript 2600:9000:26fa:dc00:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/d58c17a2c028150554d8.discovery_plugin.chunk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:dc00:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6ea2cc680ddc0c887c4929857d7747a9b4299bb617397f242b010f28a62b4da

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 22:29:59 GMT
content-encoding: gzip
via: 1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 18:37:14 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 62789
x-amz-server-side-encryption: AES256
etag: W/"d430d2b6de792e33f47bbeda0b3cefa3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FUPH-bxMr_KDqxNDII9e2lB9xlWJLqVvYzw4cCUvrhoen8cVaAldvw==

GET
H2 200 cdd9f363fb47df01d098.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 19 KB
7 KB 78ms
75ms Script
text/javascript 2600:9000:26fa:dc00:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/cdd9f363fb47df01d098.discovery_plugin.chunk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:dc00:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9975060916a688b50ea9378b46c9c0ee116843ec8d4752d0a9fccb08d31766e4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 22:48:22 GMT
content-encoding: gzip
via: 1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 18:37:14 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 29456
x-amz-server-side-encryption: AES256
etag: W/"511c6f35a3e69aa721d3e8521d5759c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _lVHbuRri8sT2Yv2OdyjMLjfC7-EzJex9_VDLZikbqYfos_G-Eftcg==

GET
H2 200 176d2042122838c785c9.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 61 KB
10 KB 81ms
79ms Script
text/javascript 2600:9000:26fa:dc00:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/176d2042122838c785c9.discovery_plugin.chunk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:dc00:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b70f4996d1e5b8428d4b9c55db717d009ccb718e72ff18bb34e64ecc3a524e49

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 00:36:49 GMT
content-encoding: gzip
via: 1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 18:37:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 63440
x-amz-server-side-encryption: AES256
etag: W/"12309a8412e8f6686bbc39bc9063c5cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 85EfNKT5YUU5eEJh2FsqydT04tKoyI2fz-U3-C17O6mJcRD7SgoeBQ==

GET
H2 200 target Show response
www.civicscience.com/widget/api/2/ 1 KB
1 KB 71ms
70ms Script
text/javascript 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/target?target=697&instance=4975cdfb-f5d1-3674-a102-b0dfe3b22e02&context=%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&mv=5&_=1718507910092&callback=jsonp_1718507910092_50041
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: b9e158123f5d70a22c1cb11efe8d5f43217dc38d0b0663157e1af66e4dc142b9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript;charset=UTF-8
date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR IND UNI"

GET
H3 200 onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 43ms
33ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 02:04:31 GMT
content-encoding: br
age: 609239
x-guploader-uploadid: ABPtcPosUQOxuMNVTeulzwg86glJPgs0j2qXgI-q2uly2BaMdyLCPqRzrJ9ckVu_ftVu8Aw62pJbnvnN9g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5003
last-modified: Thu, 06 Jun 2024 18:53:38 GMT
server: UploadServer
etag: "7ff99b6f1cea743cef749de91009e764"
x-goog-generation: 1715283867392885
x-goog-hash: crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 5003
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 ads-v2_ababbfcac9b56e701d1f877082b16c1d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 174 KB
38 KB 44ms
35ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_ababbfcac9b56e701d1f877082b16c1d.br.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a89014356bcf19f60182edae35da2645b5edcf20c541fa30810bcd6968213c5c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:11:54 GMT
content-encoding: br
age: 212796
x-guploader-uploadid: ABPtcPpYkrBl8-s-ABEq2SjKWZ5iufkSNSCEKF91TLwQnTOtpm-wQCzgiAHDDWWALoKM5_cAhTU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39323
last-modified: Thu, 13 Jun 2024 16:11:47 GMT
server: UploadServer
etag: "38837cbc2268f43fa2e6e8f5a8c33fe3"
x-goog-generation: 1718295107414597
x-goog-hash: crc32c=p/FIng==, md5=OIN8vCJo9D+i5uj1qMM/4w==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 39323
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 97e6707556e8c9a5b90a65d8033fa046.br.json Show response
assets.bounceexchange.com/assets/gam/207845991/ 54 KB
13 KB 73ms
38ms Fetch
text/plain 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/gam/207845991/97e6707556e8c9a5b90a65d8033fa046.br.json
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_e3c047536bdaca2c8911cb1f6f6d8aa7.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a59150fba1c64789ac1e0bad98fa1db48fe0f5fe8eba74cc0e51d9d1c2ab69ab

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 18:05:25 GMT
content-encoding: br
age: 119585
x-guploader-uploadid: ABPtcPq4nTbOqerctqlnw6W3DZR47YVHwlb3JCvTIXyFMdyw8wdNZOzldgp7K2xt-X4n3_6V5Hg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13209
last-modified: Fri, 14 Jun 2024 18:03:18 GMT
server: UploadServer
etag: "609293f558178fafcbccc291ab49980a"
x-goog-generation: 1718388198283722
x-goog-hash: crc32c=vT6HMg==, md5=YJKT9VgXj6/LzMKRq0mYCg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, etag
cache-control: public,max-age=31536000
x-goog-stored-content-length: 13209
accept-ranges: bytes
content-type: text/plain; charset=UTF-8

GET
H2 200 jot
www.civicscience.com/ 0
0 57ms
57ms Fetch
text/plain 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=1799450380.2391080898&n=1&s=poll&t=resolved&d=%7B%22target%22%3A697%2C%22instance%22%3A%224975cdfb-f5d1-3674-a102-b0dfe3b22e02%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A0%2C%22cy%22%3A18%2C%22otarget%22%3A697%2C%22pin%22%3A%22%22%2C%22pinMode%22%3A%22enabled%22%2C%22isMeta%22%3Afalse%7D
Requested by: Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ 33 KB
12 KB 124ms
53ms Script
text/javascript 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 16 Jun 2024 03:10:08 GMT
server: cloudflare
age: 285
etag: W/"da2426-856b-61af92fa80725"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 8947a7278f6774b4-MIA
expires: Sun, 16 Jun 2024 07:18:30 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 199ms
60ms Ping
image/gif 54.82.243.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=GL0P9KPeEMnyDeiU&instance=038827&version=7.32.20&age=240616&cmd=PRE_INIT&key=vIM6lqgG&seq=1&order=1&vIndex=0&absoluteTime=3510.4&relativeTime=0.2&type=stnplayer&canonical=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&EXTREF=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&REF=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.243.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-243-165.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 212ms
80ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4e544b010077ceacf159dfdf566b37d06f8ab3c151e9561720e392b8f1ea38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 03:00:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jun 2024 03:18:30 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 212ms
81ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 03:18:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jun 2024 03:18:30 GMT

GET
H3 200 OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 20 KB
5 KB 126ms
76ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1494715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4023
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-4e34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1UAF6%2FXcKj71OPKKg6q5RrLZBDcYLDTxe9e8%2B72iAoTpNckv1Lua%2FsQpsUFjbbmy%2Bq71HdGw%2B9ruBrdm4QVXtGrws900iDzKU4kVunpwgDapfUxXccY5zk0UTdxs1bAZ9mKQOIe8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8947a727ab2fb3c5-MIA
expires: Fri, 06 Jun 2025 03:18:30 GMT

GET
H3 200 OverlayScrollbars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 209E 53 KB
21 KB 86ms
44ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 804236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20502
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-d208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GONCuy%2B2t8C4qzCtYfDx%2BtlipjjxQ%2BC4XgvqOd0vkZsi%2BAEZXOFa%2B1vuRmAgtnXuQdOmApCvVGfoCnfrfrrt7BXmPN9uvI78FchlbiHTqh8rJZttvSaOPI%2B3VYJGtS9Lt5KFtdDd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8947a727ab30b3c5-MIA
expires: Fri, 06 Jun 2025 03:18:30 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 402 KB
138 KB 264ms
84ms Script
text/javascript 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc6f944ee53b7874d4811c2365cb731b1c48a71fc99a28b9dd592c96a4a05bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141204
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:30 GMT

GET
H3 200 prebid.js Show response
embed.sendtonews.com/library/prebid/8.30.0_inline_mm/ Frame 209E 672 KB
181 KB 59ms
59ms Script
application/javascript 108.138.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/prebid/8.30.0_inline_mm/prebid.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-50.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38decf7df40e0a2697b2927061b78a370efee2059686085c39a16e146aaf5a9f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: OP7BCyIJnYO8CnRqE68D04QaNM6AyJRt
content-encoding: br
via: 1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
date: Sat, 15 Jun 2024 06:08:06 GMT
last-modified: Wed, 20 Mar 2024 18:41:02 GMT
server: AmazonS3
age: 76225
x-amz-cf-pop: JFK50-P3
etag: W/"fead0eb3720e3154635b447c5433485b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kW-nqAyuBCIn-DeVYlG37Tqf7lMTquROm20fhN7dpYm7PKxGv1Rh9Q==

GET
H2 200 IIQUniversalID.js Show response
mp.mmvideocdn.com/mini-player/ Frame 209E 95 KB
22 KB 251ms
71ms Script
application/javascript 2600:9000:266a:3c00:e:8add:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.mmvideocdn.com/mini-player/IIQUniversalID.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:3c00:e:8add:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ccbcfe685f4f66143fb324f2d6cea6d2baf0ff52a8afc5ed8d48b73af008add6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 05 Mar 2024 14:34:51 GMT
x-amz-version-id: 0nXcCK5qjvqTItgKck8QiVa7Hp18P0cZ
content-encoding: br
via: 1.1 282af6dbb4c478f6651ee2a13940179e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
age: 8858620
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Jan 2024 15:00:45 GMT
server: CloudFront
etag: W/"e30204734fdbefbad4bf9494c129f740"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, no-store
x-amz-cf-id: __GsDI8Za3oYG1BkTTeCzN6LA1CU-4mRns0vbgFZAdnj8eYdUDfHXg==

GET
H2 200 ppid.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 133ms
47ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ppid.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f49d9b3fc829256e2646a160cb393e1e32a0264930821fca464014a116dfb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jun 2024 20:12:00 GMT
server: cloudflare
age: 370477
etag: W/"6668af90-424c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8947a727fb96a575-MIA
expires: Wed, 19 Jun 2024 03:18:30 GMT

GET
H3 200 comScore.gt.min.js Show response
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame 209E 335 KB
59 KB 60ms
60ms Script
application/javascript 108.138.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-50.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding: gzip
via: 1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
date: Sat, 15 Jun 2024 09:12:54 GMT
last-modified: Thu, 13 Apr 2023 16:36:13 GMT
server: AmazonS3
age: 65137
x-amz-cf-pop: JFK50-P3
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Csi0SHFwOhyRb6vkUq-ujZ_KXp3Sjq4uVa5uEpxW5T9EejmBPXoF_Q==

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 1 KB
1 KB 235ms
58ms Image
image/png 18.164.124.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:03:22 GMT
via: 1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 72909
etag: "cb93bb50e5d021cc38de445a672c18a2"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: 9GGaC-MR4JhdmyfqgMalHcHncKuvL3y7z3UxbzQVfLD_daXHo-QelQ==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 322 B
637 B 235ms
59ms Image
image/png 18.164.124.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:03:22 GMT
via: 1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 72909
etag: "311cf2edc46e82f2a6911332b7db54e1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 322
x-amz-cf-id: FCIsFIUGG8zsbLXs3IgsO44D9JHqv2sXDdPb143ynaBPYlzLiqgi7Q==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 832 B
1 KB 236ms
60ms Image
image/png 18.164.124.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:03:20 GMT
via: 1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 72911
etag: "8be584e844dabfe22970a0cb943c047e"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 832
x-amz-cf-id: Zcxi1hOjO_9jHR-7s1pKa_EVq-qmwQK3OJdPJzJranuLzk5WXBJ_IQ==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 773 B
1 KB 236ms
61ms Image
image/png 18.164.124.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:03:22 GMT
via: 1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 72909
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 773
x-amz-cf-id: W4AljNjWDldO1wg0iTJBxyH_xG2Ymy5XqLGaJnpDky_9p0ZBx-Ysiw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 209E 308 KB
76 KB 292ms
69ms Script
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89417b7e7e602e0e469946d8971f4a48d69e6511d2755b5933d95260f9771529

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 02:59:01 GMT
content-encoding: gzip
via: 1.1 ddeb8679359f033dad405557c487bfdc.cloudfront.net (CloudFront), 1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2024 21:55:25 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 1170
x-amz-server-side-encryption: AES256
etag: W/"e80b397feb40163ad02c947203471e29"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: NBCTm6cXKYz9H3yXVM0qeD31yWNz-CdanJ2IVlBJzBuZ_oaoHQckgQ==

GET
H3 200 data_read.php Show response
embed.sendtonews.com/player4/ 37 KB
7 KB 158ms
158ms Fetch
text/html 108.138.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=GL0P9KPeEMnyDeiU&instance=038827&version=7.32.20&age=240616&ESG_key=vIM6lqgG&type=FULL&EXTREF=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&REF=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&ogSet=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-50.jfk50.r.cloudfront.net
Software: Apache /
Resource Hash: ade94da0fbdd2afc8439d9201597967358f4063f98c089c1186f7c05c36072fc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
via: 1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
alt-svc: h3=":443"; ma=86400
content-length: 6144
x-amz-cf-id: 2gUdrww_lbwLp3-AdXsKuGwwpS5ZA_nalGsn8zKM2lBrNcsImz9ITA==
expires: Sun, 16 Jun 2024 03:18:31 GMT

GET
H2 200 target Show response
www.civicscience.com/widget/api/2/ 951 B
720 B 92ms
90ms Script
text/javascript 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/target?target=3c059610-d0fb-87f4-a925-25a361f2f72e&instance=civsci-id-599317404&context=%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&mv=5&_=1718507910365&callback=jsonp_1718507910365_64237
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: 386091e2eab50e4f8599e7fd1af4ecd0d25afe596ece27e58a48878f8a122b86

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 en.json Show response
cdn.civicscience.com/jspoll/5/locales/ 8 KB
8 KB 292ms
133ms Fetch
application/json 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.civicscience.com/jspoll/5/locales/en.json?pv=5.4.24
Requested by: Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1483ad1f88a63620e340e12810771ffaa2060d938c962f5ad4323316ecd7907

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
via: 1.1 c06dccfbc9bb974276058f2bb42421ea.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:55 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
etag: "d84bddc8cd1b0f7cd6b797bb61e78c20"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
content-length: 8048
x-amz-cf-id: N0AAQvWxprcDNPLEETx6xJQnFsEu6cf2dtG37y7XBuUAOdKbc777aQ==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
69 KB 82ms
80ms Script
application/javascript 142.250.65.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDMH9T6&gtm_auth=QzlUjhMy0COR5MgCC_1Cyw&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d6f1a4d20fd8c9a46d89a5d1dbc3ead5e33a31933a05c99604b098d03133e862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70140
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4e1251346db872331a84.powered_by_evvnt.png
discovery.evvnt.com/prd/images/ 17 KB
17 KB 71ms
71ms Image
image/png 18.173.219.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discovery.evvnt.com/prd/images/4e1251346db872331a84.powered_by_evvnt.png
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.219.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-5.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37d44df61428260da98324576010ebd04c0d5a1ce6774bbed15bbfbdfc141a0c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 18:37:27 GMT
via: 1.1 a7c9fe7eb79f698774d5b4dbc632cf68.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
age: 31263
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17440
last-modified: Tue, 04 Jun 2024 18:37:14 GMT
server: AmazonS3
etag: "097fd79365bc9c17a0b1ec1596d8c8b7"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age= 31536000
accept-ranges: bytes
x-amz-cf-id: Y-IvV9RxJLBb9IfrRFzKadm5z9IqkRoQ3Mg3xoYhuZs7BJHziNv7Gg==

GET
H3 200 widget_events Show response
discovery.evvnt.com/api/publisher/590/ 155 KB
23 KB 70ms
70ms Fetch
application/json 18.173.219.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/api/publisher/590/widget_events?hitsPerPage=30&multipleEventInstances=true&publisher_id=590&widgetNumber=30
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.219.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-5.jfk52.r.cloudfront.net
Software: / Express
Resource Hash: b1ae86c573ab73a2175b2360b85aaa3c722bf1cef18920e5f5eaca4256f3fee7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:07:41 GMT
content-encoding: br
via: 1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
age: 649
x-amz-cf-pop: JFK52-P1
x-powered-by: Express
etag: W/"26d77-9oEUyfwCSnyWa50ZHzOM1uUVIdU"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=900, stale-while-revalidate=900
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: iuYqvBbOPtX79uEbvm93RAPB1ZMCQHbiiDAQOpiPZTrbdcciB7XxPQ==

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
300 B 204ms
79ms XHR
application/json 44.208.97.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.208.97.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-208-97-87.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
date: Sun, 16 Jun 2024 03:18:30 GMT
access-control-allow-credentials: true
server: awselb/2.0
content-length: 2
vary: Accept-Encoding
content-type: application/json

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
594 B 177ms
57ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: dc7a702cd54df304f322f5e65b4c0d2b310a53e89c298a5d897095b820902315

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Tue, 16 Jul 2024 03:18:30 GMT

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
306 B 155ms
75ms XHR
text/plain 34.107.165.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.165.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.165.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 7789 0
0 101ms
32ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 1204297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Sun, 02 Jun 2024 04:46:53 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Thu, 30 May 2024 14:18:28 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1717078708733378
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: ABPtcPqyXrXnNwnbEyJhxA19mmepxLcY1MfzdDngw6aRVD22z9czr7QFbpk2qiZ9O4GaN2nOy50myhGapg

GET
H2 200 jot
www.civicscience.com/ 0
0 58ms
57ms Fetch
text/plain 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=1390087491.2740283226&n=1&s=poll&t=resolved&d=%7B%22target%22%3A3405%2C%22instance%22%3A%22civsci-id-599317404%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A30%2C%22cy%22%3A6223%2C%22otarget%22%3A3405%2C%22pin%22%3A%22%22%2C%22pinMode%22%3A%22required%22%2C%22isMeta%22%3Afalse%7D
Requested by: Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/5/csw-polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 190ms
61ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 18:00:31 GMT
x-content-type-options: nosniff
age: 292679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 18:00:31 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 209ms
80ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 18:04:15 GMT
x-content-type-options: nosniff
age: 292455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 18:04:15 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 55ms
55ms Ping
image/gif 54.82.243.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=GL0P9KPeEMnyDeiU&instance=214038827&version=7.32.20&age=240616&cmd=GET&key=vIM6lqgG&c_id=6108&seq=1&order=2&vIndex=0&absoluteTime=3945.3&relativeTime=435.1&type=stnplayer&canonical=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&EXTREF=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&REF=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&playerCfg=BR&playerType=BARKER&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.243.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-243-165.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 hb2lc62pbjlvcti94tzw132y4durum24.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 28 KB
28 KB 259ms
141ms Image
image/jpeg 18.164.124.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/hb2lc62pbjlvcti94tzw132y4durum24.jpg
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afac95ff92685ed7c73397ea600962bbe626f20b9222ed69fe3dfb588686499a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28558
last-modified: Sat, 15 Jun 2024 06:20:18 GMT
server: AmazonS3
etag: "0ccf241990de9730f4be9c50df6d2d4a"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 11ZHliR4CLMxxFYTmLKFmpuiZRw_NPUM7Ep2uywd1Ig4IQTIzo0LCA==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 55ms
55ms Ping
image/gif 54.82.243.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=GL0P9KPeEMnyDeiU&instance=214038827&version=7.32.20&age=240616&ldt=API&key=vIM6lqgG&c_id=6108&seq=1&order=3&vIndex=0&absoluteTime=3951.3&relativeTime=441.1&type=stnplayer&sm_id=3683614&visiblestatecd=O&soundcd=OFF&alt=0&sC_ID=4731&load=1&status=DVFNSNOY&ac_id=2010&api=float&float.float=true
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.243.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-243-165.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 0_7.29.5D.js Show response
player.sendtonews.com/bidderFiles/ 4 KB
2 KB 211ms
58ms Script
application/javascript 108.138.106.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/bidderFiles/0_7.29.5D.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-33.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6c169dbf34be0654a382729b525a36d66d224d217b7304ee98f60b5e2855141

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://embed.sendtonews.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DG7VdSjLO9QYldP.wpgsjonv8VAEuGHw
content-encoding: gzip
via: 1.1 f638767bb567304644b370360b61ed30.cloudfront.net (CloudFront), 1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
date: Sat, 15 Jun 2024 08:04:11 GMT
x-amz-cf-pop: IAD61-P3, JFK50-P3
age: 69260
x-cache: Hit from cloudfront
last-modified: Tue, 09 Jan 2024 22:43:09 GMT
server: AmazonS3
etag: W/"0ed2a0e0564292e4148668aa0dd61b76"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id: FcaTG_GkzCulUVx7tm0Z6EhndN_sOv8R-1oy37iHcneH9svkM0Um9w==

GET
H3 200 data_read.php Show response
embed.sendtonews.com/player4/ 3 KB
2 KB 89ms
88ms Fetch
text/html 108.138.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=GL0P9KPeEMnyDeiU&instance=214038827&version=7.32.20&age=240616&ESG_key=j4Octnn5&type=FULL&EXTREF=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&REF=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&ogSet=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-50.jfk50.r.cloudfront.net
Software: Apache /
Resource Hash: a7df8397989bd64872d168997c35c2a529ca825b87b897ca6c4351d8ee0d2843

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: gzip
via: 1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
alt-svc: h3=":443"; ma=86400
content-length: 989
x-amz-cf-id: 59lrfUd9hURi2Z9q2WBe47kslycH12nYjLqwLst3vyrH7Gt8TpxxoQ==
expires: Sun, 16 Jun 2024 03:18:31 GMT

GET
H2 200 featured_BossLevel_sq_mur.webp
cdn.prod.mktg.evvnt.com/uploads/event_image/2175107/event_image/ 8 KB
9 KB 383ms
211ms Image
image/webp 2600:9000:26fa:a400:8:4487:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.mktg.evvnt.com/uploads/event_image/2175107/event_image/featured_BossLevel_sq_mur.webp
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:a400:8:4487:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a05f9ca31cb57578e6200a42d680ff324682d2e0c0e78da2dfeda2140f42153

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 23 Mar 2024 14:52:55 GMT
x-amz-version-id: LFEVJeScxamOYlSpF2onzxE4jaOWpUUc
via: 1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 18:05:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 7302336
etag: "e3d6c7181138ad8277636dc7b36bdcdc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
content-length: 8464
x-amz-cf-id: nqo9vsoNJS7BXdeNTeJjpl4L4yqn1w5-vNmxWjxY8bbl_vYB08FHjg==

GET
H2 200 featured_Bachman-FB-4.webp
cdn.prod.mktg.evvnt.com/uploads/event_image/2305521/event_image/ 21 KB
21 KB 235ms
64ms Image
image/webp 2600:9000:26fa:a400:8:4487:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.mktg.evvnt.com/uploads/event_image/2305521/event_image/featured_Bachman-FB-4.webp
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:a400:8:4487:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66a1f8600190f0d61de992407b1f19f713810f1b1c6d573089c07a25477c80a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 20:41:20 GMT
x-amz-version-id: AjYPBQ0DlCSTXKs4pKF1oHUtTbIvJCNE
via: 1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
last-modified: Fri, 31 May 2024 21:04:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 1233431
etag: "b41954e0f0ce15bbdba516badbee3923"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
content-length: 21356
x-amz-cf-id: 5KwirIkzNx-6STq_f9ZNJOvc2x5IOhk0pGIcOyzo2_4BSKxuQ8GyoA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
96 KB 77ms
76ms Script
application/javascript 142.250.65.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-12M2XZC8V4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDMH9T6&gtm_auth=QzlUjhMy0COR5MgCC_1Cyw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dfe92655b5b80e6c14a402eb69200bce796fdb22f0c06fdb7dbdb96fe6b311a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jun 2024 03:18:30 GMT

GET
H2 200 en.json Show response
cdn.civicscience.com/jspoll/5/locales/ 8 KB
0 0ms
0ms Fetch
application/json 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.civicscience.com/jspoll/5/locales/en.json?pv=5.4.24
Requested by: Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/5/csw-polyfills.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1483ad1f88a63620e340e12810771ffaa2060d938c962f5ad4323316ecd7907

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
via: 1.1 c06dccfbc9bb974276058f2bb42421ea.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:55 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
etag: "d84bddc8cd1b0f7cd6b797bb61e78c20"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
content-length: 8048
x-amz-cf-id: N0AAQvWxprcDNPLEETx6xJQnFsEu6cf2dtG37y7XBuUAOdKbc777aQ==

GET
H2 200 Community_ads_-___300_x_250_px_.webp
cdn.prod.mktg.evvnt.com/uploads/promotional_asset/image/74/ 118 KB
119 KB 226ms
123ms Image
image/webp 2600:9000:26fa:a400:8:4487:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.mktg.evvnt.com/uploads/promotional_asset/image/74/Community_ads_-___300_x_250_px_.webp
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:a400:8:4487:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cecf419eb9c068b6a4da39eb0e34613c07cded242400eb97467da889de2b6ab9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 23 Mar 2024 14:42:22 GMT
x-amz-version-id: YvCoG0VgD9grJ5jZTQnNPIPlTAaynhbb
via: 1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 14:04:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 7302969
etag: "4da0c8a357d5728d1f308ea6f47c14d1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
content-length: 121114
x-amz-cf-id: JjN5LYHiz6iWLQmMLjPWwHV7tQ0pD2Vp6eFmQ7_B1PE6wClnighb5w==

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 15 B
40 B 121ms
121ms XHR
application/json 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
x-xss-protection: 0
expires: Sun, 16 Jun 2024 03:18:30 GMT

GET
H2 200 361603016121467666d32ce705c22.84660816playlist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 303 B
873 B 136ms
136ms XHR
application/x-mpegurl 18.164.124.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/361603016121467666d32ce705c22.84660816playlist.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 248c4fe6809000f8733491af1d1030629071dd35a9ec6613a8e1df244cad725d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 303
last-modified: Sat, 15 Jun 2024 06:21:47 GMT
server: AmazonS3
etag: "3a587390e0736b2a87984e1137175259"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 1cvUb_Fdh00HoJjYTSxei5CgRe7ysrheGKaBN0WoMVzQ3z5pGbsrgQ==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 55ms
55ms Ping
image/gif 54.82.243.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=GL0P9KPeEMnyDeiU&instance=214038827&version=7.32.20&age=240616&cmd=IMA&key=vIM6lqgG&c_id=6108&seq=1&order=4&vIndex=0&absoluteTime=4131.2&relativeTime=621&type=stnplayer&EXTREF=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&REF=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/&playerCfg=BR&recoveryMethod=NONE&imaVersion=3.646.1&blocked=false&recovered=false&hasAdParams=true&imaAttempt=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.243.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-243-165.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 bridge3.646.1_en.html
imasdk.googleapis.com/js/core/ Frame 56AD 0
0 187ms
62ms Document
text/html 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.646.1_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 280385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 256657
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jun 2024 21:25:26 GMT
expires: Thu, 12 Jun 2025 21:25:26 GMT
last-modified: Wed, 12 Jun 2024 21:22:21 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 216ms
75ms Script
text/javascript 2607:f8b0:4006:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 03:18:31 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5CF3 40 KB
14 KB 60ms
59ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 02:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13943
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 16 Jun 2024 03:50:13 GMT

GET
H2 200 csw-frame.5.4.24.js Show response
cdn.civicscience.com/jspoll/5/ 4 KB
2 KB 186ms
61ms Script
application/javascript 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.civicscience.com/jspoll/5/csw-frame.5.4.24.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53944826d87b2ae7dd3972d86f3ec63c40c85f45ab802c42ca1b5dc5b0b84841

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 14:37:45 GMT
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 45647
etag: W/"0bfb6edb31c3db8e756a3342355566f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: lrhqCSp1zqJKdobKsA8HMb9ceaAnMWB8v38T_qpaSlFad4jJSxERsQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 209E 6 KB
3 KB 205ms
87ms XHR
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: bZRHbOIlPArXmLMfDzt5a5Bn0hTVsIWTY0FLjCZhBJphlfdjtAXecA==

GET
H2 200 6c3f03cd-6fa8-4477-ac05-2c0f4f8da092 Show response
config.aps.amazon-adsystem.com/configs/ Frame 209E 563 B
829 B 192ms
58ms Script
application/javascript 108.138.106.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-70.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 96233ad096f801ed1be61fd9e1e0f2300d0f8a78c13cbf8d59c7ea85d3104866

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:12:25 GMT
via: 1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 366
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: 33uGbkgVVO9BkSf3PKqt2dbMAyTFx5Ef78tUcuBQCagWNhhbjAVxVw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 209E 2 KB
2 KB 71ms
71ms XHR
application/json 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: fcd544f5f46f7768e47ba49da112aa5d98404e96c786d36cb45c716f7d45a561

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:30 GMT
via: 1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1764
x-amz-cf-id: fT-lHLH3xCsth7PEjgNmcHQdNIEmoJc_iuwCbaLF4OAlJXsv_nnLuA==

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 3 KB
2 KB 169ms
86ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=548&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHZ8AOAVgAZCBOffCuzYALxCgDYKLMB3AUwBGOVMD4B9VABMoAZhnUSmAE58cIADZw0GApwoAPfACYuyvjD5KVSqNgCG69agQBzMXCXqoAC2DAADjgApDIAgkFGAGIRkQC2qFYgSgC0OMB2SADWAHQCsQCOYEguPMz+ktlwOMl8dmnJRtl86nVoSAK1CGkOOUggsTGYAG6owsBifSCZqHxQQYQAQhFG6v7LIeFGRr4BwUZkYRFkUUdR8Ykp3Vm5BUUlZRVVNa0NTS1pqO2d3eq9-afRLYRADCyyU60OQKBhAAItgQFMZnNFstJFIIZsjDJCAAWdhY-A4kjEGQMCjsMg0dZGUFbEaSDFEUiUGj0BQyHFkHHzOFDOxKHAAbUkMH8YiUAnUICyAF0oAgQOMVHZJABPYb8oX0vggMQjYSSvhymAOHB8DUCwXa3X+Fqq5wuY2m82TabiUC6lpKFyzE3qM2YAT+KDcPgBKCCmWYfzAPDw2K21B2ZDiGAtFy2IbeOxQIA
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 575c495c2f29e05efa11b5fcf472e4cd5a63ef7ba9f404460434fffc1d02d9b9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:31 GMT
content-encoding: gzip
x-envoy-decorator-operation: legacy-api-tier1.legacy-api.svc.cluster.local:80/*
last-modified: Sun, 16 Jun 2024 03:18:31 GMT
via: 1.1 google
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 23
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 361603016121467666d32ce705c22.84660816base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 713 B
1 KB 184ms
182ms TextTrack
text/vtt 18.164.124.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/361603016121467666d32ce705c22.84660816base.en.vtt
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e3c36359d0ec20dd525d3d88079caf97811953d34c2ddb75e04d5d489f0db77

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 713
last-modified: Sat, 15 Jun 2024 06:22:25 GMT
server: AmazonS3
etag: "50d450c66334a039137d463db40d9090"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: text/vtt
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges: bytes
x-amz-cf-id: UXza58BvkB3kAWhvYGyxtjvu5qllY9Ljjjof1IPBk3Xa-kcMSzBqAA==

GET
H2 200 questions Show response
www.civicscience.com/widget/api/2/ 1 KB
931 B 285ms
285ms Script
text/javascript 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/questions?target=697&instance=4975cdfb-f5d1-3674-a102-b0dfe3b22e02&context=%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&mv=5&_=1718507911019&idx=0&backupAlias=local%2F3987217005.2568836703&callback=jsonp_1718507911019_38428
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: c64ff2bafde456b1f4e622adf2a7c3ee4d2c7ed2a96aa953b0f419fbe236e3bf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
content-encoding: gzip
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 361603016121467666d32ce705c22.84660816.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 342 B
912 B 80ms
80ms XHR
application/x-mpegurl 18.164.124.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/361603016121467666d32ce705c22.84660816.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 010822c1a82b3f24bb53c64dece0d88d36790bdfcf82e284cb41145edcb6cc38

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 342
last-modified: Sat, 15 Jun 2024 06:21:47 GMT
server: AmazonS3
etag: "75334382098ae0f2b2499571e08eef82"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: J6qtOW5Bk5hYBx3lsBlPsb6cQh1mKdPejxEONACyw09zk1tCYVIbfQ==

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 76ms
75ms Fetch
text/plain 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-12M2XZC8V4&gtm=45je46c0v873737409z8857454493za200zb857454493&_p=1718507907879&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=823291055.1718507908&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718507911&sct=1&seg=0&dl=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&dt=Home%20%7C%20TribLIVE.com&en=page_view&_fv=1&_ss=1&tfd=4327&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12M2XZC8V4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jot
www.civicscience.com/ 0
0 58ms
58ms Fetch
text/plain 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=1799450380.2391080898&n=2&s=poll&t=viewable&d=%7B%22target%22%3A697%2C%22natures%22%3A%5B%22question-reporting-enabled%22%2C%22compliance-first%22%5D%2C%22instance%22%3A%224975cdfb-f5d1-3674-a102-b0dfe3b22e02%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A0%2C%22cy%22%3A18%2C%22comp%22%3Afalse%7D
Requested by: Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 209E 54 KB
17 KB 256ms
58ms Script
application/javascript 23.201.174.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.174.84 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-174-84.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sun, 16 Jun 2024 03:33:31 GMT

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ Frame 209E 16 KB
6 KB 48ms
47ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 684eb7f5943ee1b4635fa80766c33b94b0468838e94ff7b4cbc1e9ca6b138dcd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jun 2024 20:11:46 GMT
server: cloudflare
age: 370489
etag: W/"6668af82-4037"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8947a72cba79a575-MIA
expires: Wed, 19 Jun 2024 03:18:31 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame 209E 56 KB
12 KB 122ms
38ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&ref=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&_it=amazon&partner_id=454
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNMNHQXA94JVW78
age: 13
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 8947a72d3aaadac9-MIA
x-amz-id-2: FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
expires: Fri, 21 Jun 2024 03:18:31 GMT

GET
H2 200 361603016121467666d32ce705c22.84660816-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 461 KB
462 KB 159ms
159ms XHR
video/mp2t 18.164.124.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/361603016121467666d32ce705c22.84660816-00001.ts
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1874f4047ddd46cd610b128f9d39a22263514c68cc2f70a081cc6bd2f63ff402

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 472444
last-modified: Sat, 15 Jun 2024 06:21:42 GMT
server: AmazonS3
etag: "873d90f931046e528fda0151bcdc272f"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: IJSHzE48tAdzsxqCS-N_HSEdWaf4SPaA67Yd_4tE7RawDSEQy7ClCQ==

GET
H2 200 ixmatch.html
js-sec.indexww.com/um/ Frame 4F34 0
0 108ms
46ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 589
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8947a72d78a8a582-MIA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 16 Jun 2024 03:18:31 GMT
expires: Sun, 16 Jun 2024 07:18:31 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B82C 0
0 195ms
58ms Document
text/html 23.56.163.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=167644
content-encoding: gzip
content-length: 5492
content-type: text/html
date: Sun, 16 Jun 2024 03:18:31 GMT
expires: Tue, 18 Jun 2024 01:52:35 GMT
last-modified: Wed, 05 Jun 2024 06:37:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 96A3 0
0 251ms
61ms Document
text/html 23.47.170.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-170-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Jun 2024 03:18:31 GMT
ETag: "28052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 contextual Show response
contextual-analytics.wunderkind.co/api/ 99 B
299 B 191ms
112ms XHR
application/json 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://contextual-analytics.wunderkind.co/api/contextual?url=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&website_id=3398
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: a0664e990cd11b5424359189a98d6a4999f20e455d1cd1423344ab4827cd5fb2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: */*
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
date: Sun, 16 Jun 2024 03:18:31 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99
content-type: application/json

GET
H2 200 visit
events.bouncex.net/track.gif/ 42 B
215 B 59ms
56ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJalUWItYdAGUUADMUJBAneld3VQAyUAgYJAQK5A6kHBbwKGgKPh40U3QEWCRSHDTISFNhanrjGno6NboskCRMpABaMEgURMYbLIBHACt4tAEiU15GeH2EFCP96kYECiOQeJsb0wRxQpAijHi2U2tH6bWgHTABFIsEgIAImF0OEkqmYzFhgwRSJRaMwAE8sTo8a1BvF4JBssBqiAUDZLGAcJQXNpqLwKqYAPpIVkERI0ajyVbUaiYAiQQVvXiksUhMWgXgIAj86ms3LiuSS6hVUiIZXUUJStUa-kWFCk0bK-Vio0mqWcgAi+JgkIIERACA5XLFvBAvAdBtc6lU1DkknUAA4XJI5MxpKp6C4AJym83UNVhySJuP0ZiZyRluTqZjFlVSirASD5wvF0uSGvUFAEMMlHOkUxhsVzBZLFbQ6HbXYEA4g07na63e6PZ5gV7vSCfb6-VEAoEgsEQqHLDaus1i95dtvAUzAfNt0Oux1Su-ik9SpD94-PnPxeuNyRFksZmWbYQE+Er7K2L7UGg8RvvexgZlmkFZOekGkD+cEFn+zaARBObXnBnJKC4bruk08DIBM2DQDYmRCMgODpJkORkYgqAYFRwDIBA6IUoUMj8SxFHsTANqQBUk5ZDgKj8EIUh4uRbFYDA6qgPECCQKSpj+uqYARPSphNLSRzZMg0BpO8kKYJxSCQAgvA4HiGAENAkKwNgSCkpC6o4AAqqUTROS5BBuZAHleQgci+aUxgBRqQUhR5mAoDkvmYFAdlsKUxy2WAsXOR0aAkjgtABHl8IIIV6JJSltCkJOIYoGV8RQOSeDMtsZWmAQu7hTgcjJn+TXoqimBKb1IgxVkBDeXiAi2G0CAhn1cgZnGnpLZh-4tkmlbFk0Kn-It9kRlGMbxomA3MGmmZNOMGCgAgAgbU0iAXLAWBqUteLxOESmojkIJZKYWJNgBZaSBmciGb92AoKYIDWdxmA4McaBQwdak4LwTSQGkOy8Na1QafyxmKfywZgCylj2c6CA40QBA4DieKIlMmNzTYTSUbgClAA
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:31 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 pageview
events.bouncex.net/track.gif/ 42 B
108 B 60ms
57ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NAtjKqgPaoC0huIAxgNYA6AEYMAjgCteYeAC9gAE0HJCHCCG4cqgiOg24YvYeoB23EOiG9WDegDJQkWAkS8VuG1BCoYIYeghCTGIAdgAhaioFADNgAH1Uf1YBSLJKKioTVlwE9QUAT1SqAGFI2AUIVjjYQhh-CFSKSOiLQgaM6lKM8sq44D18mBMwRvSqFvQ21JCAEQdwaDgka1Z+OFrZCEwqABYqeacl1xAsk0MLHHwiNPp6JhZ2Lh4BEXEpGXklFTV9LR09biGYwncyWQTWWy0A6LFwrNYQOIeKp6VCQTATNrQ5zLVirOCI-LALakfqELFHOH4jZbABsAA4QnYIcBXAxgJgAAxMmws3C8aKc7lslCEdlc5mIMDAMV2BisCqC+AQYS1XAQGAKTCkUgATjpdhqMAMmoAjCETXSAKwckI6k320g7DnWuwVWC8dWa0ghHY0qikE07Bkm0gck0cmmW23khAazAmuxtMTICAmD1xhO8dBwEz4GAMQI8Nnx81Wm12+06mlM7OpnjAGBQCCoWqsEyYHhgUiuxYezAKOy4bDMBR9by4fJxbjsBZxBQwQh+AKajEQQeyViYGkcrmEVhoPtK4R2Ba5zAqZtAA
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:31 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2

200

envelope Show response
lexicon.33across.com/v1/ Frame 209E
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.11.0
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.11.0&b=1&g=cpyDI3GJmFkml6%2FzzDUVMbnnNFiOZZBdD3F9Z7nN3Fw%3D

42 B
138 B

57ms
56ms

XHR
application/json

35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.11.0&b=1&g=cpyDI3GJmFkml6%2FzzDUVMbnnNFiOZZBdD3F9Z7nN3Fw%3D
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sun, 16 Jun 2024 03:18:30 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
location: https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.11.0&b=1&g=cpyDI3GJmFkml6%2FzzDUVMbnnNFiOZZBdD3F9Z7nN3Fw%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 csw.5.4.24.css
cdn.civicscience.com/jspoll/5/ Frame B0BB 114 KB
16 KB 71ms
71ms Stylesheet
text/css 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.civicscience.com/jspoll/5/csw.5.4.24.css?pv=5.4.24
Requested by: Host: cdn.civicscience.com
URL: https://cdn.civicscience.com/jspoll/5/csw-frame.5.4.24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28f8f9ce159acd9cf12c04f5f3573df026df8a4ee068911955966b479be43d3e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 14:37:44 GMT
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 53073
etag: W/"57498f8bf41f41f5a82e1060557385e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: OmpgDyk1vqmEcvaICvcbkXW_vvK154omfGSjpByE-zxusKI5Pejj2Q==

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ Frame 209E 105 B
267 B 77ms
76ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=454&sync=0&domain=mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&url=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&ref=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&_it=amazon&partner_id=454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b3eafba1f0582fadb4c358ee62a12689984c3157c1f16636e5c0a1ce80745ff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 8947a72e9c417476-MIA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 171ms
76ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=454&sync=0&domain=mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&url=https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8947a72e1bd07476-MIA
content-length: 0
content-type: application/json
date: Sun, 16 Jun 2024 03:18:31 GMT
debug: OPTIONS block
expires: Mon, 16 Jun 2025 03:18:31 GMT
server: cloudflare

GET
H2 200 csw.5.4.24.css
cdn.civicscience.com/jspoll/5/ Frame 9D33 114 KB
0 66ms
66ms Stylesheet
text/css 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.civicscience.com/jspoll/5/csw.5.4.24.css?pv=5.4.24
Requested by: Host: cdn.civicscience.com
URL: https://cdn.civicscience.com/jspoll/5/csw-frame.5.4.24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28f8f9ce159acd9cf12c04f5f3573df026df8a4ee068911955966b479be43d3e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 14:37:44 GMT
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 53073
etag: W/"57498f8bf41f41f5a82e1060557385e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: OmpgDyk1vqmEcvaICvcbkXW_vvK154omfGSjpByE-zxusKI5Pejj2Q==

GET
H2 200 jot
www.civicscience.com/ 0
0 57ms
57ms Fetch
text/plain 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=1799450380.2391080898&n=3&s=poll&t=templates&d=%7B%22target%22%3A697%2C%22natures%22%3A%5B%22question-reporting-enabled%22%2C%22compliance-first%22%5D%2C%22instance%22%3A%224975cdfb-f5d1-3674-a102-b0dfe3b22e02%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A0%2C%22cy%22%3A18%2C%22comp%22%3Afalse%2C%22st%22%3A%22EVPP%22%2C%22stg%22%3A%22EVPP%3BEVVP%22%2C%22session%22%3A%221b74de80-2b8f-11ef-95e1-27596e678e72%22%2C%22locale%22%3A%22en%22%2C%22alias%22%3A%22cookie%2Ff6e435b6cc43e913c4b42ab7512c0d6a%22%7D
Requested by: Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 454 Show response
a.ad.gt/api/v1/u/matches/ Frame 209E 13 KB
4 KB 129ms
46ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/454?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&ref=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&_it=amazon&partner_id=454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab76521c283290398a2f6b2da0ffdbdd4c23bcd0b712d9cccfd940f585d50eb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 16 Jun 2024 03:08:35 GMT
server: cloudflare
age: 190
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8947a72fbc9d2245-MIA

GET
H2 200 csw-widget.5.4.24.js Show response
cdn.civicscience.com/jspoll/5/ 75 KB
19 KB 74ms
73ms Script
application/javascript 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.civicscience.com/jspoll/5/csw-widget.5.4.24.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86e99781037de04c8c0570411754e5a0effff49a73ac06ca5414d42f708b7160

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 14:37:45 GMT
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 45647
etag: W/"64f567ca39481fd287974e4e9d7df459"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: nXjegej0OHpGbN0CVuhC2g9VG4JVF3mSEzM-OL8xhV5e7L8FGT88Uw==

GET
H2 200 361603016121467666d32ce705c22.84660816.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 344 B
915 B 140ms
139ms XHR
application/x-mpegurl 18.164.124.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/361603016121467666d32ce705c22.84660816.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.20/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74d2e71410208136224597ec0ac66a8da954a4fd5e3c917c019138543d7c2910

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 344
last-modified: Sat, 15 Jun 2024 06:21:46 GMT
server: AmazonS3
etag: "31c402d6c2b3c6fd874005d2d4d4c965"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Pj-11jJwqJ2gOY6h2SQ03RchybwhffKLtj6NO3FR_71RqaFBLuMf8A==

GET
H2 200 vendors~csw-vendor-dompurify.5.4.24.js Show response
cdn.civicscience.com/jspoll/5/ 21 KB
9 KB 70ms
67ms Script
application/javascript 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.civicscience.com/jspoll/5/vendors~csw-vendor-dompurify.5.4.24.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51c9fc7ef34c60d15389d98b967671d15181fa3c51ed6b77ef0627496c6c888b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 11:29:01 GMT
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:55 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 56970
etag: W/"c03297fb8b2e42551ef7af8febfc4738"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: sSxbBMgHy2TTFLyBW7sKL4arHTR3JvF97uKxv2mop6oOduD0OHWZDA==

GET
H2 200 csw-vendor-webfontloader.5.4.24.js Show response
cdn.civicscience.com/jspoll/5/ 12 KB
5 KB 73ms
70ms Script
application/javascript 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.civicscience.com/jspoll/5/csw-vendor-webfontloader.5.4.24.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89c4038259888710b2b7e60f247c9b86b439abb62afdec1e10d240c17bed351f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 14:37:47 GMT
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 45645
etag: W/"e45cb72813e5e31e08a5626cfa1b6109"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: OCtzqeoE5J0SoO9ayHKfNyRt8o0g5ockOr4lXdk6KimXXFHImORYjA==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame 209E 56 KB
11 KB 41ms
40ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=454&sync=1&url=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/454?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNMNHQXA94JVW78
age: 13
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 8947a7300e56dac9-MIA
x-amz-id-2: FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
expires: Fri, 21 Jun 2024 03:18:31 GMT

GET
H2 200 454 Show response
p.ad.gt/api/v1/p/ Frame 209E 53 KB
18 KB 139ms
44ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/454
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/454?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68eab682fbe6990ca734c80baf13de79bd0156687ef72ab808b9ade11cde7133

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 16 Jun 2024 03:17:20 GMT
server: cloudflare
age: 57
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8947a730a9192275-MIA

GET
H2

200

match
ids.ad.gt/api/v1/ Frame 209E
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&adnxs_id=1447797381590436190&gdpr=0

43 B
143 B

112ms
112ms

Image
image/gif

52.32.228.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&adnxs_id=1447797381590436190&gdpr=0
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Server: 52.32.228.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-228-149.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:32 GMT
an-x-request-uuid: 0b22b2ff-36a9-4cbe-b87b-332a2e00c5ad
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&adnxs_id=1447797381590436190&gdpr=0
x-proxy-origin: 38.132.118.76; 38.132.118.76; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/ Frame 209E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001718507912-ZSL7TGKF-2QIV&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=73ded3fb-f278-44ca-b585-e3ed7a583ed1&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV

43 B
143 B

114ms
111ms

Image
image/gif

52.32.228.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=73ded3fb-f278-44ca-b585-e3ed7a583ed1&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Server: 52.32.228.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-228-149.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=73ded3fb-f278-44ca-b585-e3ed7a583ed1&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV
date: Sun, 16 Jun 2024 03:18:31 GMT
server: Kestrel
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/ Frame 209E
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV
https://ids.ad.gt/api/v1/pbm_match?pbm=B189D484-52ED-4153-9C61-F2C13B189207&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV

43 B
143 B

115ms
111ms

Image
image/gif

52.32.228.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=B189D484-52ED-4153-9C61-F2C13B189207&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Server: 52.32.228.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-228-149.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=B189D484-52ED-4153-9C61-F2C13B189207&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV
date: Sun, 16 Jun 2024 03:18:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 209E 0
695 B 246ms
59ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001718507912-ZSL7TGKF-2QIV&gdpr=0
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tapad_match
ids.ad.gt/api/v1/ Frame 209E
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001718507912...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001718...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=762d2973-37f1-4ba8-a3a8-936295cb82a7%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=73ded3fb-f278-44ca-b585-e3ed7a583ed1&ttd_puid=762d2973-37f1-4ba8-a3a8-936295cb82a7%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&tapad_id=762d2973-37f1-4ba8-a3a8-936295cb82a7

43 B
143 B

111ms
111ms

Image
image/gif

52.32.228.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&tapad_id=762d2973-37f1-4ba8-a3a8-936295cb82a7
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Server: 52.32.228.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-228-149.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

date: Sun, 16 Jun 2024 03:18:32 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&tapad_id=762d2973-37f1-4ba8-a3a8-936295cb82a7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g_match
ids.ad.gt/api/v1/ Frame 209E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&google_gid=CAESEOrecNrDJveWXW9I8l2vZU8&google_cver=1&google_ula=450542624,0

43 B
143 B

114ms
112ms

Image
image/gif

52.32.228.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&google_gid=CAESEOrecNrDJveWXW9I8l2vZU8&google_cver=1&google_ula=450542624,0
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Server: 52.32.228.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-228-149.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&google_gid=CAESEOrecNrDJveWXW9I8l2vZU8&google_cver=1&google_ula=450542624,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 209E
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxODUwNzkxMi1aU0w3VEdLRi0yUUlW

170 B
243 B

81ms
79ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxODUwNzkxMi1aU0w3VEdLRi0yUUlW

Requested by

Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/

Protocol

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxODUwNzkxMi1aU0w3VEdLRi0yUUlW
date: Sun, 16 Jun 2024 03:18:31 GMT
server: nginx/1.24.0
content-length: 453
content-type: text/html; charset=utf-8

GET
H2 204 0
sync.1rx.io/usersync/audigent/ Frame 209E 0
99 B 182ms
56ms Image
text/plain 69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV%26unruly_id%3D%5BRX_UUID%5D
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:21 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 209E
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV%26sas_uid%3D%5bsas_uid%5d&gdpr=0
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&sas_uid=[sas_uid]&gdpr=0&cklb=1

0
316 B

58ms
56ms

Image
text/plain

23.105.14.106
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&sas_uid=[sas_uid]&gdpr=0&cklb=1
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: HTTP/1.1
Server: 23.105.14.106 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: 23.105.14.106.rdns.racklot.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:31 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001718507912-ZSL7TGKF-2QIV&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
date: Sun, 16 Jun 2024 03:18:31 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

amo_match
ids.ad.gt/api/v1/ Frame 209E
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001718507912-ZSL7TGKF-2QIV
https://ids.ad.gt/api/v1/amo_match?turn_id=3826354025297189963&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV

43 B
143 B

114ms
110ms

Image
image/gif

52.32.228.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=3826354025297189963&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Server: 52.32.228.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-228-149.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/amo_match?turn_id=3826354025297189963&id=AU1D-0100-001718507912-ZSL7TGKF-2QIV
pragma: no-cache
date: Sun, 16 Jun 2024 03:18:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

OPTIONS
H2 200 default
ckxj10om5j.execute-api.us-east-2.amazonaws.com/ Frame 0
0 207ms
68ms Preflight
application/json 3.23.7.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckxj10om5j.execute-api.us-east-2.amazonaws.com/default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.23.7.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-7-186.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 16 Jun 2024 03:18:32 GMT
x-amz-apigw-id: ZcLtWEGDiYcEsUw=
x-amzn-requestid: 1145f1b6-a19e-4ca2-834f-013e99215281

POST
H2 200 default Show response
ckxj10om5j.execute-api.us-east-2.amazonaws.com/ 111 B
352 B 208ms
208ms Fetch
application/json 3.23.7.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckxj10om5j.execute-api.us-east-2.amazonaws.com/default
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.23.7.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-7-186.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: c3c307a8c03a16d52e8cdd2343f2c4a02656c3f8b8ffa807ef6ceffe101efab1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
x-api-key: SmvblRLZ4o7gGFY2eC0sD9oh8IFPHY1L4OUMxlBa
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 03:18:32 GMT
x-amzn-trace-id: Root=1-666e5988-3910a8da3a6c732a6073c2d9;Parent=02811a9180dd18f1;Sampled=0;lineage=e1033135:0
x-amzn-requestid: e6c4712f-4da3-4367-b2b6-ff763fedd27f
content-length: 111
x-amz-apigw-id: ZcLtWFPaCYcENDw=
content-type: application/json

GET
H2 200 csw-game.5.4.24.js Show response
cdn.civicscience.com/jspoll/5/ 13 KB
4 KB 63ms
62ms Script
application/javascript 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.civicscience.com/jspoll/5/csw-game.5.4.24.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27b18cf2092cb8889551509e9e71a615cfae40f24371903465fa8d8415658a36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 14:37:47 GMT
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 45646
etag: W/"d54f8da458754f929f1bf78524a79d20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xFjh3er8ZXOBfMfHwHzxZowTZ_2riqxqXRSxe32QBuPytbYwREgBiQ==

GET
H2 200 cs-logo.svg
cdn.civicscience.com/jspoll/5/images/ Frame B0BB 2 KB
1 KB 62ms
61ms Image
image/svg+xml 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.civicscience.com/jspoll/5/images/cs-logo.svg
Requested by: Host: cdn.civicscience.com
URL: https://cdn.civicscience.com/jspoll/5/csw.5.4.24.css?pv=5.4.24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d22ff2db56f5753470cd48729c733aa38ef15705c62f028812cdd3c51e640a4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.civicscience.com/jspoll/5/csw.5.4.24.css?pv=5.4.24
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 14:37:44 GMT
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 53024
etag: W/"6b65cdc801f5a66588042f09b2e1049e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: foUEktWh9egI2fXdRJDAKyZ3qG-ANQFrzQKqYHuDKLKYl-6vNH988w==

GET
H2 200 csw-icon.ttf
cdn.civicscience.com/jspoll/5/fonts/ Frame B0BB 4 KB
4 KB 105ms
104ms Font
binary/octet-stream 2600:9000:26fa:200:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.civicscience.com/jspoll/5/fonts/csw-icon.ttf
Requested by: Host: cdn.civicscience.com
URL: https://cdn.civicscience.com/jspoll/5/csw.5.4.24.css?pv=5.4.24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec0be09c5b8d31be403c97c680a10da03894d9f27b25245b5860aec33f37bffa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.civicscience.com/jspoll/5/csw.5.4.24.css?pv=5.4.24
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:33 GMT
via: 1.1 c06dccfbc9bb974276058f2bb42421ea.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 14:36:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
etag: "13b70bcdffafaf9050354470fd5e3081"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
content-length: 3680
x-amz-cf-id: EqKFtmdtg-2ev-T5i8eJ2jVgtMYfQhwkj8Vv7c0CfVWqZJW07zrQYw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 209E 52 KB
0 200ms
60ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 01:51:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5199
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 16 Jun 2024 03:51:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 209E 251 KB
89 KB 75ms
75ms Script
application/javascript 142.250.65.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

04ca6fe37a53dd62d17faf5e22b0882cc77e686925a4a97ff98f0418915cdd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jun 2024 03:18:32 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ Frame 209E 0
169 B 198ms
132ms XHR
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
date: Sun, 16 Jun 2024 03:18:32 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8947a733dc3d4c04-MIA
vary: Origin

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ Frame 209E 0
88 B 219ms
126ms Script
text/plain 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=2717dbcf48e3b82214c69995d73c1d59&url=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8947a7340e950302-MIA

GET
H2 200 segments Show response
seg.ad.gt/api/v1/ Frame 209E 16 B
220 B 233ms
139ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%252F&partner_id=454&tagger_id=2717dbcf48e3b82214c69995d73c1d59&au_id=AU1D-0100-001718507912-ZSL7TGKF-2QIV
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
access-control-allow-credentials: true
cf-ray: 8947a734095f67c8-MIA
content-length: 16

GET
H2 200 css
fonts.googleapis.com/ Frame B0BB 11 KB
2 KB 82ms
80ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: cdn.civicscience.com
URL: https://cdn.civicscience.com/jspoll/5/csw-vendor-webfontloader.5.4.24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jun 2024 03:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 02:55:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jun 2024 03:18:32 GMT

GET
H2 200 jot
www.civicscience.com/ 0
0 59ms
58ms Fetch
text/plain 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=1799450380.2391080898&n=4&s=poll&t=served&d=%7B%22target%22%3A697%2C%22natures%22%3A%5B%22question-reporting-enabled%22%2C%22compliance-first%22%5D%2C%22instance%22%3A%224975cdfb-f5d1-3674-a102-b0dfe3b22e02%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A0%2C%22cy%22%3A18%2C%22askable%22%3A%22153417%22%2C%22usage%22%3A%22engagement%22%2C%22position%22%3A0%2C%22questions%22%3A%5B%22153417%22%5D%2C%22comp%22%3Afalse%2C%22session%22%3A%221b74de80-2b8f-11ef-95e1-27596e678e72%22%2C%22alias%22%3A%22cookie%2Ff6e435b6cc43e913c4b42ab7512c0d6a%22%2C%22locale%22%3A%22en%22%2C%22rec%22%3Afalse%7D
Requested by: Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 questions Show response
www.civicscience.com/widget/api/2/ 2 KB
1 KB 605ms
605ms Script
text/javascript 54.83.235.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/questions?target=697&instance=4975cdfb-f5d1-3674-a102-b0dfe3b22e02&context=%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com&mv=5&_=1718507912222&idx=1&backupAlias=local%2F3987217005.2568836703&alias=cookie%2Ff6e435b6cc43e913c4b42ab7512c0d6a&template=EVPP&session=1b74de80-2b8f-11ef-95e1-27596e678e72&x%5B%5D=153417&callback=jsonp_1718507912222_28382
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.235.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-235-193.compute-1.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: 6b8ae2109eff1f2f1fc60fcf5e5e3fc1c9056bd25378363e7a93e673b851dc76

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:32 GMT
content-encoding: gzip
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame B0BB 47 KB
47 KB 66ms
59ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:27:15 GMT
x-content-type-options: nosniff
age: 334277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 06:27:15 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame B0BB 47 KB
0 69ms
69ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:27:15 GMT
x-content-type-options: nosniff
age: 334277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 06:27:15 GMT

GET
H2 200 reloadCampaigns.js Show response
api.bounceexchange.com/bounce/ 3 KB
1 KB 70ms
66ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=924&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHZ8AOAVgAZCBOfAJmvM2AC8QoA2CizAdwFMARjlTB+AfVQATKAGZZjTACd+OEABs4aDAS4UAHvW7L+MfkpVKo2AIbr1qBAHNxcJeqgALYMAAOOAFJZAEEAugAxMPCAW1QLECUAWhxgGyQAawA6QWiARzAkJ14WXylMuBxE-hsUxLpM-nUatCRBaoQUuyykEGiozAA3VBFgcR6QdNR+KADCACEwunVfRaDQujpvP0C6MhCwsgiDiNj4pM6M7LyCopKyiqrmuoamlNRW9s71bt7jyI2wgBhRZKVb7AEQ4EbYbiJwgcQ4VQiDBg4IwOyIoGLGFOXwIpHoBCo9HqTGEAAi2BAEymM3miyk0lRi1khAALBw6LJ8GySMRZBR8BQOGQaKs6FC6EMpKiiKRKDR8ErZGyKJQsRsYANgLLiOQqLR8Bq6DYQKiKMblsyNlt-AdwYd-o7TkoEslUpccvlCsVSuVKtVavVGs13m0bB1Ut9Mj0+rsjpDFjVzcaBr4BrLjTKAeC6Nm6MbQTn1gXExskNrdfKDUrjSJ82sjRLFk4kEWCyFqNRjXGO8ELc2NupK8W5frFUaKYMbEocABtKQwPFKQTqEAZAC6UAQIFGKhsUgAntPZ3Ppfx4UMRKv+FuSYiT-Pz-DfE1D44nHeMfwqTSJKB4SaJQnGme8f0EXwoB4fg-CgOcN0wXxgDwKlolfVAIyQCQYCaJxrEXXx4M4OhSDZPY2WoQhMAIoiuDZQgNhIWQSHwailyI8gSA4Siu1Ymitw4QhWSVMheVkNjCIEoTOTIfABTICSiLISiuVVQ1FKk2QZLVOgSA0zgKHojZiGoDh9ME1leXwSg9IGTwbCgxDpQIZR1GAQ9fGmAjxBXNcMlchAbGiaYBhnDCbyAA
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 149990dc0dacfa08c0c8c730471004154fac9ebd09c1eae0513ae71d0050b347

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:33 GMT
content-encoding: gzip
x-envoy-decorator-operation: legacy-api-tier1.legacy-api.svc.cluster.local:80/*
last-modified: Sun, 16 Jun 2024 03:18:33 GMT
via: 1.1 google
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 6
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 reloadcampaigns
events.bouncex.net/track.gif/ 42 B
106 B 63ms
61ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHmAGbIA+sAYQ4Aa149WAZgCCMrBBKiQsAJ4zeAYRkU0MEBGGGcaBiB2KZAqGBzW+eg0ZPDkYKJrRYMNkp89o7OsuwAIgBkoJCwCCjo2PhYSCDMVDT0jDHg0PBIqJi4eCSayOmCImKQUlGIEMbMAAxRAO4gdBYkIEbMcnIAnAAcUeZoJH0AjOxTwwCszeyDU6tyACzNi1HGhnC9MP3s6wBsPHJT68Ozcs1TzSfzy1GoGCCGIG3TUU4AjoQgLD7Po8KJwMBoQEkSaIJgkQrMGZzRbLKY8EYnMEQqFQZBoCggYAWCBYZjwjByHbvND7ZgwKIkAAWaGAME81DKwlIEGAUDewhgaBw2RAhxCTgZAC8IMwTs1WjgIIRgLSOnQonyocxiISgA
Requested by: Host: mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:33 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

OPTIONS
H/1.1 204
No Content /
mesearch.ai/api/dev/content/v2/ Frame 0
0 854ms
666ms Preflight 208.70.69.156
ASCENT-DATA-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://mesearch.ai/api/dev/content/v2/?userId=2442928730&ugc=false&contentAge=14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 208.70.69.156 Coal Center, United States, ASN21858 (ASCENT-DATA-LLC, US),
Reverse DNS: cdn.mesearch.ai
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-length: 0
date: Sun, 16 Jun 2024 03:18:33 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 141ms
141ms XHR
application/json 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

0c1e7fbf43c79f2e725fa588b6160a948fe6d1b7516963331ea36110a1a0cbc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12573
x-xss-protection: 0

POST
H2 200 default Show response
ckxj10om5j.execute-api.us-east-2.amazonaws.com/ 111 B
354 B 176ms
176ms Fetch
application/json 3.23.7.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckxj10om5j.execute-api.us-east-2.amazonaws.com/default
Requested by: Host: search-module.s3.us-east-2.amazonaws.com
URL: https://search-module.s3.us-east-2.amazonaws.com/pubs/trib/mesearch-trib3-min.js?ver=2024-06-15pm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.23.7.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-7-186.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: c3c307a8c03a16d52e8cdd2343f2c4a02656c3f8b8ffa807ef6ceffe101efab1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
x-api-key: SmvblRLZ4o7gGFY2eC0sD9oh8IFPHY1L4OUMxlBa
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 03:18:33 GMT
x-amzn-trace-id: Root=1-666e5989-75a8e80c6356d011723a940a;Parent=3cb3d81f6f2a1f35;Sampled=0;lineage=e1033135:0
x-amzn-requestid: c56f98b2-03b0-4279-ae00-3219808c07f3
content-length: 111
x-amz-apigw-id: ZcLtfHaFiYcECDA=
content-type: application/json

GET
H/1.1 200
OK / Show response
mesearch.ai/api/dev/content/v2/ 90 KB
91 KB 353ms
352ms Fetch
application/json 208.70.69.156
ASCENT-DATA-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://mesearch.ai/api/dev/content/v2/?userId=2442928730&ugc=false&contentAge=14
Requested by: Host: search-module.s3.us-east-2.amazonaws.com
URL: https://search-module.s3.us-east-2.amazonaws.com/pubs/trib/mesearch-trib3-min.js?ver=2024-06-15pm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 208.70.69.156 Coal Center, United States, ASN21858 (ASCENT-DATA-LLC, US),
Reverse DNS: cdn.mesearch.ai
Software: / Express
Resource Hash: 4b65d30a7e743efda6ce132d7a02b5c731ed2d884fd838bea3dc048e8d1f0166

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWJPd25lcklkIjoiNWU5ZjJmNWE2NGIwMzc1M2ZkMjU0YmE0IiwicmVmZXJyZXJzIjpbInRyaWJoc3NuLnRyaWJsaXZlLmNvbSIsInRyaWJsaXZlLmNvbSIsIndpZGdldHMubmVpZ2hib3Job29kbmV3c25ldHdvcmsuY29tIiwibWVzZWFyY2gtZGV2LXdpZGdldHMudXMtZWFzdC0xLmVsYXN0aWNiZWFuc3RhbGsuY29tIiwiZmVlZHMubmVpZ2hib3Job29kbmV3c25ldHdvcmsuY29tIiwibG9jYWxob3N0Il0sImlhdCI6MTYwMjY5Nzk1N30.QyMBk6k44UOal2BlOfCtyNDaZPrjeD3MkuTTvfsyNew
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:34 GMT
x-powered-by: Express
etag: W/"16856-Ey38XZKvUWyESQDmcEuvvWQZ+qs"
x-ratelimit-remaining: 139
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-ratelimit-reset: 1718507954
x-ratelimit-limit: 150
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 92246

GET
H2 200 up
insight.adsrvr.org/track/ Frame EEC7 0
0 64ms
63ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&upid=f0zoguk&upv=1.1.0
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 16 Jun 2024 03:18:33 GMT
server: Kestrel
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 77ms
76ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 03:18:33 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 627C 0
0 186ms
60ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 22761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Jun 2024 20:59:12 GMT
expires: Sun, 15 Jun 2025 20:59:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 0195 0
0 195ms
79ms Document
text/html 142.250.72.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DoW7-tNCShTQhiHLD1orjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DoW7-tNCShTQhiHLD1orjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 03:18:33 GMT
expires: Sun, 16 Jun 2024 03:18:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/head/ 34 KB
34 KB 70ms
69ms Other
image/vnd.microsoft.icon 3.130.242.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/wp-content/themes/TribLIVE2/assets/visuals/images/icons/head/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.242.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-242-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 8ac677c8305c63efea4d8ec6b03cc018291e445a8d08a91dd004157614a54e72

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:33 GMT
last-modified: Thu, 13 Jun 2024 19:39:28 GMT
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
accept-ranges: bytes
etag: "86be-61acaa8349c00"
content-length: 34494
content-type: image/vnd.microsoft.icon

GET
H3 200 reloadCampaigns.js Show response
api.bounceexchange.com/bounce/ 3 KB
954 B 79ms
79ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=919&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHZ8AOAVgAZCBOfAZmvM2AC8QoA2CizAdwFMARjlTB+AfVQATKHQYlMAJ344QAGzhoMBLhQAe+AEzcl-GP0XLFUbAEM1a1AgDm4uIrVQAFsGAAHHABSOgBBQMMAMXCIgFtUSxBFAFocYFskAGsAOkEYgEcwJGdeFj8pLLgcJP5bVKTDLP41WrQkQRqEVPtspBAY6MwAN1QRYHFekAzUfihAwgAhcMM1PyXgsMNDH38gwzJQ8LJIw8i4hOSuzJz8wuLS8srqlvrG5tTUNo6utR6+k6jNuEAMJLRRrA6AyEgzYjcTOEDiHAqEQYcEhGD2JHApaw5x+RHI9AINEYtRYwgAEWwIEm01mCyWUmkaKWdEIABYOIY6Ph2SRiHQKPgKBwyDQ1oZoYZhlI0URSJQaPhlXR2RRKNjNjBBsA5cRyFRaPhNYZbCA0RQTSsWZttgFDhCjgCnWdFIkUmkrrkCkUSmUKlUanUGk0Wh92rZOmkfllev09scoUtahaTYM-IM5SbZYCIYYc4YTWDcxtC0nNkgdXqFYblSaRAX1mWpc4kMXC6FqNQTfGOyFLZKlmoqyX5QalcbKUNbIocABtKQwfGKQRqECZAC6UBwfgwqkU09nc5l-ARwxEq-4W9JSMP85PCL8zQAnk5nNfMfxqbSJKAEc1FGcGYby-QQ-CgHh+H8KA5w3TA-GAPBqRiJ9UEjJAJBgZpnBsRc-FgzhDFIdl9nZahCEwPCCK4dlCE2Eg6BIfBKKXAjyBIDhyK7ZiqK3DhCDZZUyD5OgWPwviBK5Mh6HVMSCLIcjuTVI05IkugpPVQwFF4zgKFozZiGoDhVM4ASOSYygFEGLxbAg+CZQIJQ1GAZ8-BmPDxBXNdMichBbBiGZBhnNDLyAA
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/triblive/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: cda4c3cec914a41bdd1767524e425e13c5e071aba0d66fe00e52f88f1fb9a595

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:34 GMT
content-encoding: gzip
x-envoy-decorator-operation: legacy-api-tier1.legacy-api.svc.cluster.local:80/*
last-modified: Sun, 16 Jun 2024 03:18:34 GMT
via: 1.1 google
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 21
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 reloadcampaigns
events.bouncex.net/track.gif/ 42 B
61 B 56ms
56ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHmAGbIA+sAYQ4Aa149WAZgCCMnMgi4IwGbwDCMimhggIw-TjQMQWxTIFQwOS3x16DR4cjBQAnmiwYrSny29o6y7AAiAGSgkLAIKOjY+FhIIMxUNPSM0eDQ8EiomLh4JF7IaYIiYpBSkYgQhswADJEA7iB0ZiQgBsxycgCcAByRpmgkvQCM7JNDAKxN7AOTK3IALE0LkYb6cD0wfexrAGw8cpNrQzNyTZNNx3NLkagYIPogrVORDgCOhCBYPa9OSROBgNAAkgTRBMEgFZjTWYLJaTQZDY6g8GQqDINAUEDAMxqZhwjAgnZoPbMGCREgACzQwBg7mopWEpA0UFewhgaBwWRAB2CDlpAC8IMxjk0WjgIIRgFT2nRIlzIcxiASgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:34 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 45ms
44ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LDVDC9JYS4&gtm=45je46c0v878928073za200zb810558189&_p=1718507907879&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=823291055.1718507908&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1718507909&sct=1&seg=0&dl=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&dt=Home%20%7C%20TribLIVE.com&_s=2&tfd=7380&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDVDC9JYS4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 7446570_web1_Juneteenth.jpg
assets-varnish.triblive.com/2024/06/ 73 KB
73 KB 51ms
49ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7446570_web1_Juneteenth.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e7151b64aee75032616c2d4855c56eb04f0ec30533e04e8acc76574e68e444

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:34 GMT
via: 1.1 6e537dafed9dc31778bf65918c7ef864.cloudfront.net (CloudFront)
x-amz-version-id: 5gfy856L2KC1JAIwE1_IjAC1lf3_3X2S
cf-cache-status: HIT
age: 16755
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=78838
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 74772
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 22:13:11 GMT
server: cloudflare
etag: "d2aa3a6ae97ce23d6edc8c82c6901329"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a741dfa28da2-MIA
x-amz-cf-id: WLBBO3ejW9O8giAEp6d45SWFo1MEHKIudYwMPd-J9lNcEM3_VidV1Q==

GET
H2 200 7448709_web1_7448709-f868998886ab4b8d9d8da39bb4beb5d7.jpg
assets-varnish.triblive.com/2024/06/ 55 KB
55 KB 44ms
42ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7448709_web1_7448709-f868998886ab4b8d9d8da39bb4beb5d7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e377e0a5e412ca19d5e199c5068b4affa6933e3a59d37b403361b43de292e524

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:34 GMT
via: 1.1 96ef33fafb355df015bb2b6c144dad20.cloudfront.net (CloudFront)
x-amz-version-id: HEwi8JO.xxqAzdl1v74OqX.zmDDbONy2
cf-cache-status: HIT
age: 15409
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=58754
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 56086
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jun 2024 22:56:40 GMT
server: cloudflare
etag: "7ab52933a7943be1b5814eff7090e5f1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a741dfa38da2-MIA
x-amz-cf-id: AGQgTkvJFCDd-oYu4oRbNTFjDJ7y8ToSpk5JQSrPv255ulZGGbrw0w==

GET
H2 200 7449181_web1_ptr-BucsCatchers02-042724.jpg
assets-varnish.triblive.com/2024/06/ 47 KB
48 KB 46ms
44ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7449181_web1_ptr-BucsCatchers02-042724.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47f34d12f2b55d9c9aae41b6bb721a4e4f6f594aa841511973c4ce74062fb87b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:34 GMT
via: 1.1 6244b0c96d0f84618b18e0eae633c140.cloudfront.net (CloudFront)
x-amz-version-id: 3kbi3kFJR2pV3G9Vwe4.1jCfMQge_fLt
cf-cache-status: HIT
age: 5256
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=49785
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 48443
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jun 2024 01:47:49 GMT
server: cloudflare
etag: "ada98ef444417c787d1804b0e14d02f6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a741dfa48da2-MIA
x-amz-cf-id: kQmADzt2wAXx3wWZdG_zvMG9KTnB0-k_btE7EE3qakKDAw_CDD2UmA==

GET
H2 200 7448743_web1_vnd-AvomoreFire-061624.jpg
assets-varnish.triblive.com/2024/06/ 53 KB
53 KB 49ms
47ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7448743_web1_vnd-AvomoreFire-061624.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 719ca11117c3b80c55790506cfdae167cb9da854d09d553dde105bf809d73a90

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:34 GMT
via: 1.1 a3d81350f207075a8a67e8d7ae50f6de.cloudfront.net (CloudFront)
x-amz-version-id: lf953wS5zXKpLZsTxC25e71kn_aygPGa
cf-cache-status: HIT
age: 10774
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=55628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 53884
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jun 2024 00:13:51 GMT
server: cloudflare
etag: "da338295f92ee5416164aac0a3462f29"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a741dfa68da2-MIA
x-amz-cf-id: x1SYQRAB3YoDEAK7HmLMnhWPflEFwdoVJ1NDEhSOJVrVdRWJrHPVtg==

GET
H2 200 7447655_web1_ptr-Hounds-061624.jpg
assets-varnish.triblive.com/2024/06/ 55 KB
55 KB 47ms
46ms Image
image/jpeg 2606:4700:10::6816:a40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-varnish.triblive.com/2024/06/7447655_web1_ptr-Hounds-061624.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd4a76cd6669fe6405b7dda001e91caff4010216146f1c38860b703a4ac6e1f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 03:18:34 GMT
via: 1.1 873ea86a53e828bcd9ffd511bda586c8.cloudfront.net (CloudFront)
x-amz-version-id: _GP06.s5nM.MiCrJBVP56LRZyJl7BDm3
cf-cache-status: HIT
age: 1869
x-amz-cf-pop: MIA3-P8
cf-polished: origSize=58854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 56099
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jun 2024 02:30:58 GMT
server: cloudflare
etag: "2be8ddf6a8d557bb3dea2ebe8df773e6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8947a741dfa88da2-MIA
x-amz-cf-id: PicM2F9nGX0Q16JdHeYhTVFNJo2W2-2rNlX2bTZnqWy1aZZ-81p2RQ==

GET
H/1.1 200
OK mesearch-powered-by.png
search-module.s3.us-east-2.amazonaws.com/mesearch/images/logos/ 5 KB
6 KB 83ms
82ms Image
image/png 3.5.132.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search-module.s3.us-east-2.amazonaws.com/mesearch/images/logos/mesearch-powered-by.png
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.132.192 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: c90a7c747e1f51fb34ca6edce323e84ff7f438e03ee90133a7e001676af3ed42

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 03:18:35 GMT
x-amz-version-id: y_v9QcpaBhOacWfvj03zsUpH3kweL9Zt
Last-Modified: Wed, 18 Nov 2020 12:57:55 GMT
Server: AmazonS3
x-amz-request-id: WVGTCQ95JDM03YPG
ETag: "3f37f6b18f1fb182fbb29df26f99d03c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5212
x-amz-id-2: vB9MtChK2NFD78WnC5vPjF1qxqQniyjYtAOu/YkjOyDKwFui6Psr5eR0525zgCLTnaRUg3xz9PVqnZR6WHxflw==

POST
H2 200 default Show response
ckxj10om5j.execute-api.us-east-2.amazonaws.com/ 111 B
354 B 207ms
206ms Fetch
application/json 3.23.7.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckxj10om5j.execute-api.us-east-2.amazonaws.com/default
Requested by: Host: search-module.s3.us-east-2.amazonaws.com
URL: https://search-module.s3.us-east-2.amazonaws.com/pubs/trib/triblive_qwerty.js?20240615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.23.7.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-7-186.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: c3c307a8c03a16d52e8cdd2343f2c4a02656c3f8b8ffa807ef6ceffe101efab1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
x-api-key: SmvblRLZ4o7gGFY2eC0sD9oh8IFPHY1L4OUMxlBa
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 03:18:35 GMT
x-amzn-trace-id: Root=1-666e598b-67d719ae170f735959d063b4;Parent=4a370b5a249320cd;Sampled=0;lineage=e1033135:0
x-amzn-requestid: 7da4f6df-1e37-436a-95e2-413eef36023c
content-length: 111
x-amz-apigw-id: ZcLt1HWyCYcErtg=
content-type: application/json

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 75ms
74ms Fetch
text/plain 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-12M2XZC8V4&gtm=45je46c0v873737409z8857454493za200zb857454493&_p=1718507907879&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=823291055.1718507908&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&sid=1718507911&sct=1&seg=1&dl=https%3A%2F%2Fmirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com%2F&dt=Home%20%7C%20TribLIVE.com&_s=2&tfd=9333&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12M2XZC8V4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 03:18:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.sided.co
URL: https://cdn.sided.co/embed-assets/embed/updateSession

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406110101&jk=765713998858300&bg=!5Oel56jNAAb64txl2uI7ADQBe5WfOJ3NLL9Vedym7HbwjZp7IqK9ZTG7aDUYxQP8HD0lcXk_FFpBV8Ez-7gV6iLdZ7qRAgAAAGxSAAAABWgBB34ANSMihinRCAhRxeMHXcD5x0A69kVXKK7gdP09aKP3d8umtIK5TYJJbPCfIotbKKuM5BfJwpAimQK3CZ-pLzs6y1O36J_VRYagbS41WCksptlYVintgkwXvE4R6vtnjXXKMcAd-nkPAm_9GEiq-140oRD4l2DwpSSPAtXWMWJ9aOyEbL9mneng7y8gSmyShSDq4G4GSTao0zjc7sX6hZ2YEeAc4nhJ3js1abYr6QQ0Prne_YEo7NJTJKbFU8mSRCv3Huv0_CJoeHU7AEQUOGYcSMcfPBB5TvnCy5C3Uv44VNCuMROrAQo97ob0Ujm2cvgH89j9IvkzRDWkKttDQmd3FGbbmXbw42ABN4eB7Z41yJUvRGloJG79R_1YdAZUB-u5fJbF1rEmWsF_gGcOLpI716STR-cGhou6r0EtXLF5nApSDRUEv0VXweL-U5DqoLb4bdnO9HNGNYYMOI5N2pJtW9TU9ZfyQgj7SgjfZVwFoAB8wNCB5V8Mlmui8HBJReiu19q56s_4M6-qSxIdfREoFjzT9q9rMuiZrjur_UljAyCgvNelnNcQwO9_oxv_ZtOkvUHLT9crM_hvhoYMHNq9UjQOozqdYIfapWZeUERkzEbSHIJBpL_ZKN7l06p2a7Kla7WQEjZ2GrFGFYZYJcOUzXCjPAEfkO6F1uoUvCHvAyrXkhmsEtB3gTfOCZHDCwyFdPU2tj2seKyMflkX7L3FnzM4pbfczuMgcS3t_54E01U_p47MYVURZHQhDZi5AHoec2XpHtvQ6Pbxfu0RbjtPwKBQTubYSz-ywMMjxQPQirc5oTxaoNOLeBuxTiJT81_Em4A7OHSZe7sq6oWS3xDJvUJmVn-sr6xImaB-4ABIybq09FHSNYMG-igIuCjNmOwEEIXc_y_SmoghRQH0d9C5VsXfq--srCFVP50hUylG4u5OtH0RK8mWU-EPVYlM2xArf4rPA6W95UfNEPTIX59pEjFx6aoeciwcS1ffXLnviPM

Verdicts & Comments Add Verdict or Comment

436 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

177 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simpli.fi/	1970-01-21 06:08:50	Name: suid Value: 43BA71C49F7B478BB7FCC204F83BCEEA
cdn.firstimpression.io/	1970-01-21 06:07:23	Name: OAID Value: 7ac11fba53394948ab29cda4277b7865
.doubleclick.net/	1970-01-21 06:57:47	Name: IDE Value: AHWqTUl7MDdTmlnC6byXU9T41-MM3uQ67dGpDhaepZQpOc-gU8P0oqmCw9dxup77ACI
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-21 06:57:47	Name: _ga_LDVDC9JYS4 Value: GS1.1.1718507909.1.0.1718507909.60.0.0
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-20 21:23:14	Name: _gid Value: GA1.4.1990951235.1718507909
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-20 21:21:47	Name: _dc_gtm_UA-32912589-1 Value: 1
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-20 23:31:23	Name: _fbp Value: fb.3.1718507909603.618430016727651186
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-21 06:50:35	Name: _cb Value: CbKmSgDKB_E7BjfibH
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-21 06:50:35	Name: _chartbeat2 Value: .1718507909775.1718507909775.1.CTZH1ZBXUbIMC0nIgBC3GuK_CNaXN9.1
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-20 21:21:49	Name: _cb_svref Value: external
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-20 21:21:49	Name: _sp_ses.bb5f Value: *
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-21 06:57:47	Name: _sp_id.bb5f Value: 0d36d84d-c19b-4039-b88f-bd44bc82da85.1718507910.1.1718507910..a9b1128b-536d-4992-b3be-99416463b140....0
.civicscience.com/	1970-01-21 06:57:47	Name: ballotbox/respondent_id Value: cookie%2Ff6e435b6cc43e913c4b42ab7512c0d6a
.civicscience.com/	1970-01-21 06:57:47	Name: ballotbox_ss Value: 1
.adsrvr.org/	1970-01-21 06:07:23	Name: TDID Value: 73ded3fb-f278-44ca-b585-e3ed7a583ed1
.rkdms.com/	1970-01-21 06:07:23	Name: sessionid Value: h-638c684706944ff58af2b5080d78d7fc_t-1718507910
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-21 06:57:47	Name: _ga_12M2XZC8V4 Value: GS1.1.1718507911.1.1.1718507911.0.0.0
.bounceexchange.com/	1970-01-20 21:21:49	Name: bounceClientVisit3398c Value: %7B%22vid%22%3A1718507911134050%2C%22did%22%3A%223746231487130106579%22%7D
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-20 21:21:49	Name: bounceClientVisit3398v Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgLYCWATuQPbkC0KCAhgMYDWAdAEbECOAVswDmAdwBeEACbsAriloBTRg1q528sEoSlmnRQDsGjMB2ZViREABoQ5GCCshSKAPqCqzlPJQpSVPTAAzI09rJ1cIDy8fP0Dg+QBfIA
.33across.com/	1970-01-21 06:07:23	Name: check Value: true
.casalemedia.com/	1970-01-21 06:07:23	Name: CMID Value: Zm5Zh9HM76AAAC.pAKk4AgAA
.casalemedia.com/	1970-01-20 23:31:23	Name: CMPS Value: 1470
.casalemedia.com/	1970-01-20 23:31:23	Name: CMPRO Value: 1470
.pubmatic.com/	1970-01-21 06:07:23	Name: KADUSERCOOKIE Value: B189D484-52ED-4153-9C61-F2C13B189207
.adgrx.com/	1970-01-21 06:50:35	Name: ADGRX_UID Value: 1bc1e97e-2b8f-11ef-adbd-315b3a19b370
.3lift.com/	1970-01-20 23:31:23	Name: tluidp Value: 2579063220431464997191
.3lift.com/	1970-01-20 23:31:23	Name: tluid Value: 2579063220431464997191
.tapad.com/	1970-01-20 22:48:11	Name: TapAd_TS Value: 1718507911791
.tapad.com/	1970-01-20 22:48:11	Name: TapAd_DID Value: 762d2973-37f1-4ba8-a3a8-936295cb82a7
.zemanta.com/	1970-01-21 06:07:23	Name: zuid Value: WEpMlmOOBQy-AqvZxzFu
.deepintent.com/	1970-01-21 06:57:47	Name: CDIUSER Value: di_0b45420f031f440fab863
.deepintent.com/	1970-01-21 06:57:47	Name: CDIPARTNERS Value: %7B%221%22%3A%2220240616%22%7D
.adnxs.com/	1970-01-21 06:57:47	Name: receive-cookie-deprecation Value: 1
.bidswitch.net/	1970-01-21 06:07:23	Name: tuuid Value: 8c7fc10e-0b17-4194-ac7c-0a23aebdbcc7
.bidswitch.net/	1970-01-21 06:07:23	Name: c Value: 1718507911
.bidswitch.net/	1970-01-21 06:07:23	Name: tuuid_lu Value: 1718507911
.quantserve.com/	1970-01-20 23:31:23	Name: d Value: EOEBCwGNLPijAA
.quantserve.com/	1970-01-21 06:52:02	Name: mc Value: 666e5987-cac7f-bd8a3-19b97
.adgrx.com/	1970-01-20 21:23:14	Name: ADGRX_CM_CASALE_BRIDGED Value: 1
.adgrx.com/	1970-01-20 21:23:14	Name: ADGRX_CM_PUBMATIC_BRIDGED Value: 1
.turn.com/	1970-01-21 01:40:59	Name: uid Value: 3826354025297189963
.adnxs.com/	1970-01-20 23:31:23	Name: XANDR_PANID Value: c3dSB8xdLmT2sVGcSlqDo32QdmolWlFPA6wmEWJsqLsS1wSRUIScw2YmEVuap0L5LLiGxDRAvlg8sQs3c_AeQOpX6upxIV-LXXumZlz0FaE.
.adnxs.com/	1970-01-20 23:31:23	Name: uuid2 Value: 1447797381590436190
.resetdigital.co/	1970-01-20 23:31:23	Name: ckbk Value: 00000147885F6843
.amazon-adsystem.com/	1970-01-21 06:57:47	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-21 02:08:21	Name: ad-id Value: A5q3FVu-t0Rcvx2EO2hrZQA
.w55c.net/	1970-01-20 22:04:59	Name: matchpubmatic Value: 5
sync.srv.stackadapt.com/	1970-01-21 06:07:23	Name: sa-user-id Value: s%3A0-bf67abce-3985-5954-560c-189be07a7763.p2yv8UMMmA2vO8vremtkLfM%2F0jtX9e3iPx8FW00JOIA
.srv.stackadapt.com/	1970-01-21 06:07:23	Name: sa-user-id Value: s%3A0-bf67abce-3985-5954-560c-189be07a7763.p2yv8UMMmA2vO8vremtkLfM%2F0jtX9e3iPx8FW00JOIA
sync.srv.stackadapt.com/	1970-01-21 06:07:23	Name: sa-user-id-v2 Value: s%3Av2erzjmFWVRWDBib4Hp3YyaEdkw.6r5kTrMxNvLnMuLx6Fc24SRQ8aL%2BGGQa5kCDJk1qZ%2BM
.srv.stackadapt.com/	1970-01-21 06:07:23	Name: sa-user-id-v2 Value: s%3Av2erzjmFWVRWDBib4Hp3YyaEdkw.6r5kTrMxNvLnMuLx6Fc24SRQ8aL%2BGGQa5kCDJk1qZ%2BM
sync.srv.stackadapt.com/	1970-01-21 06:07:23	Name: sa-user-id-v3 Value: s%3AAQAKILOkp0tJIG5yA_iq_H4rDZAgPpUGIdiJeXPMFI9-aN6zEGcYBCCHs7mzBjABOgTwTC9rQgSiV1Uv.%2F5G3gxFKSFTCzftpz4RK0CROuLiTBM3DREVmu%2FEmKVY
.srv.stackadapt.com/	1970-01-21 06:07:23	Name: sa-user-id-v3 Value: s%3AAQAKILOkp0tJIG5yA_iq_H4rDZAgPpUGIdiJeXPMFI9-aN6zEGcYBCCHs7mzBjABOgTwTC9rQgSiV1Uv.%2F5G3gxFKSFTCzftpz4RK0CROuLiTBM3DREVmu%2FEmKVY
.smartadserver.com/	1970-01-21 06:07:23	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 06:07:23	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.mathtag.com/	1970-01-21 06:47:43	Name: uuid Value: 5862666e-5988-4600-abf0-3ec4d7c176f4
.w55c.net/	1970-01-21 06:50:35	Name: wfivefivec Value: ZGXihQJ91SiGpx5
.w55c.net/	1970-01-20 22:04:59	Name: matchcasale Value: 5
.bidr.io/	1970-01-21 06:50:21	Name: bito Value: AAECuU7M3LMAABM6J8yvUw
.bidr.io/	1970-01-21 06:50:21	Name: bitoIsSecure Value: ok
.analytics.yahoo.com/	1970-01-21 06:07:23	Name: IDSYNC Value: 18z8~2j0r
.yahoo.com/	1970-01-21 06:07:45	Name: A3 Value: d=AQABBIdZbmYCEO2IgSEkHpEvS-G32gTJOwcFEgEBAQGrb2Z4ZtxH0iMA_eMAAA&S=AQAAAsf6xkNC0TuCBMtSCBAPQ9o
.tribalfusion.com/	1970-01-20 23:31:23	Name: ANON_ID Value: aontmIq0I1f9yNy6PgmFnYB56Xqd7poxKX5HgpMBDJ7548hH8SAUTFL7nvJJNopu7lynLiNU6Zc1Cj71PjTf86ls5
.creativecdn.com/	1970-01-21 06:07:23	Name: g Value: k4ZHW3cVdmsJG0ULIQ2N_1718507911911
.creativecdn.com/	1970-01-21 06:07:23	Name: ts Value: 1718507911
.pubmatic.com/	1970-01-20 22:04:59	Name: KRTBCOOKIE_148 Value: 19421-uid:43BA71C49F7B478BB7FCC204F83BCEEA&KRTB&23486-uid:43BA71C49F7B478BB7FCC204F83BCEEA&KRTB&23489-uid:43BA71C49F7B478BB7FCC204F83BCEEA&KRTB&23539-uid:43BA71C49F7B478BB7FCC204F83BCEEA
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_153 Value: 19420-Qr4N6kGxA7hZ61rsQ-4W7RCwWrxZuQLtTb9M3Qvh&KRTB&22979-Qr4N6kGxA7hZ61rsQ-4W7RCwWrxZuQLtTb9M3Qvh&KRTB&23462-Qr4N6kGxA7hZ61rsQ-4W7RCwWrxZuQLtTb9M3Qvh
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_80 Value: 22987-CAESEPBbICqpRJH0kkAZ-iIns3k&KRTB&23025-CAESEPBbICqpRJH0kkAZ-iIns3k&KRTB&23386-CAESEPBbICqpRJH0kkAZ-iIns3k
.sitescout.com/	1970-01-21 06:07:23	Name: ssi Value: 789ff1f8-ead8-4e0d-8fc3-9bf397761d76#1718507911975
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_1003 Value: 22761-1bc1e97e-2b8f-11ef-adbd-315b3a19b370&KRTB&23275-1bc1e97e-2b8f-11ef-adbd-315b3a19b370
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_107 Value: 1471-uid:cpfr4wcz1SiGpx5&KRTB&23421-uid:cpfr4wcz1SiGpx5
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_860 Value: 16335-v2erzjmFWVRWDBib4Hp3YyaEdkw&KRTB&23334-v2erzjmFWVRWDBib4Hp3YyaEdkw&KRTB&23417-v2erzjmFWVRWDBib4Hp3YyaEdkw&KRTB&23426-v2erzjmFWVRWDBib4Hp3YyaEdkw
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_377 Value: 6810-73ded3fb-f278-44ca-b585-e3ed7a583ed1&KRTB&22918-73ded3fb-f278-44ca-b585-e3ed7a583ed1&KRTB&22926-73ded3fb-f278-44ca-b585-e3ed7a583ed1&KRTB&23031-73ded3fb-f278-44ca-b585-e3ed7a583ed1
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_27 Value: 16735-uid:5862666e-5988-4600-abf0-3ec4d7c176f4
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_1199 Value: 23168-00000147885F6843&KRTB&23175-00000147885F6843
.sitescout.com/	1970-01-20 22:04:59	Name: _ssuma Value: eyI0NSI6MTcxODUwNzkxMjA0M30
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_1278 Value: 23329-636ef911-81e3-440a-904c-361392bd61d3&KRTB&23340-636ef911-81e3-440a-904c-361392bd61d3&KRTB&23498-636ef911-81e3-440a-904c-361392bd61d3
.mxptint.net/	1970-01-21 06:57:47	Name: mxpim Value: R35CA9_1172FC4A9_5C82049B.1.0000000000000000666E5988
.ipredictive.com/	1970-01-21 06:07:23	Name: cu Value: 891e681c-4bb3-4cbe-bb41-4d9c67669c2f\|1718507912093
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_188 Value: 3189-789ff1f8-ead8-4e0d-8fc3-9bf397761d76-666e5987-5553&KRTB&23418-789ff1f8-ead8-4e0d-8fc3-9bf397761d76-666e5987-5553
beacon.lynx.cognitivlabs.com/	1970-01-21 06:07:23	Name: UID Value: 274579de-6a04-4a28-8efc-a39c06338095
beacon.lynx.cognitivlabs.com/	1970-01-21 06:07:23	Name: ss Value: %2BuFT7MsD9jaYou817WR5EX8KgH9MZI4pitK5fLP6lpeKOLEeDxhxqsImmNg7HLqT3tCbI%2BDzGQmwLWmLoycBow%3D%3D
.pubmatic.com/	1970-01-20 22:04:59	Name: KRTBCOOKIE_52 Value: 22772-R35CA9_1172FC4A9_5C82049B&KRTB&23092-R35CA9_1172FC4A9_5C82049B
.pubmatic.com/	1970-01-20 22:04:59	Name: KRTBCOOKIE_279 Value: 22890-891e681c-4bb3-4cbe-bb41-4d9c67669c2f&KRTB&23011-891e681c-4bb3-4cbe-bb41-4d9c67669c2f&KRTB&23355-891e681c-4bb3-4cbe-bb41-4d9c67669c2f
.adentifi.com/	1970-01-21 06:57:47	Name: adtheorent[cuid] Value: cuid_1bfc1e02-2b8f-11ef-b022-12fa6b58ae11
.rfihub.com/	1970-01-21 06:43:23	Name: rud Value: H4sIAAAAAAAA_-MSNrS0NDS3MDc2MjU0MDMzMTI0NRPiM9QtdUl1zvMMya5IjqwAAIGgaZ4lAAAA
.rfihub.com/	1970-01-21 06:43:23	Name: eud Value: H4sIAAAAAAAA_9vEyGtobmhhamBuaWhkaGIEADZHjN8QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrS0NDS3MDc2MjU0MDMzMTI0NRPiM9QtdUl1zvMMya5IjqwAAIGgaZ4lAAAA
.smartadserver.com/	1970-01-21 06:07:23	Name: pid Value: 4568350679479240257
.dotomi.com/	1970-01-20 21:21:47	Name: DotomiTest Value: 3d27be5edc6305a8
.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/	1970-01-21 06:57:47	Name: _ga Value: GA1.4.823291055.1718507908
.pubmatic.com/	1970-01-20 22:04:59	Name: KRTBCOOKIE_22 Value: 14911-3826354025297189963&KRTB&23150-3826354025297189963&KRTB&23527-3826354025297189963
.pubmatic.com/	1970-01-20 22:04:59	Name: KRTBCOOKIE_632 Value: 23041-xbTJ0v4YBRfS8adjUehhToZs6xzCVZe1cy8p9BYAh54&KRTB&23047-xbTJ0v4YBRfS8adjUehhToZs6xzCVZe1cy8p9BYAh54&KRTB&23234-xbTJ0v4YBRfS8adjUehhToZs6xzCVZe1cy8p9BYAh54&KRTB&23361-xbTJ0v4YBRfS8adjUehhToZs6xzCVZe1cy8p9BYAh54
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_18 Value: 22947-1991787325106642156
.rubiconproject.com/	1970-01-20 23:31:23	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 22:04:59	Name: C Value: 1
.tapad.com/	1970-01-20 22:48:11	Name: TapAd_3WAY_SYNCS Value: 1!4035
.linkedin.com/	1970-01-21 06:07:23	Name: bcookie Value: "v=2&f7cb583a-7574-46a6-8a3e-c8c34a33bd00"
.linkedin.com/	1970-01-20 21:23:14	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3273:u=1:x=1:i=1718507912:t=1718594312:v=2:sig=AQEaFrCji33VanC50uWbUotYPxWHJUf5"
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_16 Value: 1550505354400
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_37 Value: 37aff057-176c-3f88-999e-7713bf299ca3
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_44 Value: LXGSWSJ5-1K-HVYN
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_45 Value: 6BFB0ED7-C32D-4E10-AC8B-217CE6612914
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_46 Value: 3898234790468774557
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_48 Value: ab482c8b-d099-4e3f-a90b-e1bdc995a1e4
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_49 Value: AQAA8x8UxXyDCQJC2qyVAQEBAQEBAQCRH2qPvQEBAJEfao-9
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_50 Value: 6e2492c7-1148-45b0-98a2-8350550f23cf
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_61 Value: 212495098561481
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_62 Value: 3614988821523618000V10
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_64 Value: ADLkeh3qoP5633cvrIcdsisXmqjgppRb
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_7 Value: 77cdddf0-168f-4282-b9fd-76b81a1164e7
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_70 Value: 1670164501887-983826026107-007675-011-002667
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_73 Value: AAECuU7M3LMAABM6J8yvUw
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_76 Value: RX-96436eda-b411-42f2-87c6-01013ccba112-005
.technoratimedia.com/	1970-01-20 21:26:07	Name: tads_uidp_77 Value: m9586NjkWKRacGjKakoolrXM0kf_B7IejVJduejFyLs
.technoratimedia.com/	1970-01-20 21:26:07	Name: tads_uidp_80 Value: y-NG_dHgZE2uHc7Cb.AqzO3OxBZDpFIS0R~A
.technoratimedia.com/	1970-01-20 21:26:07	Name: tads_uidp_82 Value: Zm4wAsAoJaUAAHWhAKJA2QAA&2904
.technoratimedia.com/	1970-01-20 21:26:07	Name: tads_uidp_83 Value: BzKIS13TXEMI
.technoratimedia.com/	1970-01-20 21:26:07	Name: tads_uidp_88 Value: 418477390477247255045
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uidp_90 Value: d61c15db-ca8e-422b-89fc-75ebf2d03234
.technoratimedia.com/	1970-01-20 21:26:07	Name: tads_uidp_91 Value: 6036790348656135630brt77751645033995481903ac
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uid Value: 88DC07C9169346F3A3D222DFC6E4FA5F
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_uid_cd Value: 20240504022915+0000
.technoratimedia.com/	1970-01-21 06:57:47	Name: tads_zora Value: 2
.technoratimedia.com/	1970-01-20 21:23:14	Name: envelope_liveramp.com Value: 1693142250488
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_32 Value: 11175-AQADcKnw2ESu3wIkFsu9AQEBAQEBAQCRHgy9JwEBAJEeDL0n&KRTB&22715-AQADcKnw2ESu3wIkFsu9AQEBAQEBAQCRHgy9JwEBAJEeDL0n&KRTB&23519-AQADcKnw2ESu3wIkFsu9AQEBAQEBAQCRHgy9JwEBAJEeDL0n
.nrich.ai/	1970-01-21 06:57:47	Name: _nauid Value: e0edfedc-a3b2-467a-9d1e-270da4b9ae84
.adform.net/	1970-01-20 22:48:11	Name: uid Value: 8345281979548342706
.rubiconproject.com/	1970-01-21 06:07:23	Name: khaos Value: LXGZ8N9B-S-1JB9
.ssp.wknd.ai/	1969-12-31 23:59:59	Name: rubiconUID Value: LXGZ8N9B-S-1JB9
.pubmatic.com/	1970-01-20 22:04:59	Name: KRTBCOOKIE_391 Value: 22924-8345281979548342706&KRTB&23263-8345281979548342706&KRTB&23481-8345281979548342706
.rubiconproject.com/	1970-01-21 06:07:23	Name: audit Value: 1\|bkDoWXyPEWp7b683rkZYH1ZJPuBWYGHJQhImnbX/Lt48fCYmOTvXgwjNW8M0RMY6LcURFMgElSNS8G+dhi1GhVEzNmZkqoUp
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_466 Value: 16530-8c7fc10e-0b17-4194-ac7c-0a23aebdbcc7
.lijit.com/	1970-01-21 06:07:23	Name: ljt_reader Value: I1XGAQZHyCgdd1_6SOG1C5oL
.smartadserver.com/	1970-01-21 06:07:23	Name: csync Value: 127:AAECuU7M3LMAABM6J8yvUw
.lijit.com/	1970-01-21 06:07:23	Name: _ljtrtb_80 Value: LXGZ8N9V-N-31KV
.primis.tech/	1970-01-20 21:57:47	Name: csuuid Value: 666e59888b462
.sharethrough.com/	1970-01-20 22:04:59	Name: stx_user_id Value: e2d26635-ad2c-47e2-8c3d-eab1dad38e35
.intentiq.com/	1970-01-21 06:57:47	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 06:57:47	Name: intentIQ Value: g8mxxUFHNM
.civicscience.com/	1970-01-21 06:57:47	Name: core-att/484 Value: _NA
.civicscience.com/	1970-01-21 06:57:47	Name: core-att/7078 Value: _NA
.civicscience.com/	1970-01-21 06:57:47	Name: core-att/191337 Value: _NA
.contextweb.com/	1970-01-21 06:00:11	Name: V Value: e4dvfvrQkH75
.contextweb.com/	1970-01-21 06:00:11	Name: VP Value: part_e4dvfvrQkH75
.contextweb.com/	1970-01-21 06:07:23	Name: pb_rtb_ev Value: 3-1rym\|7dN.0.AAECuU7M3LMAABM6J8yvUw
.contextweb.com/	1970-01-21 06:07:23	Name: pb_rtb_ev_part Value: 3-1rym\|7dN.0.AAECuU7M3LMAABM6J8yvUw
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 3c096f150670f441
.intentiq.com/	1970-01-21 06:57:47	Name: intentIQCDate Value: 1718507912874
.intentiq.com/	1970-01-21 06:57:47	Name: CSDT Value: UEQ6MTUxMDZfMCZVRnBNNElW
.intentiq.com/	1970-01-21 06:57:47	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 06:57:47	Name: IQPData Value: 59855838#1718507912873#0#1718507912873
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_699 Value: 22727-AAECuU7M3LMAABM6J8yvUw
.demdex.net/	1970-01-21 01:40:59	Name: demdex Value: 67882156063263477582044618842388989728
.dpm.demdex.net/	1970-01-21 01:40:59	Name: dpm Value: 67882156063263477582044618842388989728
.pubmatic.com/	1970-01-20 22:04:59	Name: SPugT Value: 1718507913
.adsrvr.org/	1970-01-21 06:07:23	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwj40qeEoe-GPRAFEhYKB3J1Ymljb24SCwjQgseGoe-GPRAFEhQKBXRhcGFkEgsI5ImliKHvhj0QBRITCgRrcnV4EgsIjqDtkaHvhj0QBRISCgNhYW0SCwj0vu2Roe-GPRAFEhcKCGFwcG5leHVzEgsIkN_tkaHvhj0QBRgFIAEoAzILCPbz776374Y9EAU4AUIEIgIIAVoHZWFjNmtrYWAB
.ads.pubmatic.com/	1970-01-20 21:23:14	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 23:31:23	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 21:23:14	Name: pi Value: 156512:4
.pubmatic.com/	1970-01-20 23:31:23	Name: DPSync3 Value: 1719705600%3A261_260_259_201_263_262%7C1719100800%3A252_265
.pubmatic.com/	1970-01-20 23:31:23	Name: SyncRTB3 Value: 1719100800%3A15_38_2_223%7C1719360000%3A63%7C1719792000%3A35_268%7C1721088000%3A224%7C1723680000%3A69%7C1718928000%3A216%7C1719705600%3A250_54_55_48_234_238_166_56_249_220_233_104_178_71_214_243_8_3_267_99_81_46_176_266_240_13_5_264_165_21_7_22_96_231
.kargo.com/	1970-01-21 06:07:23	Name: ktcid Value: c365076b-a128-0e54-5898-6ae70b5a1b8c
.iqzone.com/	1970-01-20 21:41:57	Name: iq_u_key Value: 975001d0-6349-4d2e-a6d6-98169e3e2299
.iqzone.com/	1970-01-20 21:41:57	Name: iq_r_key Value: 277
.ctnsnet.com/	1970-01-21 06:07:23	Name: cid_a16dafa10e564f5695b1fc0960310353 Value: 1
.thrtle.com/	1970-01-21 02:09:47	Name: mc Value: eyJpZCI6IjE2YmViZmQ3LTU5ZDktNDMwZS1iMWY2LTk3ZjA5MDg3YmU0NiIsImwiOjE3MTg1MDc5MTQ4MjUsInQiOjF9
.pubmatic.com/	1970-01-20 23:31:23	Name: KRTBCOOKIE_594 Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.owneriq.net/	1970-01-20 21:36:11	Name: p2 Value: pmc
.owneriq.net/	1970-01-21 06:57:47	Name: si Value: Q7717943141853645658P
.owneriq.net/	1970-01-20 21:36:11	Name: pmc Value: 1
.adsby.bidtheatre.com/	1970-01-20 21:31:52	Name: __kuid Value: 3e6dc1e7-84f8-4414-8307-7750bba8b1d7.487721915
.adx.opera.com/	1970-01-21 06:07:23	Name: UID Value: OPU3f1ecf30e73c42ab9cda514967ec8366
.csync.loopme.me/	1970-01-20 23:34:16	Name: viewer_token Value: 8f77ac62-6b7e-4b31-a708-ca7dc1ac96b8
.pubmatic.com/	1970-01-20 21:41:57	Name: KRTBCOOKIE_1323 Value: 23480-OPU3f1ecf30e73c42ab9cda514967ec8366&KRTB&23485-OPU3f1ecf30e73c42ab9cda514967ec8366&KRTB&23524-OPU3f1ecf30e73c42ab9cda514967ec8366&KRTB&23575-OPU3f1ecf30e73c42ab9cda514967ec8366
.pubmatic.com/	1970-01-20 22:04:59	Name: PugT Value: 1718507915
.pubmatic.com/	1970-01-20 22:04:59	Name: KRTBCOOKIE_904 Value: 23554-dSPYVgKFBFWWKQ1Fi1luZg&KRTB&23557-dSPYVgKFBFWWKQ1Fi1luZg&KRTB&23586-dSPYVgKFBFWWKQ1Fi1luZg

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com/ Message: Access to fetch at 'https://cdn.sided.co/embed-assets/embed/updateSession' from origin 'https://mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://cdn.sided.co/embed-assets/embed/updateSession Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

803fdae72fe670ac65bcac8d4ee7a82e.safeframe.googlesyndication.com
a.ad.gt
ad.doubleclick.net
ads.pubmatic.com
ajax.googleapis.com
analytics.google.com
api.bounceexchange.com
api.ipify.org
api.rlcdn.com
assets-varnish.triblive.com
assets.bounceexchange.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.civicscience.com
cdn.firstimpression.io
cdn.hadronid.net
cdn.prod.mktg.evvnt.com
cdn.sided.co
cdnjs.cloudflare.com
ckxj10om5j.execute-api.us-east-2.amazonaws.com
cloud.typenetwork.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
contextual-analytics.wunderkind.co
cookie-cdn.cookiepro.com
d.turn.com
d29xw9s9x32j3w.cloudfront.net
d2zqfs55y95cft.cloudfront.net
discovery.evvnt.com
ecdn.analysis.fi
ecdn.firstimpression.io
embed.sendtonews.com
embedcdn.sendtonews.com
eus.rubiconproject.com
events.bouncex.net
fastly-cloud.typenetwork.com
files.triblive.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
get.civicscience.com
googleads.g.doubleclick.net
id.hadron.ad.gt
id.sv.rkdms.com
ids.ad.gt
image2.pubmatic.com
imasdk.googleapis.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
measure.analysis.fi
mesearch.ai
mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com
mp.mmvideocdn.com
p.ad.gt
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.tapad.com
pixels.ad.gt
player.sendtonews.com
s0.2mdn.net
s2l.sendtonews.com
search-module.s3.us-east-2.amazonaws.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
static.chartbeat.com
stats.g.doubleclick.net
sync.1rx.io
sync.smartadserver.com
tag.bounceexchange.com
tag.simpli.fi
tagan.adlightning.com
token.rubiconproject.com
tpc.googlesyndication.com
web.adblade.com
widgets.outbrain.com
www.civicscience.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
cdn.sided.co
pagead2.googlesyndication.com
104.17.25.14
104.18.35.167
104.18.38.76
108.138.106.33
108.138.106.50
108.138.106.70
108.138.115.149
108.139.29.122
108.139.33.128
142.250.176.194
142.250.65.194
142.250.65.200
142.250.65.238
142.250.72.100
142.250.80.66
142.250.80.70
142.250.81.226
142.251.35.162
15.197.193.217
151.101.193.91
151.101.65.91
172.67.74.152
18.164.124.24
18.173.219.5
18.210.213.167
18.238.49.105
18.238.49.62
18.238.49.67
2001:4860:4802:32::181
208.70.69.156
23.105.14.106
23.201.174.84
23.47.170.102
23.56.163.14
23.56.163.191
2600:9000:23ca:e000:3:9dfe:0:93a1
2600:9000:24f1:800:18:1fcd:354:4b41
2600:9000:266a:3c00:e:8add:c340:93a1
2600:9000:26fa:200:f:c7b3:ce40:93a1
2600:9000:26fa:5200:f:c7b3:ce40:93a1
2600:9000:26fa:a400:8:4487:bd00:93a1
2600:9000:26fa:dc00:18:a82e:7180:93a1
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::6816:a40
2606:4700:10::ac43:17ea
2606:4700:4400::6812:2089
2606:4700:4400::6812:2894
2607:f8b0:4004:c21::9b
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::200a
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2008
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::2006
2620:112:f008:200::101
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::714
3.130.242.255
3.23.7.186
3.33.220.150
3.5.132.192
34.107.165.188
34.111.113.62
34.111.8.32
34.120.253.250
34.171.47.125
34.98.72.95
35.153.26.62
35.244.193.51
44.208.97.87
52.32.228.149
52.85.61.120
54.82.243.165
54.83.235.193
68.67.160.117
69.173.151.100
69.194.240.13
8.28.7.83
002223751afd83ca7107f5b8081a10597a3d42526b4423d8dcad8c041fc19537
010822c1a82b3f24bb53c64dece0d88d36790bdfcf82e284cb41145edcb6cc38
0124b695c7c31d57d715eebe668e348a03ca1cb5cbb573fa1e79aa2ce6b3210d
02e9c70478b4ed0444cfa8a953983e0a0388b731ec7b07662bd667d56816bf2c
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
035e9cc56eebb32c7f0ec20c074081823ec1923ea3f6cfd2d0f99bff864e0a4f
039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f
04ca6fe37a53dd62d17faf5e22b0882cc77e686925a4a97ff98f0418915cdd95
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1e7fbf43c79f2e725fa588b6160a948fe6d1b7516963331ea36110a1a0cbc6
0c46d3b5218424bc0cb4c868abfc21fbcee6fab184289a77928bce49ac3d5ba8
149990dc0dacfa08c0c8c730471004154fac9ebd09c1eae0513ae71d0050b347
179f79d98e3aa3134f22b606b9890532576ee83a553633794bafa86f198eb7d1
17cdbd32fb1ba8f4e2087492e8a3f648fecc18ef52a44fc86e5fba2d1e48df49
1874f4047ddd46cd610b128f9d39a22263514c68cc2f70a081cc6bd2f63ff402
1af4b04a9fb1a9a81fa7dceb938120b87e0676df404575691943b58479c6d19b
1b3eafba1f0582fadb4c358ee62a12689984c3157c1f16636e5c0a1ce80745ff
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d22ff2db56f5753470cd48729c733aa38ef15705c62f028812cdd3c51e640a4
1fcfb15c53d7f3e3cf9a40336cb114d0c51f0b11500419f4a846a64e4e3dee70
21cf09a0e9e4dca2c208eca20126a1bccbbdb66c40df1002c0e247217a3656f9
248c4fe6809000f8733491af1d1030629071dd35a9ec6613a8e1df244cad725d
24cb81adf275f417b3171c20437dd23d50284758093dad74ab48dd71c95f60d3
251043076ee86cfc57713724d4a7e04825ec726c56d90170b1f9e433d831f1b8
27b18cf2092cb8889551509e9e71a615cfae40f24371903465fa8d8415658a36
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
28f8f9ce159acd9cf12c04f5f3573df026df8a4ee068911955966b479be43d3e
29b2e587c48b1ffc007e3fae3bf123cd885b6b0644685822f7128f80f97ac8c4
2be9d43e2e534c4819e1433d382c3b61c95c4c86fb450a4f8afbb6ef6b081a1c
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
2f648e600f33f7e29ec39bd4d1d8ff5ecdea49742c4a2700d192737b812b547a
2fb7f9c5ac604e1f50795236a51c4c1ae259986eeb1e84c052f52b8e7173a0ea
3154300b6000424ff182221a9bb440cbb029c768e4e0de4ab7d2cb09ce2f02cf
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9
343e172044532b028c3a2338d33cbee3806fb1fb0d75ab67363b00846d3c3f61
35049bd7284f12feabdc00514109054984d88ec7a32d4e59f2dac7fa5a08339c
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
37d44df61428260da98324576010ebd04c0d5a1ce6774bbed15bbfbdfc141a0c
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
386091e2eab50e4f8599e7fd1af4ecd0d25afe596ece27e58a48878f8a122b86
38decf7df40e0a2697b2927061b78a370efee2059686085c39a16e146aaf5a9f
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3c2b0d137df8c7cdee13a3ea427d7950d3f2f5ffe652f15a35ff3a46278052b2
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
403b968c802d8beab0dba7b3436a1557f0800a473e7f479b41d0b1680160d494
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442ded1995bed09d71ebbac985047547e1d12bee2b9824486333e44b0d6365ca
4772438aedb8628f28f6d46d2f7c960bd1dbe59e147978220007293e54904d43
47f34d12f2b55d9c9aae41b6bb721a4e4f6f594aa841511973c4ce74062fb87b
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4a6005a7fcf96135e34f7fef30e9fd16591bd7457b5ea0c396a25b40a39ba947
4b65d30a7e743efda6ce132d7a02b5c731ed2d884fd838bea3dc048e8d1f0166
4c616e8e0976d1f702bfd412be45dc574b304cfc8f40c758f3a5b800c31f5adb
4dc3ce0803ede101d65e8257f6b5cf9c81d939ffb21770a0d7588f236ea3bff8
4de6067d6c116b81dd1a4fcd252e3c3e2297ae01c576b63fabac8f8655b4787a
4ee4c59b6a89d90dcd3ecd7ffe67f75c011409bc5732163dfe608284a36daef2
4f1570f755876089f84b98bfc1ceef920cf11cc0c9ae0f55f14f94a7b6a74f50
5009c577d9292651b0a789b070bd6d75f4f6964f7561ea8454fdbfe7cce2af91
51125ddd8c48732083e670f42844a8d409fcc9b7205f96ed17d6346ebb174000
51c9fc7ef34c60d15389d98b967671d15181fa3c51ed6b77ef0627496c6c888b
53944826d87b2ae7dd3972d86f3ec63c40c85f45ab802c42ca1b5dc5b0b84841
55ff3437d82bb81bc0f77e66a3a45559857def61b7a4963931a059e2b3251a4b
575c495c2f29e05efa11b5fcf472e4cd5a63ef7ba9f404460434fffc1d02d9b9
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58e75c96398251a93276df6a8b8c82e861bf48c495ff42bc0b524fc5a1f2932f
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5ac9b61d78eb046b56e45011f250299ebb248dc8267155e9a097250d53246c66
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0
5ec1f7e700f37c3d0b2981d04855fc34b94aaa15457b05ca571817442d228f81
604188218977044d9d3ec19fbbe24ddf278d6a051f7e43d639c003504376aaa8
605a3023c4c4790b6ffe8f588b564606916069afba8ee481b154e9519014b4bb
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6113e9800a31c7830969cc082c2c14e5b52e794170118e525812cd7469f156bc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6696ed43d6d776de48975f4c28e254e10917c6af9e789d85a0747dd0df73b011
66a1f8600190f0d61de992407b1f19f713810f1b1c6d573089c07a25477c80a6
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
684eb7f5943ee1b4635fa80766c33b94b0468838e94ff7b4cbc1e9ca6b138dcd
68eab682fbe6990ca734c80baf13de79bd0156687ef72ab808b9ade11cde7133
6b7f5b25c667479eba0f35c8a6235fff3a8e30ca06aff6599e7f1818391db0fa
6b8ae2109eff1f2f1fc60fcf5e5e3fc1c9056bd25378363e7a93e673b851dc76
6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5
6f68e9c110d872999e924d40ada1bfee213e791b9d4d5719ec6745b086b4210f
6f6f12e6fe28dfb472be821df4993f21be3037426930b37aa29d78edad54f05f
71649c7a9b577df0d23d604e8790430445a5d9f7b313c28fa05a2cc1f69e0551
719ca11117c3b80c55790506cfdae167cb9da854d09d553dde105bf809d73a90
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
73b28c8abb50de116892581c994318aae38e4c8b436abe1094daa7270e9081db
74d2e71410208136224597ec0ac66a8da954a4fd5e3c917c019138543d7c2910
75a6c35fc5243f7ad007302f8c4b966fb0e5679160cc1e9065a2240f8987e11a
76a9257ff3393c6dbf64b09e8b9e7ac2def45258f8e81a65b0178ab7cd63cae8
76bf244306d8cd21c0a92a27dff2d373982081082765133743ee5c52138f820f
7757f78ee01ca081e47831a495f02534510cfe510a41544bfe1a99fc9f2808c0
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e3c36359d0ec20dd525d3d88079caf97811953d34c2ddb75e04d5d489f0db77
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
80b8d47e64fe0cd3e58d5b5f6c148a369eb9b4645821cf56334768ba37c56fea
81c263983ccd8fbb85c681d15bd19b34f1afcf7fbc43909e6217fb5615079b1e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82e7151b64aee75032616c2d4855c56eb04f0ec30533e04e8acc76574e68e444
84118fa5c9f27283692d0fb0bd058fc1a3c105a1bc8045e2a82ed19d52de237c
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86260408ac5824b944780a7997b9a938fabeb055171807f11ced8465d93ea41a
86e99781037de04c8c0570411754e5a0effff49a73ac06ca5414d42f708b7160
86eafef69aa7f8de7be2564f5c01e107e3dd86993e3603eea9d4df2ebe79c6d9
87f49d9b3fc829256e2646a160cb393e1e32a0264930821fca464014a116dfb3
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
89417b7e7e602e0e469946d8971f4a48d69e6511d2755b5933d95260f9771529
89c4038259888710b2b7e60f247c9b86b439abb62afdec1e10d240c17bed351f
8ac677c8305c63efea4d8ec6b03cc018291e445a8d08a91dd004157614a54e72
8b7333122b15217620584bc0eb575f8b53552111c36b150c507d7d2dfd21fee4
8e4704ba515d8e85bdd09aab4863b48433cfdfcf1e69c800a64ee7060060654f
910ff73862ed4bdf535faeac229680eaeb85ce8daa6fe255db68ee1b85f79261
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
96233ad096f801ed1be61fd9e1e0f2300d0f8a78c13cbf8d59c7ea85d3104866
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
9975060916a688b50ea9378b46c9c0ee116843ec8d4752d0a9fccb08d31766e4
9a05f9ca31cb57578e6200a42d680ff324682d2e0c0e78da2dfeda2140f42153
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9baac1819a4feff56a27ebf6c019a035217c7738af8fd1515281e2b27c0769fb
9cde9396699620f67d5b594f00c4e52a2c33f16f262425e416717a5f59d2af34
9d63b6faac36178b1e48dcf9191d63c0e8c15f67d1874b99472e16c31ac7c10e
a0664e990cd11b5424359189a98d6a4999f20e455d1cd1423344ab4827cd5fb2
a3c958c938d9d52413ae68cea527bead597709ee377b3db0b6c5b7e801878bbb
a59150fba1c64789ac1e0bad98fa1db48fe0f5fe8eba74cc0e51d9d1c2ab69ab
a5a5e4b90634f91553bde7476a11e4f49ec83ae15f5be30304644b8b6b9202dc
a6c169dbf34be0654a382729b525a36d66d224d217b7304ee98f60b5e2855141
a7df8397989bd64872d168997c35c2a529ca825b87b897ca6c4351d8ee0d2843
a89014356bcf19f60182edae35da2645b5edcf20c541fa30810bcd6968213c5c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ade94da0fbdd2afc8439d9201597967358f4063f98c089c1186f7c05c36072fc
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
afac95ff92685ed7c73397ea600962bbe626f20b9222ed69fe3dfb588686499a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b007d08336cbab51c2bea5ad4af136decdd0148f180015ad17005d7173070579
b1ae86c573ab73a2175b2360b85aaa3c722bf1cef18920e5f5eaca4256f3fee7
b25e755bb5c3beb124f7997f0026a6d3b072d99a07031293166a542ef0cfb3f0
b2f25671517f19b9c477ca58527ed79a2f3902d04de4d0032c91caede08c885f
b39fc4afc6004dbae5a2e53bf954704b7970abf48b60542ac04ef94616dcaac9
b4e544b010077ceacf159dfdf566b37d06f8ab3c151e9561720e392b8f1ea38e
b70f4996d1e5b8428d4b9c55db717d009ccb718e72ff18bb34e64ecc3a524e49
b853d534d582b2b5f8a79dbdbf7addc12f8882fc52c4bb2ac64b8a5a106a1801
b9e158123f5d70a22c1cb11efe8d5f43217dc38d0b0663157e1af66e4dc142b9
bff6fed30551c83dc284d4251dfe05dd2206f8824682cb7cdb462c672ce57f01
c043afdf87f8578799ea585dcdd043496fb359ded3c473db39872a497f1b4028
c044b57641e6bd06e236932599393f9501acb0655012b09617dbe6124d78b40d
c0bc803ded3eb30a6da6c3a037589f7554a759eb01357fe52de1adc19193d87b
c13d04ce8a8ae9d5ef4e8f1f915b759ccc9646386a4f743d9b46528a6d818b7e
c1483ad1f88a63620e340e12810771ffaa2060d938c962f5ad4323316ecd7907
c3c307a8c03a16d52e8cdd2343f2c4a02656c3f8b8ffa807ef6ceffe101efab1
c646ff7bcc2b746ff149c41b6495ee20edbe3398903ca6678f85e92486f6cfe8
c64ff2bafde456b1f4e622adf2a7c3ee4d2c7ed2a96aa953b0f419fbe236e3bf
c8a6db0071ffad48a7e97d548c95976c40fcd145b57cb96eab4b9d0923577a25
c90a7c747e1f51fb34ca6edce323e84ff7f438e03ee90133a7e001676af3ed42
ca648ea619ca5219bdb5c7aaa4a9d15527e9f9b8afb314602bc84311ed5217a8
cc6f944ee53b7874d4811c2365cb731b1c48a71fc99a28b9dd592c96a4a05bdb
ccbcfe685f4f66143fb324f2d6cea6d2baf0ff52a8afc5ed8d48b73af008add6
cda4c3cec914a41bdd1767524e425e13c5e071aba0d66fe00e52f88f1fb9a595
cdf768e515e34c57aab6d7507d1192dbd63bd1b4af751275e41d823286f64c7f
cecf419eb9c068b6a4da39eb0e34613c07cded242400eb97467da889de2b6ab9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d165f84e466f4d1c4e4840e7bddf5e6e0114e114cf2c555078c40719498430dc
d3a8ce67fe741a9a597388d6972da38f254b06f2659d89be43910ba5cd9301f9
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d6f1a4d20fd8c9a46d89a5d1dbc3ead5e33a31933a05c99604b098d03133e862
d77dc3ff69c567e1a16785b3cc814d96f492d058c4538f206d65145f07a9e4ad
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da4737985a1f7986caa995482679b3aaded91548740b995975e3f48ebd6511e3
dab76521c283290398a2f6b2da0ffdbdd4c23bcd0b712d9cccfd940f585d50eb
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc05dc90ce0b01c8a5ce83cfd140dab23acf313860619895420cdb420d76c013
dc7a702cd54df304f322f5e65b4c0d2b310a53e89c298a5d897095b820902315
dca4ddebc66503acdcdf9584f06df7e2ef6a730307d9700a7cc5d1e20554f84e
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deaa2ebfb2a756cf9bafc0d0795e66c672f8451c4bdcb87822bdf80f6a43041f
dfe92655b5b80e6c14a402eb69200bce796fdb22f0c06fdb7dbdb96fe6b311a2
e0b25ef5e049d75cfce4182c9138a659e8caf40a3a2466ec985a25eafe60081c
e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9
e2e7cc185a2cd22f9557f6eed32c8409aefc9a528f880d33bcb5aa579cd16a4c
e377e0a5e412ca19d5e199c5068b4affa6933e3a59d37b403361b43de292e524
e387ea41e08f3bb1ef39a8184ac534d13405ccff0d4795338c5989ea8f15c54a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47ce84991c458c8f17232fec78048b31136f5af236a4c4b256b387e951219cd
e5da457f1a1fac2f05ec1e0c7e95f892351fd3558b907a6608ed74ee73ffa80a
ec0be09c5b8d31be403c97c680a10da03894d9f27b25245b5860aec33f37bffa
ec2f607eb8d72d02304be94e060dae64a93a875fae8dcdc36f8ff36e3f9ab6f4
edd4a76cd6669fe6405b7dda001e91caff4010216146f1c38860b703a4ac6e1f
ede3bf9e3f2e5db1586206300c29ef3a6ad704eaa7603b2ef7f8d46450b63b8d
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8eaf92e36a2407761a5345e0abc55f3bcf0e4bcd9262a1d24df3f03c7b992a
f0649bd6e3b2432eb940d6f1758a4f4a560ea054495452fb967fff918d7a577e
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14
f12b79d7404cc2fd5eae9cb8f473ef529abecda97ee2a07fc03983a082514404
f1c47b530099b2d4785e3e97e6d84c67a1fef2563fe7499715948fd060a80e68
f4ab507a816906136d0ea985f089ee666acd8a10850ec718e67cd98ca23a8081
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f562b156c87077217e04efb44c5d87ef05f9bbe800ec355a86c7d73686c9f44d
f6ea2cc680ddc0c887c4929857d7747a9b4299bb617397f242b010f28a62b4da
f863f4fe35f3d935c52ad4eb20534649464d132cd9d06ca5ff0c5076b9c90d64
f8bd27657d5373067aa3e9d8885497855c6284d495706dfb1ccdf0cdc0bc3391
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
fb390d9ec76311b4278dac158f9f636853bc77a6f4d4b0762e8b44d84723c5ca
fcd544f5f46f7768e47ba49da112aa5d98404e96c786d36cb45c716f7d45a561
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
fe3e965f1eb56e21e206d5ee74366f5d53cd187cbed9971258eedc74d8560d52
feb2e3f9f35d24d83b2dd7c57453282a8cefd8a4a996e6b6f5f67f2285725c2f

mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com Open in urlscan Pro 3.130.242.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

302 Requests

84 %HTTPS

35 %IPv6

54 Domains

89 Subdomains

82 IPs

2 Countries

6895 kBTransfer

14797 kBSize

177 Cookies

94 Outgoing links

Redirected requests

302 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mirror-stack.bmqjcgwzpd.us-east-2.elasticbeanstalk.com Open in urlscan Pro
3.130.242.255 Public Scan

Screenshot
Live screenshot

Full Image

302
Requests

84 %
HTTPS

35 %
IPv6

54
Domains

89
Subdomains

82
IPs

2
Countries

6895 kB
Transfer

14797 kB
Size

177
Cookies

302 HTTP transactions
5 data transactions