www.greenstate.org Open in urlscan Pro
40.122.75.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mwbonline.com/
Effective URL:
https://www.greenstate.org/midwest.html
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 18 via api (May 18th 2024, 7:53:49 am UTC) from IT — Scanned from NL

Summary HTTP 122 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 43 domains to perform 122 HTTP transactions. The main IP is 40.122.75.103, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.greenstate.org. The Cisco Umbrella rank of the primary domain is 350832.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on May 6th 2024. Valid for: a year.

This is the only time www.greenstate.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	89.106.200.1 89.106.200.1	209626 (ENFLOW) (ENFLOW)
2 40	40.122.75.103 40.122.75.103	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.0.63.252 192.0.63.252	62659 (Q2HOLDINGS) (Q2HOLDINGS)
11	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
6	104.18.4.175 104.18.4.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2.16.1.171 2.16.1.171	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.1.39.142 52.1.39.142	14618 (AMAZON-AES) (AMAZON-AES)
4	2.17.147.122 2.17.147.122	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
4	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
17 22	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:25e... 2600:9000:25e8:f600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:f280:da4c:a0a4:5da6	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.171.139.95 54.171.139.95	16509 (AMAZON-02) (AMAZON-02)
1 1	3.127.113.198 3.127.113.198	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.6.113.5 52.6.113.5	14618 (AMAZON-AES) (AMAZON-AES)
1	2.19.217.66 2.19.217.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.17.40.72 52.17.40.72	16509 (AMAZON-02) (AMAZON-02)
1	54.76.246.110 54.76.246.110	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
122	43

1 89.106.200.1 (Alphen aan den Rijn, Netherlands) 1 redirects

ASN209626 (ENFLOW, NL)
PTR: edge.redirect.pizza

mwbonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 40.122.75.103 (Des Moines, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

greenstate.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.greenstate.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.63.252 (United States)

ASN62659 (Q2HOLDINGS, US)

cds-sdkcfg.onlineaccess1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.4.175 (None, )

ASN13335 (CLOUDFLARENET, US)

global.localizecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.1.171 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-171.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.39.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-39-142.compute-1.amazonaws.com

px.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.17.147.122 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-122.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 35.204.74.118 (Groningen, Netherlands) 17 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:f600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:f280:da4c:a0a4:5da6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.139.95 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-139-95.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.113.198 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-113-198.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.113.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-113-5.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.217.66 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-66.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.40.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-40-72.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.246.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-246-110.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	greenstate.org 2 redirects greenstate.org — Cisco Umbrella Rank: 229024 www.greenstate.org — Cisco Umbrella Rank: 350832	512 KB
24	simpli.fi 17 redirects tag.simpli.fi — Cisco Umbrella Rank: 4639 i.simpli.fi — Cisco Umbrella Rank: 3809 um.simpli.fi — Cisco Umbrella Rank: 870	11 KB
11	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1866 ka-p.fontawesome.com — Cisco Umbrella Rank: 3346	179 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	91 KB
6	localizecdn.com global.localizecdn.com — Cisco Umbrella Rank: 17304	48 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	549 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	428 B
5	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5814 api.livechatinc.com — Cisco Umbrella Rank: 5281 secure.livechatinc.com — Cisco Umbrella Rank: 6588	33 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 89 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 272	840 B
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3095 www.google.com — Cisco Umbrella Rank: 2	343 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 345	14 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1990	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1679 ups.analytics.yahoo.com — Cisco Umbrella Rank: 435	213 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2568	843 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 546 d.agkn.com — Cisco Umbrella Rank: 758	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 493	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 539	712 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	gstatic.com fonts.gstatic.com	79 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 527	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 404	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 7810	64 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 126	23 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 456	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 891	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 983	266 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 931	480 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1605	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6505	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 413	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1260	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 653	235 B
1	google.gr www.google.gr — Cisco Umbrella Rank: 25905	408 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 10834	408 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 882	393 B
1	t.co t.co — Cisco Umbrella Rank: 717	377 B
1	adentifi.com px.adentifi.com — Cisco Umbrella Rank: 10128	35 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 801	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
1	onlineaccess1.com cds-sdkcfg.onlineaccess1.com — Cisco Umbrella Rank: 16480	167 KB
1	mwbonline.com 1 redirects mwbonline.com	196 B
0	intentiq.com Failed sync.intentiq.com Failed
122	43

	Domain	Requested by
39	www.greenstate.org	1 redirects www.greenstate.org
22	um.simpli.fi	17 redirects
9	ka-p.fontawesome.com	cds-sdkcfg.onlineaccess1.com www.greenstate.org
6	connect.facebook.net	www.greenstate.org connect.facebook.net
6	global.localizecdn.com	www.greenstate.org cds-sdkcfg.onlineaccess1.com
6	www.googletagmanager.com	www.greenstate.org www.googletagmanager.com
5	www.facebook.com	www.greenstate.org
3	api.livechatinc.com	cdn.livechatinc.com
3	bat.bing.com	www.greenstate.org bat.bing.com
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	www.google.com	1 redirects www.greenstate.org
2	stats.g.doubleclick.net	www.googletagmanager.com cds-sdkcfg.onlineaccess1.com
2	www.google-analytics.com	www.googletagmanager.com cds-sdkcfg.onlineaccess1.com
2	fonts.gstatic.com	fonts.googleapis.com
2	kit.fontawesome.com	www.greenstate.org cds-sdkcfg.onlineaccess1.com
1	cm.g.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.de
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	ups.analytics.yahoo.com
1	cms.analytics.yahoo.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	secure.livechatinc.com	cdn.livechatinc.com
1	www.google.gr	www.greenstate.org
1	www.google.nl	www.greenstate.org
1	region1.analytics.google.com	www.googletagmanager.com
1	analytics.twitter.com	www.greenstate.org
1	t.co	www.greenstate.org
1	px.adentifi.com	www.greenstate.org
1	static.ads-twitter.com	www.greenstate.org
1	tag.simpli.fi	www.googletagmanager.com
1	cdn.livechatinc.com	www.greenstate.org
1	fonts.googleapis.com	www.greenstate.org
1	cds-sdkcfg.onlineaccess1.com	www.greenstate.org
1	greenstate.org	1 redirects
1	mwbonline.com	1 redirects
0	sync.intentiq.com Failed
122	54

This site contains links to these domains. Also see Links.

Domain
ebanking.greenstatecu.org
www.psfs.com
www.facebook.com
instagram.com
twitter.com
www.linkedin.com
greenstatestorage.azureedge.net
ncua.gov
www.hud.gov
localizejs.com

Subject Issuer	Validity	Valid
www.greenstate.org RapidSSL TLS RSA CA G1	`2024-05-06` - `2025-06-06`	a year	crt.sh
onlineaccess1.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
global.localizecdn.com E1	`2024-05-13` - `2024-08-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.nl WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.gr WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.greenstate.org/midwest.html
Frame ID: 86DB492F11DE0A13CBCA568384DA74E9
Requests: 122 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=5799671&group=8&embedded=1&widget_version=3&unique_groups=1
Frame ID: 9D7542497A6841B1D3DBD33434414C4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Midwest - GreenState Credit Union

Page URL History Show full URLs

http://mwbonline.com/ HTTP 307
https://mwbonline.com/ HTTP 301
https://greenstate.org/midwest HTTP 302
https://www.greenstate.org/midwest HTTP 301
https://www.greenstate.org/midwest.html Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

122
Requests

84 %
HTTPS

29 %
IPv6

43
Domains

54
Subdomains

43
IPs

8
Countries

1722 kB
Transfer

4387 kB
Size

39
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://ebanking.greenstatecu.org/greenstatecuOnline/uux.aspx#/login
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.psfs.com/greenstate
Title: Credit Card Processing

Search URL Search Domain Scan URL

URL: https://ebanking.greenstatecu.org/greenstatecuonline/sdk/AutoEnrollmentE2E/ForgotLogin
Title: Forgot Login?

Search URL Search Domain Scan URL

URL: https://ebanking.greenstatecu.org/greenstatecuOnline/uux.aspx#/login/resetPasswordUsername
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://ebanking.greenstatecu.org/greenstatecuonline/sdk/AutoEnrollmentE2E
Title: Enroll

Search URL Search Domain Scan URL

URL: https://ebanking.greenstatecu.org/greenstatecuonline/sdk/AutoEnrollmentE2E/AccountRecovery
Title: Unlock Account

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GreenStateCU/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/greenstatecu
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/GreenStateCU
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/greenstatecu/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://greenstatestorage.azureedge.net/media/8x10_WelcomeBooklet_Dec_2023.pdf
Title: New Member Guide

Search URL Search Domain Scan URL

URL: https://twitter.com/greenstatecu
Title: Twitter

Search URL Search Domain Scan URL

URL: http://ncua.gov/

Search URL Search Domain Scan URL

URL: http://www.hud.gov/fairhousing

Search URL Search Domain Scan URL

URL: https://localizejs.com/
Title: Localize

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mwbonline.com/ HTTP 307
https://mwbonline.com/ HTTP 301
https://greenstate.org/midwest HTTP 302
https://www.greenstate.org/midwest HTTP 301
https://www.greenstate.org/midwest.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=BDB22E974BC44FD2B82EC5751C4EFCCD

Request Chain 100

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/BDB22E974BC44FD2B82EC5751C4EFCCD HTTP 302
https://sync.1rx.io/usersync/simplifi/BDB22E974BC44FD2B82EC5751C4EFCCD?zcc=1&cb=1716018825319 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-73f0fbb6-7d9b-4dcb-acf4-f5abdf3d2a2d-003

Request Chain 101

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=BDB22E974BC44FD2B82EC5751C4EFCCD&dongle=yf3

Request Chain 102

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=BDB22E974BC44FD2B82EC5751C4EFCCD

Request Chain 103

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=BDB22E974BC44FD2B82EC5751C4EFCCD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=BDB22E974BC44FD2B82EC5751C4EFCCD

Request Chain 104

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=BDB22E974BC44FD2B82EC5751C4EFCCD HTTP 302
https://d.agkn.com/pixel/10751/?che=1716018825399&ip=37.48.94.3&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219473204886000605719 HTTP 302
https://um.simpli.fi/aa_px?sk=219473204886000605719 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 105

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=BDB22E974BC44FD2B82EC5751C4EFCCD

Request Chain 108

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=BDB22E974BC44FD2B82EC5751C4EFCCD;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=BDB22E974BC44FD2B82EC5751C4EFCCD;mimetype=img;sr HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Request Chain 109

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=BDB22E974BC44FD2B82EC5751C4EFCCD&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=BDB22E974BC44FD2B82EC5751C4EFCCD&j=0&xl8blockcheck=1

Request Chain 111

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=BDB22E974BC44FD2B82EC5751C4EFCCD

Request Chain 112

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=BDB22E974BC44FD2B82EC5751C4EFCCD

Request Chain 113

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BDB22E974BC44FD2B82EC5751C4EFCCD

Request Chain 114

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=BDB22E974BC44FD2B82EC5751C4EFCCD

Request Chain 115

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=BDB22E974BC44FD2B82EC5751C4EFCCD

Request Chain 116

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1716018825174&cv=7&fst=1716018825174&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1356944924&cv=7&fst=1716018825174&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIv5uHpNyWhgMVmnWkBB3ZFAuMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LmdyZWVuc3RhdGUub3JnLw HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1356944924&cv=7&fst=1716018825174&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIv5uHpNyWhgMVmnWkBB3ZFAuMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LmdyZWVuc3RhdGUub3JnLw&is_vtc=1&cid=CAQSGwB7FLtqfcyMIi9P2ZmC-gLYSG-aGFHicl1sig&random=2171573776 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1356944924&cv=7&fst=1716018825174&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIv5uHpNyWhgMVmnWkBB3ZFAuMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LmdyZWVuc3RhdGUub3JnLw&is_vtc=1&cid=CAQSGwB7FLtqfcyMIi9P2ZmC-gLYSG-aGFHicl1sig&random=2171573776&ipr=y

Request Chain 118

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=BDB22E974BC44FD2B82EC5751C4EFCCD HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DBDB22E974BC44FD2B82EC5751C4EFCCD

Request Chain 119

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BDB22E974BC44FD2B82EC5751C4EFCCD&expires=365

Request Chain 120

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=BDB22E974BC44FD2B82EC5751C4EFCCD

122 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request midwest.html Show response
www.greenstate.org/
Redirect Chain

http://mwbonline.com/
https://mwbonline.com/
https://greenstate.org/midwest
https://www.greenstate.org/midwest
https://www.greenstate.org/midwest.html

96 KB
20 KB

190ms
190ms

Document
text/html

40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 5f44bf5c430e6c8fc6cdf99eb788b35db51f31324f213d739303238b7ffcb766

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20181
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 May 2024 07:53:42 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
X-Robots-Tag: noindex

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 May 2024 07:53:42 GMT
Keep-Alive: timeout=5, max=100
Location: /midwest.html
Server: Apache/2.4.52 (Ubuntu)

GET
H2 200 common.js Show response
cds-sdkcfg.onlineaccess1.com/ 300 KB
167 KB 222ms
156ms Script
application/javascript 192.0.63.252
Q2HOLDINGS

General

Check archive.org

Show headers Download Go to

Full URL

https://cds-sdkcfg.onlineaccess1.com/common.js

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.63.252 , United States, ASN62659 (Q2HOLDINGS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e28c24c6226dc0b48ee63ca114315aacfc503ecc92f5a99244894bc66241695

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
x-ion-hop: prod
cache-control: no-cache, no-store, must-revalidate
cf-ray: 885a466a5b619968-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 b8b2430d0a.js Show response
kit.fontawesome.com/ 12 KB
5 KB 219ms
167ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/b8b2430d0a.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e2baafcce6c7dab815a2270af05de22db4b7805c186842c4a644a279d78dda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:42 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 885a466a39a5b8f7-AMS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8mhHC9C_KMBp7sAKgqB

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
73 KB 99ms
49ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-44353815-38

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fef1ed77ad4f763d825d8e2a3a159b8ff8d58ab817ed666b586593654110334a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74051
x-xss-protection: 0
last-modified: Sat, 18 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 May 2024 07:53:43 GMT

GET
H3 200 localize.js Show response
global.localizecdn.com/ 62 KB
23 KB 63ms
26ms Script
application/javascript 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/localize.js

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f563bf268a89718a4ba182f5ab05d5913ccc772b3223083cd52c396c26ea1a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-x-amz-meta-v: 484
date: Sat, 18 May 2024 07:53:42 GMT
via: 1.1 12d69f39c905d1c9441d392eddc25066.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: MXlob10kQe2A6.qTfVxcmCk1QZ9lfkMC
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 121140
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 29 Apr 2024 17:25:41 GMT
server: cloudflare
etag: W/"ba06239578773f2fe5bb64a045ce5500"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 885a466a1cf5b8ca-AMS
x-amz-cf-id: 6nY7mCVgxk7yj4ts-sm76Zo3LGsLvvOwPNhAE2FUVBKZ4J9lpgJ2Vg==

GET
H/1.1 200
OK jquery-ui.css
www.greenstate.org/jquery/jquery_custom/ui-theme/ 35 KB
9 KB 226ms
119ms Stylesheet
text/css 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/jquery/jquery_custom/ui-theme/jquery-ui.css?ver=202205121100
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: fac4a6233933456641d8ffeda6e8fe2501070f741499482cc37d330a85758c7c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 May 2019 14:55:52 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "8dae-587e8d4912e00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8510

GET
H/1.1 200
OK jquery.timepicker-addon.css
www.greenstate.org/jquery/jquery_plugins/ 2 KB
854 B 348ms
117ms Stylesheet
text/css 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/jquery/jquery_plugins/jquery.timepicker-addon.css
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 78623bcab5f2c49d1b44ac501d7146864d818ab26158851ce0bd9ec2650f53bd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Mar 2018 13:30:04 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "798-568004e26af00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 519

GET
H/1.1 200
OK site.css
www.greenstate.org/css/ 129 KB
28 KB 355ms
120ms Stylesheet
text/css 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/css/site.css?ver=202205121100
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: e1024afdc5f1ad8d59d154ddb3bce09d5f719fcebd7933e6af06e20bef3c93f8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 May 2022 19:12:13 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2033f-5ded555d55d40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 28811

GET
H/1.1 200
OK es.css
www.greenstate.org/media/lang/ 596 B
652 B 351ms
115ms Stylesheet
text/css 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/media/lang/es.css
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 44653a08e25d27fd3c1454178e34ed31c5c9970f5ff738fdb19bd6baf26a84c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 May 2024 18:04:33 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "254-618aa2f0f4952-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 316

GET
H/1.1 200
OK jquery-1.11.0.min.js Show response
www.greenstate.org/jquery/jquery_custom/js/backups/ 94 KB
33 KB 358ms
120ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/jquery/jquery_custom/js/backups/jquery-1.11.0.min.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Apr 2014 17:24:50 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1787c-4f68b42e47c80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33367

GET
H/1.1 200
OK jquery-ui-1.10.4.custom.min.js Show response
www.greenstate.org/jquery/jquery_custom/ui-theme/backups/custom-theme-1.10/ 223 KB
60 KB 365ms
126ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/jquery/jquery_custom/ui-theme/backups/custom-theme-1.10/jquery-ui-1.10.4.custom.min.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: a8c519fffecf617faef80a44067b1367c774dcad8b04326cee2fd3b37615cfd1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Mar 2018 15:04:07 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "37cbb-56815bc5767c0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 60695

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
www.greenstate.org/jquery/jquery_custom/js/backups/ 7 KB
3 KB 360ms
118ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/jquery/jquery_custom/js/backups/jquery-migrate-1.2.1.min.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Apr 2018 17:26:35 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1c1f-56aaf929ae8c0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3063

GET
H/1.1 200
OK jquery.json.min.js Show response
www.greenstate.org/jquery/jquery_plugins/ 2 KB
1 KB 460ms
117ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/jquery/jquery_plugins/jquery.json.min.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 01cea9335f653faf74a88d3b9de3ceff263a52dddceca33d02035d9dce4bb6b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Mar 2018 12:10:36 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "7f0-568134fcc2700-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1033

GET
H/1.1 200
OK jquery.timepicker-addon.l9.js Show response
www.greenstate.org/jquery/jquery_plugins/ 77 KB
19 KB 466ms
118ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/jquery/jquery_plugins/jquery.timepicker-addon.l9.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: d809b15cc6ed0c338813655858c28ed49e71bbdd61e9f24be1a1cc0f20dad549

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 May 2018 13:39:49 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "13315-56b9dcdb85340-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18987

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.greenstate.org/jquery/jquery_plugins/ 23 KB
8 KB 480ms
121ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/jquery/jquery_plugins/jquery.validate.min.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Mar 2018 16:44:11 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "5add-56803045dccc0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7502

GET
H/1.1 200
OK jquery.flexslider.l9.js Show response
www.greenstate.org/jquery/jquery_plugins/ 55 KB
12 KB 585ms
125ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/jquery/jquery_plugins/jquery.flexslider.l9.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: b50adb99bc554816a8335a09ba0633e90808fe17c82e7643f9de05e28e744a5d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jun 2018 17:21:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "dde9-56eb173d292c0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 12349

GET
H/1.1 200
OK jquery.placeholder.js Show response
www.greenstate.org/jquery/jquery_plugins/ 5 KB
2 KB 578ms
113ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/jquery/jquery_plugins/jquery.placeholder.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: bd45e67d1e4c688190a63fad2c280b978f3d8b311803f8ddbac36b5de021c942

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 May 2015 19:12:16 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "14e3-51582b0946400-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1748

GET
H/1.1 200
OK main.js Show response
www.greenstate.org/scripts/ 20 KB
6 KB 589ms
116ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/scripts/main.js?ver=202205121100
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 7dfb2b9687ace8fe84ec05529448f089944c54e479761c2fe702ccbcfaf779a3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jul 2021 20:04:06 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "51b0-5c7a7ac325980-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5712

GET
H/1.1 200
OK menu-mobile.js Show response
www.greenstate.org/scripts/ 2 KB
1 KB 604ms
120ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/scripts/menu-mobile.js?ver=202205121100
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 7ad2f41b4b1692875b11f9df2ffe687bb823a953479403a91c9c2f83069b3cb5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Jul 2018 15:08:33 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "7aa-57005922b1e40-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 685

GET
H/1.1 200
OK masonry.pkgd.min.js Show response
www.greenstate.org/scripts/ 24 KB
8 KB 712ms
117ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/scripts/masonry.pkgd.min.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Sep 2017 16:00:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "5e12-55900240913c0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7356

GET
H/1.1 200
OK imagesloaded.pkgd.min.js Show response
www.greenstate.org/scripts/ 7 KB
3 KB 710ms
114ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/scripts/imagesloaded.pkgd.min.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Sep 2017 16:00:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1b25-55900240913c0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2352

GET
H/1.1 200
OK main_custom.js Show response
www.greenstate.org/scripts/ 16 KB
4 KB 722ms
118ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/scripts/main_custom.js?ver=202205121100
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 0008c780eba55626caf0952edc3747676c64a2e85979658cb78657ad512a9f41

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 12:20:05 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3f9d-5c9338591e740-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4245

GET
H/1.1 200
OK es.js Show response
www.greenstate.org/media/lang/ 1 KB
870 B 722ms
117ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/media/lang/es.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: adcd9faca8f33a506ce239eba423153c05a2ea71a3e2cd79b712577c73c921cb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2022 16:38:49 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "5b8-5ee11ce7884f7-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 528

GET
H/1.1 200
OK comments.js Show response
www.greenstate.org/scripts/ 10 KB
2 KB 719ms
115ms Script
text/javascript 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/scripts/comments.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 5ed68fc69d6e632f66ef4b5f855b1add668d7ebf477b889e7ba5b33b18f23f65

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 May 2018 19:12:58 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "29d7-56cf87075a280-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1972

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 116ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3dbaed0c8b374eacd5c79ca730b4786a05d551d74fa65e7a9d8c3156fc5d2bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 May 2024 07:53:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 May 2024 07:46:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 May 2024 07:53:42 GMT

GET
H/1.1 200
OK green-state-logo-transparent.png
www.greenstate.org/img/ 16 KB
16 KB 118ms
118ms Image
image/png 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/img/green-state-logo-transparent.png
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: fd28486197745829125fc7bd6c011d4affc70f5207cc0e85b27d66107853f930

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Wed, 17 Jul 2019 18:39:00 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "40cd-58de4ce7e5900"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 16589

GET
H/1.1 200
OK rainy-day-hero2.jpg
www.greenstate.org/content/images/230/ 25 KB
25 KB 115ms
114ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/230/rainy-day-hero2.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: e028d6727fdb0196780c738f82090ed68204254998b0c31f8137f825f108cd89

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Mon, 09 Jan 2023 19:41:57 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "62d9-5f1d9f5c66cfa"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 25305

GET
H/1.1 200
OK greenstate-creditcards-mm.jpg
www.greenstate.org/content/images/230/ 18 KB
18 KB 124ms
123ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/230/greenstate-creditcards-mm.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 4f14843b7f8975a50a78277ff6c90b684bed0e0aef67e9f3a5cafc3b8447cec2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Wed, 03 Jan 2024 21:10:48 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "47d0-60e110c9034c9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 18384

GET
H/1.1 200
OK MeetWealthTeam.jpg
www.greenstate.org/content/images/230/ 29 KB
29 KB 125ms
123ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/230/MeetWealthTeam.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: aa583b608b701edce877c307deaa9cac6cb3fd7ae1ac327e9ebf7994405bdfc0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Thu, 15 Jun 2023 16:23:38 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "7245-5fe2d7d9e5aca"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 29253

GET
H/1.1 200
OK time-to-grow-logo.jpg
www.greenstate.org/content/images/230/ 28 KB
28 KB 123ms
121ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/230/time-to-grow-logo.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 52625d1f7c4644f17e836740d8bba73442f828e4253b6f27bf0a8865dcc30720

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Wed, 15 Jun 2022 18:32:14 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "6f92-5e180bd7c395f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 28562

GET
H/1.1 200
OK GreenStateCU-400-nobg.png
www.greenstate.org/content/images/original/ 51 KB
51 KB 121ms
120ms Image
image/png 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/original/GreenStateCU-400-nobg.png
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 712de9abe56292460a394c80b74c22d44d2f35fe1584d0a999ed6f326ec80ca6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Sun, 21 Jul 2019 17:38:21 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "cc40-58e346cf51d40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 52288

GET
H/1.1 200
OK Midwest-Logo.png
www.greenstate.org/content/images/original/ 15 KB
16 KB 123ms
114ms Image
image/png 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/original/Midwest-Logo.png
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 226affe1e3f5247bab0f0b801e8f9496363252c820fbd02caabb42e5da2a736c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Fri, 01 Jul 2022 22:05:02 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3dcf-5e2c593f444a4"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 15823

GET
H/1.1 200
OK schedule.jpg
www.greenstate.org/content/images/original/ 5 KB
5 KB 124ms
120ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/original/schedule.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 58a43ccaa8621f77f2ae63c229188e7c3fca73603539399e957f559ad3228f57

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Fri, 26 Nov 2021 21:58:54 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "13e2-5d1b83279aafd"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5090

GET
H/1.1 200
OK resources-checks.jpg
www.greenstate.org/content/images/original/ 10 KB
10 KB 119ms
118ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/original/resources-checks.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 7ad2977c22f0b5b3a4755874102fba4ce8a5df060a8cf3799c6e880398571385

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Tue, 01 Mar 2022 00:24:59 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "28b9-5d91d31fc6f5e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 10425

GET
H/1.1 200
OK resources-debit-card.jpg
www.greenstate.org/content/images/original/ 11 KB
11 KB 119ms
118ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/original/resources-debit-card.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 49edb13e74d2474eead6c0e3b4e63258fdbc692cfdebc9e5724afa49cbd11577

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Tue, 01 Mar 2022 00:24:59 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2a94-5d91d31fc8e9e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 10900

GET
H/1.1 200
OK greenstate-online-banking.jpg
www.greenstate.org/content/images/original/ 7 KB
8 KB 116ms
115ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/original/greenstate-online-banking.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: c5841252ce2e6995955044124d8ff087b8967bb15ad9c7fda57d3a74c60e7559

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Mon, 07 Mar 2022 23:00:59 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1dde-5d9a8d6793b8b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7646

GET
H/1.1 200
OK recent-mail.jpg
www.greenstate.org/content/images/original/ 8 KB
8 KB 114ms
113ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/original/recent-mail.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 0f51d5527e44480cceef8fedf9d1249fced20b4cdccb67f894466656dfc33085

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Fri, 11 Feb 2022 23:00:05 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1e0d-5d7c60709bcab"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 7693

GET
H/1.1 200
OK share-deposit.jpg
www.greenstate.org/content/images/original/ 9 KB
9 KB 114ms
114ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/original/share-deposit.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 5c8ab9f9709baf7702991e737a42464eab3969885f075e7f14d54fda8a5841d4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Fri, 11 Feb 2022 23:00:05 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "24b6-5d7c6070fd72d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 9398

GET
H/1.1 200
OK quickbooks-quicken-mint-conversion.jpg
www.greenstate.org/content/images/original/ 10 KB
10 KB 119ms
118ms Image
image/jpeg 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/original/quickbooks-quicken-mint-conversion.jpg
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: b1d8b1209d901347c8b072737799768698d66ba2791f47f553d6c6020bf7af85

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Wed, 09 Mar 2022 17:14:17 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "265b-5d9cc3a3c566c"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 9819

GET
H/1.1 200
OK NCUA-Sign.png
www.greenstate.org/img/ 3 KB
3 KB 114ms
114ms Image
image/png 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/img/NCUA-Sign.png
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 8df50f05bc7c0d89b1d3efe933954aaacdc24dc4b08566cf036aab3ef289746f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Tue, 30 Jun 2020 18:46:28 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "c51-5a95197d02900"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3153

GET
H/1.1 200
OK fheo100.png
www.greenstate.org/img/ 10 KB
11 KB 119ms
119ms Image
image/png 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/img/fheo100.png
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: b9248715a82fcbea59ffd2d4c58ea9f892e3e99bf26615f94acd759c1868cb03

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Tue, 30 Jun 2020 18:46:31 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "29a1-5a95197fdefc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 10657

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 315 KB
53 KB 70ms
27ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b8b2430d0a
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 5618560
etag: "610ae215-d3b2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 885a466cbc7eb8ee-AMS
content-length: 54194

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 73ms
31ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b8b2430d0a
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 5618560
etag: "610ae215-1062"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 885a466cbc7db8ee-AMS
content-length: 4194

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/b8b2430d0a/44105438/ 0
387 B 59ms
29ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/b8b2430d0a/44105438/kit-upload.css
Requested by: Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
cf-cache-status: HIT
age: 5618560
content-length: 0
x-request-id: F7yP-i5AkZ2gOvAWjbrC
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 885a466caa339fdb-AMS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
104 KB 122ms
72ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WWQKDR

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b62803a2830e0ff5eeb80d4e95d71a5ae29ffa3ca3edcef4ea68a083d49298b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106047
x-xss-protection: 0
last-modified: Sat, 18 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 May 2024 07:53:43 GMT

GET
H3 200 tu Show response
global.localizecdn.com/api/lib/8tdl46npPcQ3f/ 447 B
648 B 137ms
118ms XHR
application/json 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/8tdl46npPcQ3f/tu?v=484

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40df158d574aa908a4d5fc1b4d903951c2a3022fbe6223bef67f032d61b6cfbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 d1b1cc661d55a3f8a88f240826e4f38c.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"1bf-EqXsYlD/aRzbyvcqzxflpV2OyK0"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 885a466caf8993be-AMS
x-amz-cf-id: Uh631K_B8zXffuywTQeYz23nPu1zIxKu4ll2oYwEc2WVDiDZgUkRBQ==
expires: 0

GET
H3 200 g Show response
global.localizecdn.com/api/lib/8tdl46npPcQ3f/ 33 KB
12 KB 45ms
27ms XHR
text/plain 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/8tdl46npPcQ3f/g?v=0&l=source

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea84c470fdaf6fc02bcd0fdbb3594c819b6412bca4c9e5a0c5cbafe69aa34c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 13676fca7076b460ad3ad018e40a51da.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: AMS58-P4
age: 61629
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 May 2024 14:46:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=259200
cf-ray: 885a466caf8b93be-AMS
x-amz-cf-id: az85DmeDb82NrbpUMTXULYPR_A0AXZ7mE0Cpt_VbJbc5FNHL_q9PSA==
expires: Tue, 21 May 2024 07:53:43 GMT

GET
H3 200 g Show response
global.localizecdn.com/api/lib/8tdl46npPcQ3f/ 32 KB
11 KB 39ms
38ms XHR
text/plain 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/8tdl46npPcQ3f/g?v=15116&l=en

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fe4c3c371bc1fdfa2f34474bd2e8d8d87d6d10f4ae6d95e7b61ad09bc59b1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: AMS58-P4
age: 15122
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 18 May 2024 03:41:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 885a466d680193be-AMS
x-amz-cf-id: eKy6ALMfpsxOhd9hMkfXuuZBPSot8U3aFbcHiUrQX0KKvDve9CozaQ==
expires: Wed, 17 Jul 2024 07:53:43 GMT

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 75ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.greenstate.org
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:02:50 GMT
x-content-type-options: nosniff
age: 345053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:02:50 GMT

GET
H2 200 pro-fa-solid-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 19 KB
19 KB 29ms
27ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Origin: https://www.greenstate.org
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
server: cloudflare
age: 5667225
etag: "610ae35f-4d48"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 885a466f1e63b8ee-AMS
content-length: 19784

GET
H2 200 pro-fa-solid-900-5.11.1.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 8 KB
8 KB 33ms
31ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.11.1.woff2
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f1a71885bf9077aca3c849b84b51fe92f36154e21a16659ceb1fbba35cae8b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Origin: https://www.greenstate.org
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:42 GMT
server: cloudflare
age: 3497744
etag: "610ae362-2144"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 885a466f1e67b8ee-AMS
content-length: 8516

GET
H2 200 pro-fa-duotone-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 27 KB
28 KB 31ms
30ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-duotone-900-5.0.0.woff2
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f931c30f48b2240d4eba1be47c045c70545573713c19833a5573e0dad05a613

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Origin: https://www.greenstate.org
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:27 GMT
server: cloudflare
age: 5594968
etag: "610ae353-6dc4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 885a466f1e69b8ee-AMS
content-length: 28100

GET
H2 200 pro-fa-duotone-900-5.12.1.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 1 KB
2 KB 33ms
32ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-duotone-900-5.12.1.woff2
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ddf4bc016e3ad2d721f2c082e8ddad23612d63d23f71e197422d930ffb8df3b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Origin: https://www.greenstate.org
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:29 GMT
server: cloudflare
age: 56600
etag: "610ae355-5cc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 885a466f1e6ab8ee-AMS
content-length: 1484

GET
H2 200 o-0ZIpQlx3QUlC5A4PNr4C5OaxRsfNNlKbCePevtuXOm.woff2
fonts.gstatic.com/s/notosans/v36/ 40 KB
40 KB 94ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0ZIpQlx3QUlC5A4PNr4C5OaxRsfNNlKbCePevtuXOm.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef8206637f11aae654ba2c5213e1dd7f67ab06f42bfca81dc8dd3e1216eb08c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.greenstate.org
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 04:01:38 GMT
x-content-type-options: nosniff
age: 13925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41256
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:29:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 May 2025 04:01:38 GMT

GET
H2 200 pro-fa-brands-400-5.8.2.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 2 KB
2 KB 32ms
31ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.8.2.woff2
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322c181b1aab5807cd0a7ed9e249ddbd97fa385ca3d338aa59ef1f610ca24601

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Origin: https://www.greenstate.org
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:27 GMT
server: cloudflare
age: 5594968
etag: "610ae353-96c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 885a466f1e6bb8ee-AMS
content-length: 2412

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 90 KB
27 KB 114ms
20ms Script
application/javascript 2.16.1.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-171.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b35ad5a609cadcd987f79f6d88a06b5c1f402ebc7586c4d631d51a3e360799ec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: meYeiMINArk2M.6faQ098hTtLGhrFgMo
content-encoding: br
date: Sat, 18 May 2024 07:53:43 GMT
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cross-origin-resource-policy: cross-origin
content-length: 27633
last-modified: Fri, 17 May 2024 12:15:39 GMT
server: AmazonS3
etag: W/"4faae46adefe92177456f1a730dfba29"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: owxXuVOagDNL4O6bBv89A47hSx9sSV2pTMigLFR9XvngeFSphjBDEQ==
expires: Sat, 18 May 2024 15:53:43 GMT

GET
H2 200 pro-fa-duotone-900-5.10.2.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 20 KB
20 KB 25ms
25ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-duotone-900-5.10.2.woff2
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b78fbbfd0b841db3ec9038287c62a7314466ee0cb785cff6daa785ee2531342

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Origin: https://www.greenstate.org
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:28 GMT
server: cloudflare
age: 72726
etag: "610ae354-4f14"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 885a466f2e7ab8ee-AMS
content-length: 20244

GET
H2 200 pro-fa-brands-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 37 KB
37 KB 30ms
30ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49fd3e0c64f247cf56cb828bc37b88cf139df6e5c7bb4c3a4507f740e9a52c17

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Origin: https://www.greenstate.org
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:25 GMT
server: cloudflare
age: 5667225
etag: "610ae351-93a4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 885a466f2e7bb8ee-AMS
content-length: 37796

GET
H3 200 tl.gif
global.localizecdn.com/api/lib/8tdl46npPcQ3f/ 43 B
424 B 122ms
121ms Image
text/plain 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/8tdl46npPcQ3f/tl.gif?l=source&c=9462638

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 19ae37472a5ba1dbeb7e045a5cb1b166.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 43
pragma: no-cache
last-modified: Sat, 18 May 2024 07:53:43 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 885a466f59e7b8ca-AMS
x-amz-cf-id: Z6HPxtlcDFWdEmhaSjQAEkMnPOKKkLSLi9bKLu2B7lCpobmLB18WhQ==
expires: 0

GET
H3 200 tl.gif
global.localizecdn.com/api/lib/8tdl46npPcQ3f/ 43 B
424 B 124ms
122ms Image
text/plain 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/8tdl46npPcQ3f/tl.gif?l=en&c=6778837

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 dd5c8f1bc8fe255b1a3166b5a036fe2c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 43
pragma: no-cache
last-modified: Sat, 18 May 2024 07:53:43 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 885a466f59e8b8ca-AMS
x-amz-cf-id: 7yhj6wqDsev2uKRgFh07pAxtHG6UZKqc6z5Q9ofHQLlewx4gqyi4Lw==
expires: 0

GET
H/1.1 200
OK JuntosAvanzamos_logo.png
www.greenstate.org/content/images/original/ 16 KB
16 KB 119ms
118ms Image
image/png 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenstate.org/content/images/original/JuntosAvanzamos_logo.png
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: a40cb1b62e0b58b95a4424e6838559ce6d5798bc7f92e248032ded124f054844

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:43 GMT
Last-Modified: Thu, 23 Sep 2021 19:26:16 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3e28-5ccae9ac5de03"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 15912

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 81ms
22ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-44353815-38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 May 2024 07:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 18 May 2024 09:41:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 330 KB
104 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X72W628H37&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWQKDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9abc003da9f646255b12c3c9ddc7d784a5ca30e6cfada34ee850d131825bb8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 May 2024 07:53:43 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 259 KB
89 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-923628744&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWQKDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5e2cc3573414495c5387f3b7f85af5acefab26533b9ae281263624944787921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91380
x-xss-protection: 0
last-modified: Sat, 18 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 May 2024 07:53:43 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 259 KB
89 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-939427700&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWQKDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0017ddecdd7147fd2a1e4db6219a59ee432f92f32ceac4357a5f29057651edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91363
x-xss-protection: 0
last-modified: Sat, 18 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 May 2024 07:53:43 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 259 KB
89 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-882401085&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWQKDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4d447bd8b7ce95ddeec3bfee658172ce2aabe012dec25179dc7d6ce9ed2e028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91363
x-xss-protection: 0
last-modified: Sat, 18 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 May 2024 07:53:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 62ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 May 2024 07:53:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1294, tbw=2804, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 7vfdHWgieepxmcZSfu0RGRDZRewESYMpSYAuDKxNTJblAKz4TVAV9vAM0Oc39DvEQdrjGRrAUwUGh+KIFIsvUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 790cb0f0-9c7e-0138-781d-06b4c2516bae Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 67ms
17ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/790cb0f0-9c7e-0138-781d-06b4c2516bae
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWQKDR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 7111543bb4820e5ca3bef196fa5f0b4aa34fc1050abf195e10b66e823db1bb93

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:43 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F9CGB0RWGRBIJMH1E_wB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 88ms
18ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:43 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200164-IAD, cache-fra-etou8220158-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 181ms
133ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 18 May 2024 07:53:43 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 79A089D75B1C43678B498AE14DC8687D Ref B: BRU30EDGE0911 Ref C: 2024-05-18T07:53:43Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 204 Pixels
px.adentifi.com/ 0
35 B 351ms
97ms Image
text/plain 52.1.39.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adentifi.com/Pixels?a_id=17472;p_url=https%3A%2F%2Fwww.greenstate.org%2Fmidwest.html;uq=9844857754839.748
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.39.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-39-142.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:44 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 371 B
561 B 304ms
182ms Script
application/javascript 2.17.147.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=5799671&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.greenstate.org%2Fmidwest.html&channel_type=code&jsonp=__sdc7awstsnd

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.122 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-122.deploy.static.akamaitechnologies.com

Software

Resource Hash

7cbdaeb4b26a30cd8af8e466497200c049b88aa5f575ded716ff0b3d3efdc619

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.greenstate.org/;
X-Frame-Options	allow-from https://www.greenstate.org/

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors https://www.greenstate.org/;
date: Sat, 18 May 2024 07:53:44 GMT
content-length: 371
vary: Accept-Encoding
x-frame-options: allow-from https://www.greenstate.org/
content-type: application/javascript; charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 27ms
26ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1862193646&t=pageview&_s=1&dl=https%3A%2F%2Fwww.greenstate.org%2Fmidwest.html&ul=nl-nl&de=UTF-8&dt=Midwest%20-%20GreenState%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=570067210&gjid=732032713&cid=1553062316.1716018824&tid=UA-44353815-38&_gid=1160693682.1716018824&_r=1&gtm=457e45f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=2045874529

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.greenstate.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 277ms
203ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=dde31662-fd0f-481d-a709-cd01ca2f2476&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bc713c58-ca44-429c-8893-06398ccfc003&tw_document_href=https%3A%2F%2Fwww.greenstate.org%2Fmidwest.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=obpcd&type=javascript&version=2.3.30

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 180
date: Sat, 18 May 2024 07:53:43 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 85be4736882cd9ee
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 44323ee1307544c6dafda36debc610df0159443c3a5b7637d3fd19ff7f847056
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 206ms
132ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=dde31662-fd0f-481d-a709-cd01ca2f2476&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bc713c58-ca44-429c-8893-06398ccfc003&tw_document_href=https%3A%2F%2Fwww.greenstate.org%2Fmidwest.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=obpcd&type=javascript&version=2.3.30

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 109
date: Sat, 18 May 2024 07:53:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f2ccc2774ce7136c
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 79b40b0d5af5a8061bdd2a0db317896c88d9257098c7300a8eb6a31cdb0e6483
content-length: 43

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 53ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-X72W628H37&gtm=45je45f0v877959770z871221667za200&_p=1716018823114&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1553062316.1716018824&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1716018824&sct=1&seg=0&dl=https%3A%2F%2Fwww.greenstate.org%2Fmidwest.html&dt=Midwest%20-%20GreenState%20Credit%20Union&en=page_view&_fv=1&_ss=1&tfd=2558
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X72W628H37&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.greenstate.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 81ms
23ms Ping
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X72W628H37&cid=1553062316.1716018824&gtm=45je45f0v877959770z871221667za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X72W628H37&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.greenstate.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 104ms
46ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X72W628H37&cid=1553062316.1716018824&gtm=45je45f0v877959770z871221667za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=113610618

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 195569807998996 Show response
connect.facebook.net/signals/config/ 53 KB
12 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/195569807998996?v=2.9.156&r=stable&domain=www.greenstate.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc8561b2f2ab43ab77500478d56ec122129155e2e3a419e765b5a7e3540d8d02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 May 2024 07:53:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12021
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-ua-compatible: IE=edge
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=64, mss=1294, tbw=63402, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: private
x-fb-debug: Xz8F11gX0V622eCalbuYi59HpyfbTmRkFlUX+MLtfE28CNcmKLf9O0YulmhfVApPLj45PJIGvrBVeHmpG1qF4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: private
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 24ms
23ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-44353815-38&cid=1553062316.1716018824&jid=570067210&gjid=732032713&_gid=1160693682.1716018824&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1093414806

Requested by

Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aceb906b19be5a14a045dc9d5c9b04b948ef85f4aff28394e7453bea3c3d9422

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 18 May 2024 07:53:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.greenstate.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 259113494.js Show response
bat.bing.com/p/action/ 0
118 B 39ms
38ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/259113494.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 18 May 2024 07:53:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A9ACB5174DC4654A9E640B775F813F9 Ref B: BRU30EDGE0911 Ref C: 2024-05-18T07:53:44Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
289 B 51ms
50ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=259113494&Ver=2&mid=e754a6df-ae67-4807-bf89-19aec279bf22&sid=bff370a014eb11ef9303536d4de1fc13&vid=bff3c0f014eb11efbaa8eb1e9678ce87&vids=1&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=Midwest%20-%20GreenState%20Credit%20Union&p=https%3A%2F%2Fwww.greenstate.org%2Fmidwest.html&r=&lt=2080&evt=pageLoad&sv=1&rn=916825

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 May 2024 07:53:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F7CBC611F324380ACCD803C317EDB87 Ref B: BRU30EDGE0911 Ref C: 2024-05-18T07:53:44Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 91ms
42ms Image
image/gif 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44353815-38&cid=1553062316.1716018824&jid=570067210&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1598361451

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.gr/ads/ 42 B
408 B 109ms
42ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.gr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44353815-38&cid=1553062316.1716018824&jid=570067210&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1598361451

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 4 KB
1 KB 192ms
189ms Script
application/javascript 2.17.147.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=2493ad4e-7557-4274-9a95-7eea4537c226&version=3740.0.13.2266.905.219.158.17.8.11.7.17.4&group_id=8&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.122 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 68bc4bdc7f1ca067ec3e5bbf4cebfe954e2987919cb1a43be579682ceab78688

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:44 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=600
content-length: 1309
expires: Sat, 18 May 2024 08:03:44 GMT

GET
H3 200 2024063471014792 Show response
connect.facebook.net/signals/config/ 28 KB
6 KB 21ms
20ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2024063471014792?v=2.9.156&r=stable&domain=www.greenstate.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C150%2C179%2C181%2C113%2C135%2C139%2C119%2C174%2C216%2C106%2C136%2C159%2C146%2C109%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

6790cca0732146e30286e7d16a5455c0adee0672a0a39a3bb12777c67110cbe8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 May 2024 07:53:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5706
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-ua-compatible: IE=edge
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4328, tp=9, tpl=0, uplat=0, ullat=-1
pragma: private
x-fb-debug: 5qwozJ85Sr1NKTQcIxQxaN3mGn3+cGPqPHcVDqUayZFGqJyK9J1Q586Rq++0xUeqXfnFzrcfYLOVgSwdWnrUXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: private
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 63ms
19ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=195569807998996&ev=PageView&dl=https%3A%2F%2Fwww.greenstate.org&rl=&if=false&ts=1716018824279&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1716018824277.1405897031&pm=1&hrl=879690&ler=empty&cdl=API_unavailable&it=1716018824089&coo=false&cs_cc=1&ccs=676173086420202&cas=3660628587398421&rqm=GET

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 May 2024 07:53:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 200
OK e4535f42-a8ed-4378-a2f0-2070da57f384
https://www.greenstate.org/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.greenstate.org/e4535f42-a8ed-4378-a2f0-2070da57f384
Requested by: Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H3 200 788341388177767 Show response
connect.facebook.net/signals/config/ 22 KB
4 KB 153ms
152ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/788341388177767?v=2.9.156&r=stable&domain=www.greenstate.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C150%2C179%2C181%2C113%2C135%2C139%2C119%2C174%2C216%2C106%2C136%2C159%2C146%2C109%2C217%2C152%2C110%2C133%2C126%2C114%2C124%2C180%2C117

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

a41961a3f7bc3fe7e2ba3b11f33500a8e89c6abd858650461d6e319d8629c3fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 May 2024 07:53:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=30, mss=1232, tbw=12664, tp=18, tpl=0, uplat=131, ullat=0
pragma: public
x-fb-debug: rilSy/EJX/D5ULeZhGAzV1HElRJaK5mR1/jXFPSTIumij/lBBbc+jdr0kPXmsATJpsWQZU/FbQNoT69MtjFsDg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 20ms
19ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2024063471014792&ev=PageView&dl=https%3A%2F%2Fwww.greenstate.org&rl=&if=false&ts=1716018824440&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1716018824277.1405897031&pm=1&hrl=30db4a&ler=empty&cdl=API_unavailable&cs_est=true&it=1716018824089&coo=false&cs_cc=1&rqm=GET

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=3126, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 May 2024 07:53:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK open_chat
secure.livechatinc.com/customer/action/ Frame 9D75 0
0 291ms
178ms Document
text/html 2.17.147.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=5799671&group=8&embedded=1&widget_version=3&unique_groups=1
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.122 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2600
Content-Type: text/html; charset=utf-8
Date: Sat, 18 May 2024 07:53:44 GMT
Vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 11 KB
4 KB 188ms
188ms Script
application/javascript 2.17.147.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=2493ad4e-7557-4274-9a95-7eea4537c226&version=384c496c023913b78d3837c106ac447e_177cfea0cd10669525ee03ca2018db08&language=en&group_id=8&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.122 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 244d4f09fb6c7213a1fc72fc6b25430b6f5083a8484ab84d93237b56e61841e1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:44 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=600
content-length: 4013
expires: Sat, 18 May 2024 08:03:44 GMT

GET
H3 200 468749490952966 Show response
connect.facebook.net/signals/config/ 27 KB
4 KB 157ms
156ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/468749490952966?v=2.9.156&r=stable&domain=www.greenstate.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C150%2C179%2C181%2C113%2C135%2C139%2C119%2C174%2C216%2C106%2C136%2C159%2C146%2C109%2C217%2C152%2C110%2C133%2C126%2C114%2C124%2C180%2C117

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

a710824e1977a9a15ae9181b89ac89189b917d3eb79d9f3d2820c61eebe0c022

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 May 2024 07:53:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=34, mss=1232, tbw=17832, tp=25, tpl=0, uplat=131, ullat=0
pragma: public
x-fb-debug: uYOBIyKcOFjiknZ3XmnWXcc8LjrDMAP0PL8OudxnamC1HoqgEsMLiRV7LPFhgMUTr1uNxsgG8GG81FE4KmJe7Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 21ms
20ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=788341388177767&ev=PageView&dl=https%3A%2F%2Fwww.greenstate.org&rl=&if=false&ts=1716018824698&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1716018824277.1405897031&pm=1&hrl=3623cc&ler=empty&cdl=API_unavailable&cs_est=true&it=1716018824089&coo=false&cs_cc=1&rqm=GET

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4329, tp=9, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 May 2024 07:53:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 161647939357613 Show response
connect.facebook.net/signals/config/ 34 KB
6 KB 155ms
154ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/161647939357613?v=2.9.156&r=stable&domain=www.greenstate.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C150%2C179%2C181%2C113%2C135%2C139%2C119%2C174%2C216%2C106%2C136%2C159%2C146%2C109%2C217%2C152%2C110%2C133%2C126%2C114%2C124%2C180%2C117

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

b7a14dbfc18bea415874f9049b8f0f72c00f8dc908200e9ff81cf325bcf449c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 May 2024 07:53:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=38, mss=1232, tbw=22424, tp=30, tpl=0, uplat=131, ullat=0
pragma: public
x-fb-debug: tve/znWZQygp710rRa5Czb/CGRllm7DuGdgqIPCJgBWBtb4g8cmrC+oQEO+3GHRyaohui16YR9mAHIsJE5jhtA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 22ms
21ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=468749490952966&ev=PageView&dl=https%3A%2F%2Fwww.greenstate.org&rl=&if=false&ts=1716018824863&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1716018824277.1405897031&pm=1&hrl=6fe0d0&ler=empty&cdl=API_unavailable&cs_est=true&it=1716018824089&coo=false&cs_cc=1&rqm=GET

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4745, tp=13, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 May 2024 07:53:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 20ms
19ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=161647939357613&ev=PageView&dl=https%3A%2F%2Fwww.greenstate.org%2Fmidwest.html&rl=&if=false&ts=1716018825027&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716018824277.1405897031&ler=empty&cdl=API_unavailable&cs_est=true&it=1716018824089&coo=false&rqm=GET

Requested by

Host: www.greenstate.org
URL: https://www.greenstate.org/midwest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=5033, tp=17, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 May 2024 07:53:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 p Show response
i.simpli.fi/ 798 B
762 B 26ms
16ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=274792&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/790cb0f0-9c7e-0138-781d-06b4c2516bae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e5b2d9d497ae562f73240d50c483dab4b936434b48da859fee14c1b6e9024a48

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:45 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK favicon.ico
www.greenstate.org/ 15 KB
15 KB 118ms
118ms Other
image/vnd.microsoft.icon 40.122.75.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenstate.org/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.122.75.103 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: be6f9fa25d0b48af92ff1471214d4cfe047dfeaf0787689ba93d209bbe2418db

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/midwest.html
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 18 May 2024 07:53:45 GMT
Last-Modified: Wed, 17 Jul 2019 18:59:15 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3aee-58de516e9c6c0"
Content-Type: image/vnd.microsoft.icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 15086

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=BDB22E974BC44FD2B82EC5751C4EFCCD

0
235 B

104ms
34ms

Image
text/plain

2600:9000:25e8:f600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=BDB22E974BC44FD2B82EC5751C4EFCCD
Protocol: H2
Server: 2600:9000:25e8:f600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
cache-control: no-cache, must-revalidate
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P3
x-amz-cf-id: 9t5rPY7eTdvkJCcfAqnm7ac4l2Qnk864cZT5d-Ajru3hbZjQrbqPkg==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=BDB22E974BC44FD2B82EC5751C4EFCCD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2

200

RX-73f0fbb6-7d9b-4dcb-acf4-f5abdf3d2a2d-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/BDB22E974BC44FD2B82EC5751C4EFCCD
https://sync.1rx.io/usersync/simplifi/BDB22E974BC44FD2B82EC5751C4EFCCD?zcc=1&cb=1716018825319
https://sync.targeting.unrulymedia.com/csync/RX-73f0fbb6-7d9b-4dcb-acf4-f5abdf3d2a2d-003

43 B
378 B

50ms
12ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-73f0fbb6-7d9b-4dcb-acf4-f5abdf3d2a2d-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-73f0fbb6-7d9b-4dcb-acf4-f5abdf3d2a2d-003
pragma: no-cache
date: Sat, 18 May 2024 07:53:45 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=BDB22E974BC44FD2B82EC5751C4EFCCD&dongle=yf3

37 B
140 B

64ms
20ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=BDB22E974BC44FD2B82EC5751C4EFCCD&dongle=yf3
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=BDB22E974BC44FD2B82EC5751C4EFCCD&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=BDB22E974BC44FD2B82EC5751C4EFCCD

43 B
175 B

335ms
96ms

Image
image/gif

2600:1f18:612b:4264:f280:da4c:a0a4:5da6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=BDB22E974BC44FD2B82EC5751C4EFCCD
Protocol: H2
Server: 2600:1f18:612b:4264:f280:da4c:a0a4:5da6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 18 May 2024 07:53:45 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=BDB22E974BC44FD2B82EC5751C4EFCCD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=BDB22E974BC44FD2B82EC5751C4EFCCD
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=BDB22E974BC44FD2B82EC5751C4EFCCD

95 B
438 B

22ms
21ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=BDB22E974BC44FD2B82EC5751C4EFCCD

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=BDB22E974BC44FD2B82EC5751C4EFCCD
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=BDB22E974BC44FD2B82EC5751C4EFCCD
https://d.agkn.com/pixel/10751/?che=1716018825399&ip=37.48.94.3&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219473204886000605719
https://um.simpli.fi/aa_px?sk=219473204886000605719
https://um.simpli.fi/empty.gif

43 B
361 B

17ms
16ms

Image
image/gif

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=BDB22E974BC44FD2B82EC5751C4EFCCD

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
410 B 19ms
15ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
410 B 19ms
16ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58726/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=BDB22E974BC44FD2B82EC5751C4EFCCD;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=BDB22E974BC44FD2B82EC5751C4EFCCD;mimetype=img;sr
https://cms.analytics.yahoo.com/cms?partner_id=DATCS
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

0
87 B

78ms
47ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.112 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.112
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
date: Sat, 18 May 2024 07:53:45 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.112
content-length: 344
content-language: en

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=BDB22E974BC44FD2B82EC5751C4EFCCD&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=BDB22E974BC44FD2B82EC5751C4EFCCD&j=0&xl8blockcheck=1

0
775 B

30ms
30ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=BDB22E974BC44FD2B82EC5751C4EFCCD&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=BDB22E974BC44FD2B82EC5751C4EFCCD&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
410 B 20ms
17ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=BDB22E974BC44FD2B82EC5751C4EFCCD

0
421 B

431ms
98ms

Image
text/plain

52.6.113.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=BDB22E974BC44FD2B82EC5751C4EFCCD
Protocol: HTTP/1.1
Server: 52.6.113.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-113-5.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 18 May 2024 07:53:45 GMT

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=BDB22E974BC44FD2B82EC5751C4EFCCD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=BDB22E974BC44FD2B82EC5751C4EFCCD

62 B
480 B

281ms
183ms

Image
image/gif

2.19.217.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=BDB22E974BC44FD2B82EC5751C4EFCCD
Protocol: H2
Server: 2.19.217.66 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-66.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 18 May 2024 07:53:45 GMT
content-length: 62
x-request-id: 1708f8968e77d2eda8c1e1b14040f08d
content-type: image/gif

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=BDB22E974BC44FD2B82EC5751C4EFCCD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2

404

tpid=BDB22E974BC44FD2B82EC5751C4EFCCD
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BDB22E974BC44FD2B82EC5751C4EFCCD

49 B
266 B

104ms
31ms

Image
image/gif

52.17.40.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BDB22E974BC44FD2B82EC5751C4EFCCD
Protocol: H2
Server: 52.17.40.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-40-72.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.126
content-length: 49
expires: 0

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BDB22E974BC44FD2B82EC5751C4EFCCD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=BDB22E974BC44FD2B82EC5751C4EFCCD

0
223 B

128ms
28ms

Image
text/plain

54.76.246.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=BDB22E974BC44FD2B82EC5751C4EFCCD
Protocol: H2
Server: 54.76.246.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-110.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
pragma: no-cache
date: Sat, 18 May 2024 07:53:45 GMT
x-merge: GDPR Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=BDB22E974BC44FD2B82EC5751C4EFCCD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=BDB22E974BC44FD2B82EC5751C4EFCCD

0
98 B

55ms
19ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=BDB22E974BC44FD2B82EC5751C4EFCCD
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 18 May 2024 07:53:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=BDB22E974BC44FD2B82EC5751C4EFCCD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1716018825174&cv=7&fst=1716018825174&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1356944924&cv=7&fst=1716018825174&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1356944924&cv=7&fst=1716018825174&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiw...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1356944924&cv=7&fst=1716018825174&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiww...

42 B
64 B

65ms
34ms

Image
image/gif

142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1356944924&cv=7&fst=1716018825174&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIv5uHpNyWhgMVmnWkBB3ZFAuMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LmdyZWVuc3RhdGUub3JnLw&is_vtc=1&cid=CAQSGwB7FLtqfcyMIi9P2ZmC-gLYSG-aGFHicl1sig&random=2171573776&ipr=y

Protocol

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1356944924&cv=7&fst=1716018825174&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIv5uHpNyWhgMVmnWkBB3ZFAuMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LmdyZWVuc3RhdGUub3JnLw&is_vtc=1&cid=CAQSGwB7FLtqfcyMIi9P2ZmC-gLYSG-aGFHicl1sig&random=2171573776&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 20ms
18ms Image
text/plain 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=BDB22E974BC44FD2B82EC5751C4EFCCD
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DBDB22E974BC44FD2B82EC5751C4EFCCD

43 B
1 KB

21ms
21ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DBDB22E974BC44FD2B82EC5751C4EFCCD

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:45 GMT
an-x-request-uuid: 3f9ff820-9ce9-41b8-882b-22e725cfa82c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.48.94.3; 37.48.94.3; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:45 GMT
an-x-request-uuid: de22d392-32dc-4582-b42d-3bb7540c34b1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DBDB22E974BC44FD2B82EC5751C4EFCCD
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.3; 37.48.94.3; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BDB22E974BC44FD2B82EC5751C4EFCCD&expires=365

0
239 B

98ms
21ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BDB22E974BC44FD2B82EC5751C4EFCCD&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 9db1556130a9e92b896eecae836f6a70
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BDB22E974BC44FD2B82EC5751C4EFCCD&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=BDB22E974BC44FD2B82EC5751C4EFCCD

43 B
273 B

73ms
22ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=BDB22E974BC44FD2B82EC5751C4EFCCD
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.greenstate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:45 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 18 May 2024 07:53:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=BDB22E974BC44FD2B82EC5751C4EFCCD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 May 2024 07:53:45 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 95ms
29ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.greenstate.org/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 07:53:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=BDB22E974BC44FD2B82EC5751C4EFCCD

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/2493ad4e-7557-4274-9a95-7eea4537c226/8/token	1970-01-21 06:16:18	Name: __lc_cid Value: 22def6a4-5740-49cf-86e3-2aa2103e5fd8
.accounts.livechatinc.com/v2/customer/2493ad4e-7557-4274-9a95-7eea4537c226/8/token	1970-01-21 06:16:18	Name: __lc_cst Value: d41a559cba5c9713ed7b898778745032d2d53361916e6986aa8300a1d55c72142f4c7970ce573fc45df7912217e14cf2df5aa3b41365d79d518673cdc7e8
.accounts.livechatinc.com/licence/g5799671_8/	1970-01-21 06:16:18	Name: __lc_cid Value: 22def6a4-5740-49cf-86e3-2aa2103e5fd8
.accounts.livechatinc.com/licence/g5799671_8/	1970-01-21 06:16:18	Name: __lc_cst Value: d41a559cba5c9713ed7b898778745032d2d53361916e6986aa8300a1d55c72142f4c7970ce573fc45df7912217e14cf2df5aa3b41365d79d518673cdc7e8
.onlineaccess1.com/	1969-12-31 23:59:59	Name: __cfruid Value: 09b621ef28e4b838b9bc3cd3ee20b27cd8be6a0c-1716018822
.greenstate.org/	1970-01-20 22:49:54	Name: _gcl_au Value: 1.1.1875656092.1716018824
.simpli.fi/	1970-01-21 05:27:21	Name: suid Value: BDB22E974BC44FD2B82EC5751C4EFCCD
.greenstate.org/	1970-01-20 20:41:45	Name: _gid Value: GA1.2.1160693682.1716018824
.greenstate.org/	1970-01-20 20:40:18	Name: _gat_gtag_UA_44353815_38 Value: 1
.greenstate.org/	1970-01-21 06:16:18	Name: _ga_X72W628H37 Value: GS1.1.1716018824.1.0.1716018824.60.0.0
.greenstate.org/	1970-01-21 06:16:18	Name: _ga Value: GA1.1.1553062316.1716018824
.twitter.com/	1970-01-21 06:16:18	Name: personalization_id Value: "v1_4YYFcAwjA7hhDeV1uOztwA=="
.greenstate.org/	1970-01-20 20:41:45	Name: _uetsid Value: bff370a014eb11ef9303536d4de1fc13
.greenstate.org/	1970-01-21 06:01:54	Name: _uetvid Value: bff3c0f014eb11efbaa8eb1e9678ce87
.t.co/	1970-01-21 06:16:18	Name: muc_ads Value: 4fb0ae17-a882-41fb-bda6-1f3cb4acab51
.bing.com/	1970-01-21 06:01:54	Name: MUID Value: 3BFFF39CE2F06E921FD5E71FE3B86F58
.greenstate.org/	1970-01-20 22:49:54	Name: _fbp Value: fb.1.1716018824277.1405897031
.simpli.fi/	1970-01-20 20:50:23	Name: uid_syncd_secure Value: true
.1rx.io/	1970-01-21 05:25:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-73f0fbb6-7d9b-4dcb-acf4-f5abdf3d2a2d-003%22%7D
.tapad.com/	1970-01-20 22:06:42	Name: TapAd_TS Value: 1716018825330
.tapad.com/	1970-01-20 22:06:42	Name: TapAd_DID Value: d03d1d91-7a70-4f9f-8aab-b40076af60f9
.doubleclick.net/	1970-01-20 20:40:19	Name: test_cookie Value: CheckForPermission
.tapad.com/	1970-01-20 22:06:42	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 22:49:54	Name: XANDR_PANID Value: qulkZkfz16DLz0WALw8yQK3gpGRI-6o4pu4X6FPxmt9gZim-1_IB7r_DeX7D5vRxe8-bZbJoqjM3bw8oLfODIWaRkof7wW51-CfY-YB_B4k.
.adnxs.com/	1970-01-21 06:16:18	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 22:49:54	Name: uuid2 Value: 3082927233633841731
.targeting.unrulymedia.com/	1970-01-21 05:25:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-73f0fbb6-7d9b-4dcb-acf4-f5abdf3d2a2d-003%22%7D
.pro-market.net/	1970-01-21 00:59:30	Name: anProfile Value: "186g2edupe4fu+1+1f=1+1g=1+1j=l+rs=s+rt=20011AF84700A0690035000000000011+s2=(sdo8ll)+vm=24-BDB22E974BC44FD2B82EC5751C4EFCCD"
.pro-market.net/	1970-01-20 21:23:30	Name: anHistory Value: "186g2edupe4fu+2+!#7')#U#=B_"
.adnxs.com/	1970-01-20 22:49:54	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2C'!k>fUW!]tbPl1N!7OnM$=BWemfnQUVigQidkz4mVeU93@fSWyslxoce:@/hklZUXs'vj<(j#iP(Md+>)fy*a8W^.=
.agkn.com/	1970-01-21 05:25:54	Name: ab Value: 0001%3AobFpJO4rGn5QCthGuOKAnT38HaVID82A
.exelator.com/	1970-01-20 23:33:06	Name: EE Value: "6cf8635e93ced437d022ebd9f216d29c"
.exelator.com/	1970-01-20 23:33:06	Name: ud Value: "eJxrXxzq6XKLQcEsOc3CzNg01dI4OTXFxNg8xcDIKDUpxTLNyNAsxcgyeXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIZEl%252BUWb6Ij%252BfxUUpaQyLSopPBR8%252FGgkAt9wqxw%253D%253D"
accounts.livechatinc.com/	1970-01-20 20:40:18	Name: __oauth_redirect_detector Value: counter=1&t=1716018855&tag=a94d7110dcc15b5a1aaa0bdd97fa46ec7361d138
.agkn.com/	1970-01-21 05:25:54	Name: u Value: C\|0AAAAAAAALdsbCQAAAAAA
.bluekai.com/	1970-01-21 01:05:16	Name: bku Value: blx99/kKusRohOGr
.bluekai.com/	1970-01-21 01:05:16	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDJWxM/0HEAlBWJeBeHsHeJYmeJaxpDlBEaeBWPsx6BW9y9LlxFN
.bfmio.com/	1970-01-21 05:25:54	Name: __141_cid Value: BDB22E974BC44FD2B82EC5751C4EFCCD
.bfmio.com/	1970-01-21 05:25:54	Name: __io_cid Value: e903dc3c2bbe85ff9f044afce310ea4543f03c91

94 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/195569807998996?v=2.9.156&r=stable&domain=www.greenstate.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 82) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=BDB22E974BC44FD2B82EC5751C4EFCCD Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BDB22E974BC44FD2B82EC5751C4EFCCD Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.greenstate.org/midwest.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cdn.livechatinc.com/tracking.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
analytics.twitter.com
api.livechatinc.com
bat.bing.com
bcp.crwdcntrl.net
cdn.livechatinc.com
cds-sdkcfg.onlineaccess1.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
global.localizecdn.com
googleads.g.doubleclick.net
greenstate.org
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
ka-p.fontawesome.com
kit.fontawesome.com
loadm.exelator.com
mwbonline.com
pixel.rubiconproject.com
pixel.tapad.com
px.adentifi.com
region1.analytics.google.com
s.ad.smaato.net
secure.livechatinc.com
simplifi.partners.tremorhub.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
t.co
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.google.gr
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.greenstate.org
sync.intentiq.com
104.18.4.175
104.244.42.133
104.244.42.67
142.250.185.67
142.250.186.130
146.75.120.157
157.240.0.35
157.240.252.13
172.217.18.2
192.0.63.252
2.16.1.171
2.17.147.122
2.19.217.66
2001:4860:4802:32::36
216.58.206.66
216.58.206.68
2600:1901:0:8eee::
2600:1f18:612b:4264:f280:da4c:a0a4:5da6
2600:9000:25e8:f600:1b:5138:8a40:93a1
2606:4700:4400::ac40:93bc
2620:1ec:c11::237
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c02::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.127.113.198
3.75.62.37
34.111.113.62
34.98.64.218
35.204.74.118
35.234.162.151
35.244.174.68
37.252.171.53
40.122.75.103
46.228.174.117
52.1.39.142
52.17.40.72
52.6.113.5
54.171.139.95
54.76.246.110
54.78.254.47
69.173.144.139
76.223.111.18
89.106.200.1
0008c780eba55626caf0952edc3747676c64a2e85979658cb78657ad512a9f41
01cea9335f653faf74a88d3b9de3ceff263a52dddceca33d02035d9dce4bb6b2
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f51d5527e44480cceef8fedf9d1249fced20b4cdccb67f894466656dfc33085
12f1a71885bf9077aca3c849b84b51fe92f36154e21a16659ceb1fbba35cae8b
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c
1b78fbbfd0b841db3ec9038287c62a7314466ee0cb785cff6daa785ee2531342
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1ea84c470fdaf6fc02bcd0fdbb3594c819b6412bca4c9e5a0c5cbafe69aa34c9
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
1fe4c3c371bc1fdfa2f34474bd2e8d8d87d6d10f4ae6d95e7b61ad09bc59b1d0
226affe1e3f5247bab0f0b801e8f9496363252c820fbd02caabb42e5da2a736c
244d4f09fb6c7213a1fc72fc6b25430b6f5083a8484ab84d93237b56e61841e1
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f931c30f48b2240d4eba1be47c045c70545573713c19833a5573e0dad05a613
322c181b1aab5807cd0a7ed9e249ddbd97fa385ca3d338aa59ef1f610ca24601
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
3dbaed0c8b374eacd5c79ca730b4786a05d551d74fa65e7a9d8c3156fc5d2bef
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40df158d574aa908a4d5fc1b4d903951c2a3022fbe6223bef67f032d61b6cfbb
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
44653a08e25d27fd3c1454178e34ed31c5c9970f5ff738fdb19bd6baf26a84c9
49edb13e74d2474eead6c0e3b4e63258fdbc692cfdebc9e5724afa49cbd11577
49fd3e0c64f247cf56cb828bc37b88cf139df6e5c7bb4c3a4507f740e9a52c17
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f14843b7f8975a50a78277ff6c90b684bed0e0aef67e9f3a5cafc3b8447cec2
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
52625d1f7c4644f17e836740d8bba73442f828e4253b6f27bf0a8865dcc30720
58a43ccaa8621f77f2ae63c229188e7c3fca73603539399e957f559ad3228f57
5c8ab9f9709baf7702991e737a42464eab3969885f075e7f14d54fda8a5841d4
5ed68fc69d6e632f66ef4b5f855b1add668d7ebf477b889e7ba5b33b18f23f65
5f44bf5c430e6c8fc6cdf99eb788b35db51f31324f213d739303238b7ffcb766
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e
6790cca0732146e30286e7d16a5455c0adee0672a0a39a3bb12777c67110cbe8
68bc4bdc7f1ca067ec3e5bbf4cebfe954e2987919cb1a43be579682ceab78688
6ddf4bc016e3ad2d721f2c082e8ddad23612d63d23f71e197422d930ffb8df3b
6e28c24c6226dc0b48ee63ca114315aacfc503ecc92f5a99244894bc66241695
7111543bb4820e5ca3bef196fa5f0b4aa34fc1050abf195e10b66e823db1bb93
712de9abe56292460a394c80b74c22d44d2f35fe1584d0a999ed6f326ec80ca6
78623bcab5f2c49d1b44ac501d7146864d818ab26158851ce0bd9ec2650f53bd
7ad2977c22f0b5b3a4755874102fba4ce8a5df060a8cf3799c6e880398571385
7ad2f41b4b1692875b11f9df2ffe687bb823a953479403a91c9c2f83069b3cb5
7cbdaeb4b26a30cd8af8e466497200c049b88aa5f575ded716ff0b3d3efdc619
7dfb2b9687ace8fe84ec05529448f089944c54e479761c2fe702ccbcfaf779a3
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8df50f05bc7c0d89b1d3efe933954aaacdc24dc4b08566cf036aab3ef289746f
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
9abc003da9f646255b12c3c9ddc7d784a5ca30e6cfada34ee850d131825bb8ca
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a40cb1b62e0b58b95a4424e6838559ce6d5798bc7f92e248032ded124f054844
a41961a3f7bc3fe7e2ba3b11f33500a8e89c6abd858650461d6e319d8629c3fc
a710824e1977a9a15ae9181b89ac89189b917d3eb79d9f3d2820c61eebe0c022
a8c519fffecf617faef80a44067b1367c774dcad8b04326cee2fd3b37615cfd1
aa583b608b701edce877c307deaa9cac6cb3fd7ae1ac327e9ebf7994405bdfc0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aceb906b19be5a14a045dc9d5c9b04b948ef85f4aff28394e7453bea3c3d9422
adcd9faca8f33a506ce239eba423153c05a2ea71a3e2cd79b712577c73c921cb
b1d8b1209d901347c8b072737799768698d66ba2791f47f553d6c6020bf7af85
b35ad5a609cadcd987f79f6d88a06b5c1f402ebc7586c4d631d51a3e360799ec
b50adb99bc554816a8335a09ba0633e90808fe17c82e7643f9de05e28e744a5d
b62803a2830e0ff5eeb80d4e95d71a5ae29ffa3ca3edcef4ea68a083d49298b8
b7a14dbfc18bea415874f9049b8f0f72c00f8dc908200e9ff81cf325bcf449c1
b9248715a82fcbea59ffd2d4c58ea9f892e3e99bf26615f94acd759c1868cb03
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc8561b2f2ab43ab77500478d56ec122129155e2e3a419e765b5a7e3540d8d02
bd45e67d1e4c688190a63fad2c280b978f3d8b311803f8ddbac36b5de021c942
be6f9fa25d0b48af92ff1471214d4cfe047dfeaf0787689ba93d209bbe2418db
c5841252ce2e6995955044124d8ff087b8967bb15ad9c7fda57d3a74c60e7559
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5e2cc3573414495c5387f3b7f85af5acefab26533b9ae281263624944787921
d809b15cc6ed0c338813655858c28ed49e71bbdd61e9f24be1a1cc0f20dad549
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e028d6727fdb0196780c738f82090ed68204254998b0c31f8137f825f108cd89
e1024afdc5f1ad8d59d154ddb3bce09d5f719fcebd7933e6af06e20bef3c93f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d447bd8b7ce95ddeec3bfee658172ce2aabe012dec25179dc7d6ce9ed2e028
e5b2d9d497ae562f73240d50c483dab4b936434b48da859fee14c1b6e9024a48
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8206637f11aae654ba2c5213e1dd7f67ab06f42bfca81dc8dd3e1216eb08c4
f0017ddecdd7147fd2a1e4db6219a59ee432f92f32ceac4357a5f29057651edb
f563bf268a89718a4ba182f5ab05d5913ccc772b3223083cd52c396c26ea1a4c
f6e2baafcce6c7dab815a2270af05de22db4b7805c186842c4a644a279d78dda
fac4a6233933456641d8ffeda6e8fe2501070f741499482cc37d330a85758c7c
fd28486197745829125fc7bd6c011d4affc70f5207cc0e85b27d66107853f930
fef1ed77ad4f763d825d8e2a3a159b8ff8d58ab817ed666b586593654110334a

www.greenstate.org Open in urlscan Pro 40.122.75.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

84 %HTTPS

29 %IPv6

43 Domains

54 Subdomains

43 IPs

8 Countries

1722 kBTransfer

4387 kBSize

39 Cookies

15 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.greenstate.org Open in urlscan Pro
40.122.75.103 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

84 %
HTTPS

29 %
IPv6

43
Domains

54
Subdomains

43
IPs

8
Countries

1722 kB
Transfer

4387 kB
Size

39
Cookies

122 HTTP transactions
1 data transactions