urlscan.io logo urlscan.io
SecurityTrails logo

auth-staging.paystubs.com Open in urlscan Pro
2606:4700::6813:a718  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Effective URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVP...
Submission: On November 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 67 IPs in 5 countries across 57 domains to perform 207 HTTP transactions. The main IP is 2606:4700::6813:a718, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth-staging.paystubs.com.
TLS certificate: Issued by E1 on September 28th 2023. Valid for: 3 months.
This is the only time auth-staging.paystubs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 35.192.42.214 396982 (GOOGLE-CL...)
1 11 18.238.4.103 16509 (AMAZON-02)
6 2a02:6ea0:c45... 60068 (CDN77 ^_^)
5 35.201.112.186 396982 (GOOGLE-CL...)
1 34.120.195.249 396982 (GOOGLE-CL...)
6 2607:f8b0:402... 15169 (GOOGLE)
10 151.101.192.176 54113 (FASTLY)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:141b:800... 20940 (AKAMAI-ASN1)
1 9 2620:1ec:c11:... 8068 (MICROSOFT...)
4 2a03:2880:f01... 32934 (FACEBOOK)
3 2607:f8b0:402... 15169 (GOOGLE)
2 172.65.208.22 13335 (CLOUDFLAR...)
9 184.51.148.208 20940 (AKAMAI-ASN1)
2 54.152.199.76 14618 (AMAZON-AES)
2 151.101.129.91 54113 (FASTLY)
2 76.76.21.241 16509 (AMAZON-02)
19 54.186.23.98 16509 (AMAZON-02)
3 35.186.194.58 15169 (GOOGLE)
1 3.90.98.12 14618 (AMAZON-AES)
1 34.202.153.183 14618 (AMAZON-AES)
50 52 13.224.214.59 16509 (AMAZON-02)
1 3 68.67.179.87 29990 (ASN-APPNEX)
2 6 35.211.178.172 15169 (GOOGLE)
2 64.202.112.159 23352 (SERVERCEN...)
2 2 142.251.40.162 15169 (GOOGLE)
4 74.119.119.150 19750 (AS-CRITEO)
3 3 68.67.160.76 29990 (ASN-APPNEX)
2 18.204.84.59 14618 (AMAZON-AES)
2 141.226.224.48 200478 (TABOOLA-AS)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 23.47.168.66 16625 (AKAMAI-AS)
2 52.201.115.137 14618 (AMAZON-AES)
2 216.22.16.41 30633 (LEASEWEB-...)
2 23.56.163.154 16625 (AKAMAI-AS)
1 3 35.71.139.29 16509 (AMAZON-02)
1 3 3.225.218.10 14618 (AMAZON-AES)
2 3.138.212.158 16509 (AMAZON-02)
1 3 104.18.36.155 13335 (CLOUDFLAR...)
1 3 184.73.254.83 14618 (AMAZON-AES)
1 3 44.197.77.254 14618 (AMAZON-AES)
2 34.117.157.22 396982 (GOOGLE-CL...)
2 3.211.29.151 14618 (AMAZON-AES)
3 2607:f8b0:402... 15169 (GOOGLE)
4 2620:1ec:46::40 8075 (MICROSOFT...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 52.89.37.98 16509 (AMAZON-02)
1 2 20.110.205.119 8075 (MICROSOFT...)
7 13.225.63.120 16509 (AMAZON-02)
2 2600:9000:251... 16509 (AMAZON-02)
2 34.160.124.226 396982 (GOOGLE-CL...)
1 162.55.95.220 24940 (HETZNER-AS)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 34.102.166.132 396982 (GOOGLE-CL...)
1 69.173.151.100 26667 (RUBICONPR...)
1 124.146.153.170 2514 (INFOSPHER...)
3 3 34.192.26.169 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 2 15.197.193.217 16509 (AMAZON-02)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 3.232.219.155 14618 (AMAZON-AES)
1 172.65.202.201 13335 (CLOUDFLAR...)
1 172.65.219.229 13335 (CLOUDFLAR...)
2 172.65.192.122 13335 (CLOUDFLAR...)
1 172.65.238.60 13335 (CLOUDFLAR...)
2 20.114.189.135 8075 (MICROSOFT...)
1 2a06:98c1:320... 13335 (CLOUDFLAR...)
1 76.223.64.65 16509 (AMAZON-02)
1 172.65.240.166 13335 (CLOUDFLAR...)
1 172.65.232.43 13335 (CLOUDFLAR...)
1 35.193.123.107 396982 (GOOGLE-CL...)
207 67
3    35.192.42.214 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.42.192.35.bc.googleusercontent.com
pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
11    18.238.4.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-103.phl51.r.cloudfront.net
widget.freshworks.com
6    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
cl.qualaroo.com
dntcl.qualaroo.com
5    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4505159641530368.ingest.sentry.io
6    2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
3    2606:4700::6813:a718 (United States)

ASN13335 (CLOUDFLARENET, US)
auth-staging.paystubs.com
4    2600:141b:800::1726:a84a (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
9    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
4    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-scripts.com
9    184.51.148.208 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-148-208.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    54.152.199.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-199-76.compute-1.amazonaws.com
wchat.freshchat.com
2    151.101.129.91 (United States)

ASN54113 (FASTLY, US)
static.woopra.com
2    76.76.21.241 (Walnut, United States)

ASN16509 (AMAZON-02, US)
www.nivaai.com
19    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
r.stripe.com
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    3.90.98.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-98-12.compute-1.amazonaws.com
merchant-ui-api.stripe.com
1    34.202.153.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: api-34-202-153-183.stripe.com
api.stripe.com
52    13.224.214.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-59.phl50.r.cloudfront.net
api.nivaai.com
3    68.67.179.87 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
6    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
cm.g.doubleclick.net
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    68.67.160.76 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    18.204.84.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-84-59.compute-1.amazonaws.com
sync-criteo.ads.yieldmo.com
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
2    2600:1f18:612b:4280:16a1:69e3:4d3c:d7f4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
2    23.47.168.66 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-168-66.deploy.static.akamaitechnologies.com
contextual.media.net
2    52.201.115.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-115-137.compute-1.amazonaws.com
match.sharethrough.com
2    216.22.16.41 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
2    23.56.163.154 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-154.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    3.138.212.158 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-138-212-158.us-east-2.compute.amazonaws.com
visitor.omnitagjs.com
3    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
3    184.73.254.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-254-83.compute-1.amazonaws.com
partner.mediawallahscript.com
3    44.197.77.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-77-254.compute-1.amazonaws.com
ad.360yield.com
2    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
2    3.211.29.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-29-151.compute-1.amazonaws.com
exchange.mediavine.com
3    2607:f8b0:4020:805::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
4    2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.89.37.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-37-98.us-west-2.compute.amazonaws.com
m.stripe.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
7    13.225.63.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-120.ewr53.r.cloudfront.net
uploads-ssl.webflow.com
2    2600:9000:2511:7a00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
2    34.160.124.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.124.160.34.bc.googleusercontent.com
cdn-static.paystubs.com
1    162.55.95.220 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.220.95.55.162.clients.your-server.de
www.woopra.com
1    2600:141b:1c00:1d::172c:cb04 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
ade.clmbtech.com
1    34.102.166.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.166.102.34.bc.googleusercontent.com
ad.tpmn.co.kr
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    124.146.153.170 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    34.192.26.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-26-169.compute-1.amazonaws.com
i.liadm.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2600:1f18:ed:550a:f0c6:ec14:4b0d:2411 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    3.232.219.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-219-155.compute-1.amazonaws.com
jadserve.postrelease.com
1    172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-banner.com
1    172.65.219.229 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hsadspixel.net
2    172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hscollectedforms.net
forms-eu1.hscollectedforms.net
1    172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-analytics.net
2    20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
v.clarity.ms
1    2a06:98c1:3200::90:0 (United States)

ASN13335 (CLOUDFLARENET, US)
api-eu1.hubapi.com
1    76.223.64.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com
paystubs-help.freshchat.com
1    172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)
track-eu1.hubspot.com
1    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hsforms.com
1    35.193.123.107 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.123.193.35.bc.googleusercontent.com
gtm.paystubs.com
Apex Domain
Subdomains		 Transfer
54 nivaai.com
www.nivaai.com — Cisco Umbrella Rank: 514666
api.nivaai.com — Cisco Umbrella Rank: 504672
27 KB
30 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1287
q.stripe.com — Cisco Umbrella Rank: 7148
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5203
api.stripe.com — Cisco Umbrella Rank: 13282
r.stripe.com — Cisco Umbrella Rank: 3546
m.stripe.com — Cisco Umbrella Rank: 1249
478 KB
11 freshworks.com
widget.freshworks.com — Cisco Umbrella Rank: 15837
142 KB
9 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 742
296 KB
9 bing.com
bat.bing.com — Cisco Umbrella Rank: 366
c.bing.com — Cisco Umbrella Rank: 236
31 KB
9 paystubs.com
pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
auth-staging.paystubs.com
gtm.paystubs.com Failed
cdn-static.paystubs.com
5 MB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 827
c.clarity.ms — Cisco Umbrella Rank: 1405
v.clarity.ms — Cisco Umbrella Rank: 7292 Failed
53 KB
8 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2176
rs.fullstory.com — Cisco Umbrella Rank: 2183
209 KB
7 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 12350
332 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
3 KB
6 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
ib.adnxs.com — Cisco Umbrella Rank: 246
5 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
513 KB
6 qualaroo.com
cl.qualaroo.com — Cisco Umbrella Rank: 8469
dntcl.qualaroo.com — Cisco Umbrella Rank: 10469
167 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
6 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
2 KB
4 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 597
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
177 KB
4 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 778
15 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
627 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
1 KB
3 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 2780
1 KB
3 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1699
2 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
519 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
1 KB
3 woopra.com
static.woopra.com — Cisco Umbrella Rank: 50332
www.woopra.com — Cisco Umbrella Rank: 38365 Failed
26 KB
3 freshchat.com
wchat.freshchat.com — Cisco Umbrella Rank: 11232
paystubs-help.freshchat.com
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
697 B
2 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7121
50 KB
2 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 24918 Failed
forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 25587
26 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
239 B
2 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1284
2 KB
2 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 10529
359 B
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
767 B
2 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2580
441 B
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
559 B
2 media.net
contextual.media.net — Cisco Umbrella Rank: 691
1 KB
2 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3030
678 B
2 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1630
743 B
2 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2884
1 KB
2 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 807
290 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1354
16 KB
2 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 14886
2 KB
1 hsforms.com
forms-eu1.hsforms.com — Cisco Umbrella Rank: 30105
1016 B
1 hubspot.com
track-eu1.hubspot.com — Cisco Umbrella Rank: 16534
1 KB
1 hubapi.com
api-eu1.hubapi.com — Cisco Umbrella Rank: 26984
1 KB
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1384
416 B
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 16016 Failed
21 KB
1 hsadspixel.net
js-eu1.hsadspixel.net — Cisco Umbrella Rank: 24955 Failed
4 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 15860 Failed
20 KB
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122 Failed
535 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208 Failed
796 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 376 Failed
786 B
1 tpmn.co.kr
ad.tpmn.co.kr — Cisco Umbrella Rank: 3662 Failed
334 B
1 clmbtech.com
ade.clmbtech.com — Cisco Umbrella Rank: 3306 Failed
259 B
1 sentry.io
o4505159641530368.ingest.sentry.io
333 B
0 rezync.com Failed
live.rezync.com Failed
207 57
Domain Requested by
52 api.nivaai.com 50 redirects pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
15 r.stripe.com js.stripe.com
11 widget.freshworks.com 1 redirects pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
widget.freshworks.com
9 analytics.tiktok.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
analytics.tiktok.com
8 js.stripe.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
js.stripe.com
7 uploads-ssl.webflow.com auth-staging.paystubs.com
6 x.bidswitch.net 2 redirects auth-staging.paystubs.com
6 bat.bing.com www.googletagmanager.com
bat.bing.com
auth-staging.paystubs.com
6 www.googletagmanager.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
www.googletagmanager.com
auth-staging.paystubs.com
js-eu1.hsadspixel.net
5 edge.fullstory.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
edge.fullstory.com
4 www.clarity.ms bat.bing.com
www.clarity.ms
4 dis.criteo.com auth-staging.paystubs.com
4 q.stripe.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
4 connect.facebook.net www.googletagmanager.com
connect.facebook.net
4 snap.licdn.com www.googletagmanager.com
snap.licdn.com
3 i.liadm.com 3 redirects
3 www.google.com auth-staging.paystubs.com
3 c.bing.com 1 redirects auth-staging.paystubs.com
3 ad.360yield.com 1 redirects auth-staging.paystubs.com
3 partner.mediawallahscript.com 1 redirects auth-staging.paystubs.com
3 r.casalemedia.com 1 redirects auth-staging.paystubs.com
3 ups.analytics.yahoo.com 1 redirects auth-staging.paystubs.com
3 eb2.3lift.com 1 redirects auth-staging.paystubs.com
3 ib.adnxs.com 3 redirects
3 secure.adnxs.com 1 redirects auth-staging.paystubs.com
3 rs.fullstory.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
edge.fullstory.com
3 googleads.g.doubleclick.net www.googletagmanager.com
3 auth-staging.paystubs.com 1 redirects pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
edge.fullstory.com
3 dntcl.qualaroo.com cl.qualaroo.com
3 cl.qualaroo.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
www.googletagmanager.com
3 pcom-react-pavlo-jira-fixes.react-dev.paystubs.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
2 match.adsrvr.org 2 redirects
2 cdn-static.paystubs.com auth-staging.paystubs.com
2 cdn.auth0.com auth-staging.paystubs.com
2 v.clarity.ms pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
www.clarity.ms
edge.fullstory.com
2 c.clarity.ms 1 redirects
2 www.facebook.com auth-staging.paystubs.com
2 exchange.mediavine.com auth-staging.paystubs.com
2 matching.ivitrack.com auth-staging.paystubs.com
2 visitor.omnitagjs.com auth-staging.paystubs.com
2 criteo-sync.teads.tv auth-staging.paystubs.com
2 rtb-csync.smartadserver.com auth-staging.paystubs.com
2 match.sharethrough.com auth-staging.paystubs.com
2 contextual.media.net auth-staging.paystubs.com
2 criteo-partners.tremorhub.com auth-staging.paystubs.com
2 sync-t1.taboola.com auth-staging.paystubs.com
2 sync-criteo.ads.yieldmo.com auth-staging.paystubs.com
2 cm.g.doubleclick.net 2 redirects
2 sync.outbrain.com auth-staging.paystubs.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.nivaai.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
2 static.woopra.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
2 wchat.freshchat.com www.googletagmanager.com
2 js-eu1.hs-scripts.com www.googletagmanager.com
1 forms-eu1.hsforms.com
1 track-eu1.hubspot.com
1 paystubs-help.freshchat.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
1 forms-eu1.hscollectedforms.net edge.fullstory.com
1 api-eu1.hubapi.com edge.fullstory.com
1 i6.liadm.com auth-staging.paystubs.com
1 d.turn.com 1 redirects
1 js-eu1.hs-analytics.net js-eu1.hs-scripts.com
1 js-eu1.hscollectedforms.net js-eu1.hs-scripts.com
1 js-eu1.hsadspixel.net js-eu1.hs-scripts.com
1 js-eu1.hs-banner.com js-eu1.hs-scripts.com
1 m.stripe.com m.stripe.network
1 jadserve.postrelease.com auth-staging.paystubs.com
1 tg.socdm.com auth-staging.paystubs.com
1 pixel.rubiconproject.com auth-staging.paystubs.com
1 ad.tpmn.co.kr auth-staging.paystubs.com
1 ade.clmbtech.com auth-staging.paystubs.com
1 api.stripe.com js.stripe.com
1 merchant-ui-api.stripe.com js.stripe.com
1 www.woopra.com static.woopra.com
1 gtm.paystubs.com pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
edge.fullstory.com
1 o4505159641530368.ingest.sentry.io pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
0 live.rezync.com Failed
207 77

This site contains no links.

Subject Issuer Validity Valid
pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
R3		 2023-11-17 -
2024-02-15		 3 months crt.sh
cl.qualaroo.com
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.freshworks.com
Amazon RSA 2048 M01		 2023-07-11 -
2024-08-08		 a year crt.sh
edge.fullstory.com
GTS CA 1D4		 2023-11-14 -
2024-02-12		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
dntcl.qualaroo.com
R3		 2023-10-13 -
2024-01-11		 3 months crt.sh
auth-staging.paystubs.com
E1		 2023-09-28 -
2023-12-27		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.freshchat.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-21		 a year crt.sh
static.woopra.com
R3		 2023-10-22 -
2024-01-20		 3 months crt.sh
www.nivaai.com
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
rs.fullstory.com
GTS CA 1D4		 2023-11-10 -
2024-02-08		 3 months crt.sh
api.stripe.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
api.nivaai.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-03-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M02		 2023-07-29 -
2024-08-26		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
cdn-static.paystubs.com
GTS CA 1D4		 2023-09-23 -
2023-12-22		 3 months crt.sh
woopra.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
gtm.paystubs.com
R3		 2023-10-19 -
2024-01-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Frame ID: 2A600EC28F03A71F02CFFE0A130D06C2
Requests: 166 HTTP requests in this frame

Frame: https://widget.freshworks.com/widgetBase/widget.js
Frame ID: C62B3830DDFC139E98350DECF334D67C
Requests: 7 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 14B671203586DBE40D95C2267F318638
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 8D010D0163F8498B02B14A45528D3A9F
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-459a68348097644092c5bb89a4e4e20d.html
Frame ID: 6734E1D0F112E5E6605B606D6E053B80
Requests: 23 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A68BDFC3E5F8F92FEC8F846D44048878
Requests: 4 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: A4C008141BEE6D6DD5070D612589B9E3
Requests: 1 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 08AC6FB024D3050365A1EEAD59929B93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In with Auth0

Page URL History Show full URLs

  1. https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/ Page URL
  2. https://auth-staging.paystubs.com/authorize?client_id=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&scope=openid+profile+em... HTTP 302
    https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • wchat\.freshchat\.com/js/widget\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • static\.woopra\.com

Page Statistics

207
Requests

66 %
HTTPS

23 %
IPv6

57
Domains

77
Subdomains

67
IPs

5
Countries

7308 kB
Transfer

12698 kB
Size

96
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/ Page URL
  2. https://auth-staging.paystubs.com/authorize?client_id=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&state=eEpCYXp1TU1QTTdJRU5wNW8yQ3dBbEplam1ybThtUmVkVjhjZmhkcXZycQ%3D%3D&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D HTTP 302
    https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://widget.freshworks.com/widgets/150000003233.js HTTP 301
  • https://widget.freshworks.com/widgetBase/bootstrap.js
Request Chain 58
  • https://api.nivaai.com/tr?f=88af339a74aa97d101dd5c01de2cb91576cb2904&sp=S-149357862&u=9c988384b6094037610962448ca3e859eaf8d62e&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://secure.adnxs.com/setuid?entity=52&code=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 59
  • https://api.nivaai.com/tr?f=06c472030e7c9695fa372a64ea36a9961379d226&sp=S-408726195&u=7f17264a8e801c6bb9afb48ba7b3e3b3f19ce502&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
Request Chain 60
  • https://api.nivaai.com/tr?f=578f90fd67fdcd54956dced2ce20dcdf9142f9ad&sp=S-675849123&u=24de6614a05c34eeb09bc7dde9a000dfd17242ed&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=niva&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&initiator=partner
Request Chain 61
  • https://api.nivaai.com/tr?f=10e1cb15cb44ad36b7722a7fef0612e3bbac4066&sp=S-284953716&u=a8ef51bbd1c64b45e7882e2e876dcb9f9dfe470d&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 62
  • https://api.nivaai.com/tr?f=3fde1860a45a4d59a7f2c2df8f7e2bbe789958b2&sp=S-917263458&u=4f4b8a4c63d370bb51eb06faa3c3f3fc1284a917&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 63
  • https://api.nivaai.com/tr?f=c5a8fb7c5f1bbd179115d5a349e8ff22a6bab02d&sp=S-593187240&u=d92a278a4606529cd50ed2ace51a2aeb962a2f67&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
Request Chain 64
  • https://api.nivaai.com/tr?f=13915bcddbc8ea773106010e33f79d42736fde25&sp=S-836291754&u=8dd9b9a903319008c55018a4b8a3531d27852f4f&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&NivaUserId=0763cc37-537a-49dd-812f-59ca3bb254e5&google_cm&google_hm=ay1iRmc1N005R3FET2JVTmc0a2VVTjE4eTUwc18ya0lxUjB5N1hrZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=0763cc37-537a-49dd-812f-59ca3bb254e5&google_gid=CAESEEDZxXt_ilPyAeMk9YNcdWo&google_cver=1&google_ula=913071,0
Request Chain 65
  • https://api.nivaai.com/tr?f=67809ed156accf698c802524599a09d023fc8b57&sp=S-754890621&u=b50a3e8fe9c914cef312a296a4450862b81e7c45&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6105788880556502446
Request Chain 66
  • https://api.nivaai.com/tr?f=9f97d441f4444636c3f67b18cec10f49bf921729&sp=S-283719645&u=cfcd17ec7319e306a166aa165c6dbaad0c2207b3&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://sync-criteo.ads.yieldmo.com/sync?id=0763cc37-537a-49dd-812f-59ca3bb254e5&pn_id=criteo&ext=1
Request Chain 67
  • https://api.nivaai.com/tr?f=50d816a0c974b04d4441ca0b3e837ffc515e1506&sp=S-469872513&u=3b78f7c921324d7d7303805205ee8e9b400ca89e&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 68
  • https://api.nivaai.com/tr?f=f46adeadb3950a7cf9fcd0d17a68baaa13be848e&sp=S-920573186&u=2c7ceef4481901ec1c404517849bdbc435a1f8ee&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://criteo-partners.tremorhub.com/sync?UICR=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 69
  • https://api.nivaai.com/tr?f=35de529461e52b1119d5c8ea0029316c5e5fa7d5&sp=S-537482901&u=f9ccdcf6d2e254b49ef01e96d490c34ecdf50ea1&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 70
  • https://api.nivaai.com/tr?f=5a729f206aeb17edfd30fdac7043f3d8e11ace45&sp=S-815263974&u=7ec12f30e78b7ba22b11f3cc743f6f5daed7f57d&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
Request Chain 71
  • https://api.nivaai.com/tr?f=720332f281690805753f2f83ad415bbb2eb68a37&sp=S-297568410&u=04d0bbea8b9a652c488d655211583668789cee18&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 72
  • https://api.nivaai.com/tr?f=d37ccd7a5f5e5be7dafe55443a379374b3018a06&sp=S-614972385&u=2fa307d78f0e2a2dc67168bab9d88b668a441ec4&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 73
  • https://api.nivaai.com/tr?f=eb35ac08f3c3d3bf1f4d4bb4b9216728cec2e51a&sp=S-758392614&u=4b9903641f4a0f9066270e7298999cd8430099ff&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://criteo-sync.teads.tv/um?eid=80&uid=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 74
  • https://api.nivaai.com/tr?f=6747cc23f746153f2b2a7b602ecaccb9a7bd50a3&sp=S-908142673&u=a72c1de4414b04d8f890b3bc3d3aaf4e17195654&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=0763cc37-537a-49dd-812f-59ca3bb254e5&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=0763cc37-537a-49dd-812f-59ca3bb254e5&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Request Chain 75
  • https://api.nivaai.com/tr?f=fa3bbf1175eaaa621af07ec71d795fdafcb24f15&sp=S-326971458&u=21f4666dec325f4a4b4710f87ab6732088377337&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&verify=true
Request Chain 76
  • https://api.nivaai.com/tr?f=8727e54d6e13b409a2403aa659f030a6dd59210d&sp=S-690825437&u=51d12f19f79e8deec40d7f35a2eb45cc509f63a8&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 77
  • https://api.nivaai.com/tr?f=d118ec24b37db2b9f1ccadf241e4632ccb6790e3&sp=S-573964182&u=346a1dd908b89059217820e615719f5cc3da5024&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 78
  • https://api.nivaai.com/tr?f=bf57843020d0f2b0dcfb9ec94410d3c3deb0fb7a&sp=S-812435679&u=e63568adcf6106c2f7e9176c17ec7132f883d6c5&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&C=1
Request Chain 79
  • https://api.nivaai.com/tr?f=ecab21dcaece99acd3bd66fae38db4331a45a7d4&sp=S-938176540&u=6348dcc6f5e862a2bb2c7b536d708d2663b07dfa&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&custom=&tag_format=img&tag_action=sync&cb= HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&custom=&tag_format=img&tag_action=sync&cb=&final=true&reqid=4bb7f7e0-8536-11ee-96a9-6595e636bad7&timestamp=2023-11-17T10%3A44%3A34.014Z
Request Chain 80
  • https://api.nivaai.com/tr?f=2da2e7f29a444e02a7e52c5d5a488a5d14f5d7ae&sp=S-642739185&u=8cfc590d34394c2ef0723049fbdeea93acdcdde9&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 81
  • https://api.nivaai.com/tr?f=e75980556eaeb9f2ac6ac8d45f1cbe771f427983&sp=S-795682431&u=91432ca9eecf758860845d8f9400c2f7a59ccad2&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://matching.ivitrack.com/sync?realm=niva&uid=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 82
  • https://api.nivaai.com/tr?f=efd86e105013597855154feb5f5b4a4256397333&sp=S-318674529&u=ff81ad8dbf0046097baa9c3be3bb85ec8afe33a3&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=0763cc37-537a-49dd-812f-59ca3bb254e5&_li_chk=true&previous_uuid=f77e269f04f24079b9ab5d3768580996 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f77e269f-04f2-4079-b9ab-5d3768580996
Request Chain 83
  • https://api.nivaai.com/tr?f=9f088d50c82a135f4a2c97b4e4ffbacefecal139&sp=S-829541076&u=f27de6c2072ec7b8298bf7817723af9fbb265cc2&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 84
  • https://api.nivaai.com/tr?f=aaidc180e92278a7cc930079632585e48adf97ab&sp=S-615239870&u=7becd6406b1f8918e6159bb49a0735bdb10b2187&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 85
  • https://api.nivaai.com/tr?f=6cda20d25a20df7c58b358f9c7a1b76260e6dc34&sp=S-470638592&u=2526a56da4de76625aed68c63a7a21b3a698f8ed&na=0763cc37-537a-49dd-812f-59ca3bb254e5 HTTP 302
  • https://jadserve.postrelease.com/suid/1017?vk=0763cc37-537a-49dd-812f-59ca3bb254e5
Request Chain 108
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2335A413B6104C9D82FE1D30B4059135&RedC=c.clarity.ms&MXFR=0F41BD99B9216B7D03C3AE55BD21659A HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2335A413B6104C9D82FE1D30B4059135&MUID=209278712A966AF637626BBD2B3E6BBD
Request Chain 148
  • https://api.nivaai.com/tr?f=88af339a74aa97d101dd5c01de2cb91576cb2904&sp=S-149357862&u=9c988384b6094037610962448ca3e859eaf8d62e&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://secure.adnxs.com/setuid?entity=52&code=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 149
  • https://api.nivaai.com/tr?f=06c472030e7c9695fa372a64ea36a9961379d226&sp=S-408726195&u=7f17264a8e801c6bb9afb48ba7b3e3b3f19ce502&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
Request Chain 150
  • https://api.nivaai.com/tr?f=578f90fd67fdcd54956dced2ce20dcdf9142f9ad&sp=S-675849123&u=24de6614a05c34eeb09bc7dde9a000dfd17242ed&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=niva&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e&initiator=partner
Request Chain 151
  • https://api.nivaai.com/tr?f=10e1cb15cb44ad36b7722a7fef0612e3bbac4066&sp=S-284953716&u=a8ef51bbd1c64b45e7882e2e876dcb9f9dfe470d&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 152
  • https://api.nivaai.com/tr?f=3fde1860a45a4d59a7f2c2df8f7e2bbe789958b2&sp=S-917263458&u=4f4b8a4c63d370bb51eb06faa3c3f3fc1284a917&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 153
  • https://api.nivaai.com/tr?f=c5a8fb7c5f1bbd179115d5a349e8ff22a6bab02d&sp=S-593187240&u=d92a278a4606529cd50ed2ace51a2aeb962a2f67&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
Request Chain 154
  • https://api.nivaai.com/tr?f=13915bcddbc8ea773106010e33f79d42736fde25&sp=S-836291754&u=8dd9b9a903319008c55018a4b8a3531d27852f4f&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&NivaUserId=4d069421-8294-40fc-9f9b-fa1b4b78762e&google_cm&google_hm=ay1iRmc1N005R3FET2JVTmc0a2VVTjE4eTUwc18ya0lxUjB5N1hrZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=4d069421-8294-40fc-9f9b-fa1b4b78762e&google_gid=CAESEEDZxXt_ilPyAeMk9YNcdWo&google_cver=1&google_ula=913071,0
Request Chain 155
  • https://api.nivaai.com/tr?f=67809ed156accf698c802524599a09d023fc8b57&sp=S-754890621&u=b50a3e8fe9c914cef312a296a4450862b81e7c45&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3715516230670867889
Request Chain 156
  • https://api.nivaai.com/tr?f=9f97d441f4444636c3f67b18cec10f49bf921729&sp=S-283719645&u=cfcd17ec7319e306a166aa165c6dbaad0c2207b3&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://sync-criteo.ads.yieldmo.com/sync?id=4d069421-8294-40fc-9f9b-fa1b4b78762e&pn_id=criteo&ext=1
Request Chain 157
  • https://api.nivaai.com/tr?f=50d816a0c974b04d4441ca0b3e837ffc515e1506&sp=S-469872513&u=3b78f7c921324d7d7303805205ee8e9b400ca89e&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 158
  • https://api.nivaai.com/tr?f=f46adeadb3950a7cf9fcd0d17a68baaa13be848e&sp=S-920573186&u=2c7ceef4481901ec1c404517849bdbc435a1f8ee&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://criteo-partners.tremorhub.com/sync?UICR=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 159
  • https://api.nivaai.com/tr?f=35de529461e52b1119d5c8ea0029316c5e5fa7d5&sp=S-537482901&u=f9ccdcf6d2e254b49ef01e96d490c34ecdf50ea1&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 160
  • https://api.nivaai.com/tr?f=5a729f206aeb17edfd30fdac7043f3d8e11ace45&sp=S-815263974&u=7ec12f30e78b7ba22b11f3cc743f6f5daed7f57d&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
Request Chain 161
  • https://api.nivaai.com/tr?f=720332f281690805753f2f83ad415bbb2eb68a37&sp=S-297568410&u=04d0bbea8b9a652c488d655211583668789cee18&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 162
  • https://api.nivaai.com/tr?f=d37ccd7a5f5e5be7dafe55443a379374b3018a06&sp=S-614972385&u=2fa307d78f0e2a2dc67168bab9d88b668a441ec4&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 163
  • https://api.nivaai.com/tr?f=eb35ac08f3c3d3bf1f4d4bb4b9216728cec2e51a&sp=S-758392614&u=4b9903641f4a0f9066270e7298999cd8430099ff&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://criteo-sync.teads.tv/um?eid=80&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 164
  • https://api.nivaai.com/tr?f=6747cc23f746153f2b2a7b602ecaccb9a7bd50a3&sp=S-908142673&u=a72c1de4414b04d8f890b3bc3d3aaf4e17195654&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=4d069421-8294-40fc-9f9b-fa1b4b78762e&dongle=013b
Request Chain 165
  • https://api.nivaai.com/tr?f=fa3bbf1175eaaa621af07ec71d795fdafcb24f15&sp=S-326971458&u=21f4666dec325f4a4b4710f87ab6732088377337&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 166
  • https://api.nivaai.com/tr?f=8727e54d6e13b409a2403aa659f030a6dd59210d&sp=S-690825437&u=51d12f19f79e8deec40d7f35a2eb45cc509f63a8&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 167
  • https://api.nivaai.com/tr?f=d118ec24b37db2b9f1ccadf241e4632ccb6790e3&sp=S-573964182&u=346a1dd908b89059217820e615719f5cc3da5024&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 168
  • https://api.nivaai.com/tr?f=bf57843020d0f2b0dcfb9ec94410d3c3deb0fb7a&sp=S-812435679&u=e63568adcf6106c2f7e9176c17ec7132f883d6c5&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 169
  • https://api.nivaai.com/tr?f=ecab21dcaece99acd3bd66fae38db4331a45a7d4&sp=S-938176540&u=6348dcc6f5e862a2bb2c7b536d708d2663b07dfa&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e&custom=&tag_format=img&tag_action=sync&cb=
Request Chain 170
  • https://api.nivaai.com/tr?f=2da2e7f29a444e02a7e52c5d5a488a5d14f5d7ae&sp=S-642739185&u=8cfc590d34394c2ef0723049fbdeea93acdcdde9&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 171
  • https://api.nivaai.com/tr?f=e75980556eaeb9f2ac6ac8d45f1cbe771f427983&sp=S-795682431&u=91432ca9eecf758860845d8f9400c2f7a59ccad2&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://matching.ivitrack.com/sync?realm=niva&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 172
  • https://api.nivaai.com/tr?f=efd86e105013597855154feb5f5b4a4256397333&sp=S-318674529&u=ff81ad8dbf0046097baa9c3be3bb85ec8afe33a3&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3425455830206429616 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=696d5bcb-a0c4-4453-a036-7af42f9a45d1 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=696d5bcb-a0c4-4453-a036-7af42f9a45d1
Request Chain 173
  • https://api.nivaai.com/tr?f=9f088d50c82a135f4a2c97b4e4ffbacefecal139&sp=S-829541076&u=f27de6c2072ec7b8298bf7817723af9fbb265cc2&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 174
  • https://api.nivaai.com/tr?f=aaidc180e92278a7cc930079632585e48adf97ab&sp=S-615239870&u=7becd6406b1f8918e6159bb49a0735bdb10b2187&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Request Chain 175
  • https://api.nivaai.com/tr?f=6cda20d25a20df7c58b358f9c7a1b76260e6dc34&sp=S-470638592&u=2526a56da4de76625aed68c63a7a21b3a698f8ed&na=4d069421-8294-40fc-9f9b-fa1b4b78762e HTTP 302
  • https://jadserve.postrelease.com/suid/1017?vk=4d069421-8294-40fc-9f9b-fa1b4b78762e

207 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.42.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.42.192.35.bc.googleusercontent.com
Software
/
Resource Hash
9f7c8972392da7127e432e534201ce4056d0256d060157cec33a113e1e8029f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
2715
content-type
text/html
date
Fri, 17 Nov 2023 10:44:32 GMT
etag
"65573aeb-a9b"
last-modified
Fri, 17 Nov 2023 10:05:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
bootstrap.js
widget.freshworks.com/widgetBase/
Redirect Chain
  • https://widget.freshworks.com/widgets/150000003233.js
  • https://widget.freshworks.com/widgetBase/bootstrap.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/bootstrap.js
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Server
18.238.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-103.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efd15c214dd7af23d3a1c8df699cfcac47b583c70aa96d30abb3b0c213d1b0fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
2.zfzougPuNpr9Z8796LcQCYM6YBOFXq
content-encoding
gzip
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
date
Fri, 17 Nov 2023 10:38:00 GMT
last-modified
Mon, 16 Oct 2023 08:32:46 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
393
etag
W/"2f6b008e504672efa6327f78a1958b63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
FW_fNJirg7pZVDtpTECcfpzKzWONC73rhn4zQ8-1zK80ept8loftrQ==

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
location
/widgetBase/bootstrap.js
content-length
0
x-amz-cf-id
w1GZ0YKDOY00Z7rvehUMwfGqdg-K19jcu2vhGxxfolKg3PdNLc79CQ==
index-yFQbcp9D.js
pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/assets/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/assets/index-yFQbcp9D.js
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.42.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.42.192.35.bc.googleusercontent.com
Software
/
Resource Hash
62f9ffce81dd12ce204a19107f20c529600ff266ed9146551fb89c00d84072e0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Origin
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 17 Nov 2023 10:05:31 GMT
accept-ranges
bytes
etag
"65573aeb-43c95b"
content-length
4442459
content-type
application/javascript
index-9TnC5pIs.css
pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/assets/ 		95 KB
95 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/assets/index-9TnC5pIs.css
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.192.42.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.42.192.35.bc.googleusercontent.com
Software
/
Resource Hash
5abe2682d02cfca8bed232e4eaf1b204c61d13f3c9c205757a32bf3f4dd1ef9e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Origin
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 17 Nov 2023 10:05:31 GMT
accept-ranges
bytes
etag
"65573aeb-17ac5"
content-length
96965
content-type
text/css
jkd.js
cl.qualaroo.com/ki.js/83441/ 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl.qualaroo.com/ki.js/83441/jkd.js
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
12c15d09c171fb3d000989e553e09f267ca5ddfec2827ba4f7620015df8e0225

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:32 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
ZDQHHG537R4NZ9K1
x-amz-server-side-encryption
AES256
cdn-cachedat
10/30/2023 12:13:55
cdn-pullzone
92714
x-amz-id-2
NEOBVkadC1Qxw3FyX6EgnWs1+B0KyYiEVuIkzbrWtMH8OhQVy0QhGbD9bhNuzJX1bqwrm7k1CVY=
last-modified
Mon, 30 Oct 2023 11:44:00 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"bc8596cb14d803019e5d5accd3bfc9f8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/ecmascript
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=0, s-maxage=3600
cdn-requestid
40a98ca8ce073374846b905aa5d735a7
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
150000003233.json
widget.freshworks.com/widgets/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgets/150000003233.json?randomId=0.1999698159589478
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/150000003233.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-103.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20beff9c8aad2f98db1451d2d71b6ae4ef15c00ab8754c80509597a3d2581f45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
x-amz-version-id
hkOu0UziOhlRfIqkeDQ_ajkg26xvDoW0
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:51:48 GMT
server
AmazonS3
via
1.1 e681dabd190d3783884c0bade3bdc5ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
etag
W/"7cb6b62bfdfdfff40781528f5a843115"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
NGyd1v1wD-wQYJJpB6C187SwNPl4LtxiOsnIY6kiQZIZu4_aeaJFIQ==
frame.d7ae132c.css
widget.freshworks.com/widgetBase/static/media/ 		1 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/static/media/frame.d7ae132c.css
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/150000003233.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-103.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:33:03 GMT
content-encoding
gzip
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-version-id
C5CeZZyDDKSZNP0OwdbMVsw6zE3UTW_N
last-modified
Mon, 16 Oct 2023 08:29:59 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
2772690
etag
W/"d7ae132c387286735e2e9d369838b0c5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=8640000
x-amz-cf-id
Rf3LfSuABus2wATkvX5DScrLLYenXXXMgPlXqi0LeR52OAJcVT-g7w==
widget.js
widget.freshworks.com/widgetBase/ Frame C62B 		295 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/150000003233.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-103.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
467ccbacec57c9cf78730076b29b925ebc5e809a49ec1f300a00dd108bb5f16c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
mJf5bg91VDxcGvgNRzDhhBWcIbsPMoaS
content-encoding
gzip
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
date
Fri, 17 Nov 2023 10:37:23 GMT
last-modified
Mon, 16 Oct 2023 08:32:46 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
433
etag
W/"f2ea1023341d0e51183945f01df48928"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
Hf_0JrNQDT79lMWRSedmMxz1k2B6MNyAQWJq2MySCgCGK36851EOjg==
0.e2caf280750f3ece06da.widget.js
widget.freshworks.com/widgetBase/ Frame C62B 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/0.e2caf280750f3ece06da.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-103.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08e57da2e4e7172c19d9982a1ccc90402da5c4453093123e982e1fa7f9eccc8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:33:03 GMT
content-encoding
gzip
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-version-id
nCvECAaoYbsU.EkroN3GDW.PMjEsgtqs
last-modified
Mon, 16 Oct 2023 08:31:01 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
2772690
etag
W/"3eb7d6da69812f629e5409d725c8ca3b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
OZsfGicIf8Rc3_a_Ikp6h9bU8u8_3DpnJN-8cQ3x-SUyTXy2QpoGEA==
1.0e8f0237accf8416de7f.widget.js
widget.freshworks.com/widgetBase/ Frame C62B 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/1.0e8f0237accf8416de7f.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-103.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:33:03 GMT
content-encoding
gzip
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-version-id
gQsJxSmdVUW1j25Mn39rBizntmXqW7tT
last-modified
Mon, 16 Oct 2023 08:31:02 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
2772690
etag
W/"7c346979da8f0571ca5e101f69a9c6f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
ZBXvHQO8NKDUHS36X4hd2EYrJp5WaZLVf32w35YFQZPr7ZDitk0rfQ==
8.d7c0d0debf20c1c1c333.widget.js
widget.freshworks.com/widgetBase/ Frame C62B 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/8.d7c0d0debf20c1c1c333.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-103.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a39871377278f3eb590fc0d64a4b46137a8959030f6b3fe9b5c7ef7e7da2015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:33:03 GMT
content-encoding
gzip
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-version-id
HCE_jLAhnGB6jZjkSOUQnjLHmkbfjX43
last-modified
Mon, 16 Oct 2023 08:31:05 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
2772690
etag
W/"9595037458ddb204b700bf581e6193cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
NTWeXVVF_agipgBOJilhVCQvOltQmMiD_3p_Mc9-t_MMPEo7qIqM-Q==
10.e2a6e1199313e5325e57.widget.js
widget.freshworks.com/widgetBase/ Frame C62B 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-103.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddce5d923065edc47c2b3a1d0157f2cfc0d502566b43b1014a51cb18ebd77cb3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:33:03 GMT
content-encoding
gzip
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-version-id
ajUWIkgBXQy8b06lhR.iMnUJjvtFiPie
last-modified
Mon, 16 Oct 2023 08:31:08 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
2772690
etag
W/"e1fa78a672e16586648645742dd1af72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
LicUZB93bm7eUMpnPtfGpPnu3QPsGoGbQMPd_D9q98WU2GY2qYBBaA==
16.91e55ff21de942a8b5a0.widget.js
widget.freshworks.com/widgetBase/ Frame C62B 		645 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/16.91e55ff21de942a8b5a0.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-103.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c29229a800cc364c4bdbd63abdd676f570302a3b90c618ffe54f54447bc0d83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:33:03 GMT
x-amz-version-id
vnaZSVxTt8MyHcQMg2ihlRCKB1WSZ.Vz
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
last-modified
Mon, 16 Oct 2023 08:31:14 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
2772690
etag
"ee6a274e041d81acb09fb70447eb7252"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
content-length
645
x-amz-cf-id
URx90TjJVtrteTDBduHlCaOpiMEg5103_zlekxHYRZlQaPexsFpk9g==
en.json
widget.freshworks.com/widgetBase/locales/ Frame C62B 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/locales/en.json
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-103.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
x-amz-version-id
wjNqNqYwckHIcDyZ6j10_CVUOEcYWjnm
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 08:30:24 GMT
server
AmazonS3
via
1.1 e681dabd190d3783884c0bade3bdc5ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
etag
W/"b89e0007134ac4d219df17aa6fcd289e"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=8640000
x-amz-cf-id
8WGTywH519P1YsAeyxPS_CHGOOlzoi2HAtxRvAQT2joT3I_WAn9rkg==
fs.js
edge.fullstory.com/s/ 		247 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/assets/index-yFQbcp9D.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Origin
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:57:51 GMT
content-encoding
br
age
2801
x-guploader-uploadid
ABPtcPr8mBuf96l1OftIpEjUhnVAVS15DpObgiHSSQHaWER9U7gm1INJ5aIKGmdS2FxaC-thgYPXUn3j8QC1vRMuZ8f2IsfQdbom
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69204
last-modified
Fri, 10 Nov 2023 14:06:35 GMT
server
UploadServer
etag
"76afec209977b7bdc80ad7f037ea3611"
vary
Accept-Encoding
x-goog-generation
1699625194984472
x-goog-hash
crc32c=LMNjrA==, md5=dq/sIJl3t73ICtfwN+o2EQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
69204
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Nov 2023 10:57:51 GMT
/
o4505159641530368.ingest.sentry.io/api/4505192500625408/envelope/ 		2 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4505159641530368.ingest.sentry.io/api/4505192500625408/envelope/?sentry_key=66b3d6bc5f5b4ac5ad1fdb2e4933582b&sentry_version=7&sentry_client=sentry.javascript.react%2F7.77.0
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 10:44:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
gtm.js
www.googletagmanager.com/ 		299 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98353
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Nov 2023 10:44:32 GMT
v3
js.stripe.com/ 		554 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/assets/index-yFQbcp9D.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 10:44:32 GMT
via
1.1 varnish
age
18
x-cache
HIT
content-length
157145
x-request-id
728adb6b-fbaa-4aa7-9b3d-13e0e998a92a
x-served-by
cache-lga21963-LGA
last-modified
Thu, 16 Nov 2023 22:06:20 GMT
server
Fastly
etag
"735677db1390373c37dfd0233c992727"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
frame.html
dntcl.qualaroo.com/ Frame 14B6 		323 B
710 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dntcl.qualaroo.com/frame.html
Requested by
Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/83441/jkd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=604800
cdn-cache
HIT
cdn-cachedat
07/10/2023 15:17:54
cdn-edgestorageid
885
cdn-fileserver
639
cdn-proxyver
1.03
cdn-pullzone
99568
cdn-requestcountrycode
US
cdn-requestid
e02682e85847deef463b645ba642edde
cdn-requestpullcode
206
cdn-requestpullsuccess
True
cdn-status
200
cdn-storageserver
DE-571
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding
gzip
content-type
text/html
date
Fri, 17 Nov 2023 10:44:32 GMT
last-modified
Sun, 09 Jul 2023 20:56:17 GMT
server
BunnyCDN-NY1-885
vary
Accept-Encoding
bfbbeb4a-6ae8-4f84-a54f-398e81f027d4
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/ 		28 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/bfbbeb4a-6ae8-4f84-a54f-398e81f027d4
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
29054
Content-Type
Primary Request login
auth-staging.paystubs.com/
Redirect Chain
  • https://auth-staging.paystubs.com/authorize?client_id=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcal...
  • https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYUR...
154 KB
154 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/assets/index-yFQbcp9D.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a718 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
097e9aaff3e2b5bd9aa333c4f34092ad450260fa8240a48b556d3873faa3d679
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8277610f7b7e43d5-EWR
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 10:44:34 GMT
etag
W/"2667c-eOW9wrP288m2UWrZMACDLOOVwzY"
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
de2416487f1f7eea4b3b
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1700217875
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8277610c999e43d5-EWR
content-length
1526
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 10:44:33 GMT
location
/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
8c201945406bbffab163
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1700217874
web
edge.fullstory.com/s/settings/MCM6B/v1/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/MCM6B/v1/web
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/assets/index-yFQbcp9D.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPryC0XbYFNIqZqbWmAu_Wvyo26dxEWHAaIJpiPnjSIdzBEkxyGrU3sBcMWIdNePHZtmIwGNd8Mywp54VoznzH4nWw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1322
last-modified
Fri, 17 Nov 2023 10:41:29 GMT
server
UploadServer
etag
"8c624d63898c6c0210d83822fe8b840e"
x-goog-generation
1699771289533120
x-goog-hash
crc32c=zVN12Q==, md5=jGJNY4mMbAIQ2Dgi/ouEDg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1322
accept-ranges
bytes
content-type
application/json
expires
Fri, 17 Nov 2023 10:59:33 GMT
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 8D01 		200 B
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2763395
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 10:44:33 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Sat, 14 Oct 2023 00:18:49 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
285279
x-content-type-options
nosniff
x-request-id
ada6ba54-67ac-4ed1-951d-1e22c7c40ba8
x-served-by
cache-lga21963-LGA
controller-459a68348097644092c5bb89a4e4e20d.html
js.stripe.com/v3/ Frame 6734 		325 B
694 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-459a68348097644092c5bb89a4e4e20d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
28
cache-control
max-age=60
content-encoding
br
content-length
189
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 10:44:33 GMT
etag
"459a68348097644092c5bb89a4e4e20d"
last-modified
Thu, 16 Nov 2023 21:48:46 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-content-type-options
nosniff
x-request-id
6961dee0-35e3-4f75-bf96-3ff5ca8e539e
x-served-by
cache-lga21963-LGA
js
www.googletagmanager.com/gtag/ 		231 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MDB3MHPDXM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82414
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 10:44:33 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:800::1726:a84a Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Nov 2023 09:07:27 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=63373
accept-ranges
bytes
content-length
3840
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 17 Nov 2023 10:44:33 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 47BFB85079C345C29F149809A037F46E Ref B: EWR30EDGE1406 Ref C: 2023-11-17T10:44:33Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 Nov 2023 10:44:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
F61J8axFsGNdHOE8fqEYHXu0A+q3/XYvszvc5qeHhfFqewhb9wApJ/SWQ6Ee+A/h5eim7frgR0ZD1PzdWTx51A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/?random=1700217873373&cv=11&fst=1700217873373&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116618575&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Flogin&hn=www.googleadservices.com&frm=0&tiba=PayStubs&auid=308205673.1700217873&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jkd.js
cl.qualaroo.com/ki.js/83441/ 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl.qualaroo.com/ki.js/83441/jkd.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
ZDQHHG537R4NZ9K1
x-amz-server-side-encryption
AES256
cdn-cachedat
10/30/2023 12:13:55
cdn-pullzone
92714
x-amz-id-2
NEOBVkadC1Qxw3FyX6EgnWs1+B0KyYiEVuIkzbrWtMH8OhQVy0QhGbD9bhNuzJX1bqwrm7k1CVY=
last-modified
Mon, 30 Oct 2023 11:44:00 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"bc8596cb14d803019e5d5accd3bfc9f8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/ecmascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=0, s-maxage=3600
cdn-requestid
195f4613dfa09f56a409e327744d0039
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
fs.js
edge.fullstory.com/s/ 		247 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Origin
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:57:51 GMT
content-encoding
br
age
2802
x-guploader-uploadid
ABPtcPqjJRPyV2gBKFuPjJ_l9n0d7nGC_OQcOVBCphgS-opcVxDVw72S8u772l0WeZhDGdq-px-YuzIXiQMbBp32HHr0YNccBiP4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69204
last-modified
Fri, 10 Nov 2023 14:06:35 GMT
server
UploadServer
etag
"76afec209977b7bdc80ad7f037ea3611"
vary
Accept-Encoding
x-goog-generation
1699625194984472
x-goog-hash
crc32c=LMNjrA==, md5=dq/sIJl3t73ICtfwN+o2EQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
69204
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Nov 2023 10:57:51 GMT
139577915.js
js-eu1.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/139577915.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
672fc019-534c-4d7c-892c-a04698b79e0b
x-envoy-upstream-service-time
13
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
672fc019-534c-4d7c-892c-a04698b79e0b
last-modified
Fri, 17 Nov 2023 10:43:58 GMT
server
cloudflare
x-trace
2BDC6A83A54407402B2816D9CEA02669FDE2F9D77E000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=30
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-7695f4b84d-gb9sd
cf-ray
8277610e7c671b94-DUB
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHEF1OBC77UAAU7KU0H0&lib=ttq
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.208 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id
660d8cc.a38c1c6
date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-51-148-204.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time
12,184.51.148.204
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=4, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
20231117104433637A47D11837C6591BEE
x-cache-remote
TCP_MISS from a23-48-200-211.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
4,23.48.200.211
x-tt-trace-host
018b9ce44e0c487113b05e27c266db62bc72ebaafb67e3bc46a7c028ac379a69b6047d380a89773888ba744f3bda9251e140029fcfa98238634eaaee6623138bdec2e90251b5473ef9d8de3d1570faeb58c814feb00f22e33461036aeac67a7029b9203cbc651c5d80c5d539e22b7007da
expires
Fri, 17 Nov 2023 10:44:33 GMT
widget.js
wchat.freshchat.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://wchat.freshchat.com/js/widget.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-199-76.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
w.js
static.woopra.com/js/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.woopra.com/js/w.js
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.2.15 (Red Hat) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
18348
x-cache
HIT, HIT
content-length
12997
x-served-by
cache-iad-kjyo7100087-IAD, cache-lga21961-LGA
last-modified
Thu, 02 Nov 2023 23:29:38 GMT
server
Apache/2.2.15 (Red Hat)
x-timer
S1700217873.452923,VS0,VE0
etag
"21dbc-94f0-60933c2eb33ac"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-cache-hits
2, 40
ntag.js
www.nivaai.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivaai.com/ntag.js?id=6249ec2b-9496-41ca-97c0-e50802176b13
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1::glbvv-1700217873474-36c605c77a1d
age
2403353
x-matched-path
/ntag.js
etag
W/"1f6e22d85d1b46e955d4656374f1b52e"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="ntag.js"
csp-report
q.stripe.com/ Frame 8D01 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700217873692583
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700217873692232
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 8D01 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700217873692671
x-envoy-upstream-service-time
5
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700217873692313
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 8D01 		631 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 varnish
age
6009500
x-cache
HIT
content-length
399
x-request-id
969fc9fe-5d7e-4718-b8a0-d94e152f7215
x-served-by
cache-lga21963-LGA
last-modified
Fri, 08 Sep 2023 21:23:49 GMT
server
Fastly
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
263926
csp-report
q.stripe.com/ Frame 6734 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700217873692678
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700217873692270
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-8712367e2a4753018de6c5692dc45ff7.js
js.stripe.com/v3/fingerprinted/js/ Frame 6734 		534 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-459a68348097644092c5bb89a4e4e20d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-459a68348097644092c5bb89a4e4e20d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 varnish
age
46381
x-cache
HIT
content-length
132088
x-request-id
3d32f04d-1faf-4c89-b0a5-49224b28b762
x-served-by
cache-lga21963-LGA
last-modified
Thu, 16 Nov 2023 21:49:00 GMT
server
Fastly
etag
"b5c488e635f3e994571457f83393307d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
57
controller-dcd97706f2ca757d8a60c93d2d89bc46.js
js.stripe.com/v3/fingerprinted/js/ Frame 6734 		662 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-dcd97706f2ca757d8a60c93d2d89bc46.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-459a68348097644092c5bb89a4e4e20d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-459a68348097644092c5bb89a4e4e20d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 varnish
age
46381
x-cache
HIT
content-length
176085
x-request-id
91be0cad-a02c-406c-87c1-febc41ef243a
x-served-by
cache-lga21963-LGA
last-modified
Thu, 16 Nov 2023 21:48:57 GMT
server
Fastly
etag
"dfd981287a5ce84f27e9ad311399d94f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
43
inner.html
m.stripe.network/ Frame A68B 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
140
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 10:44:33 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
33
x-content-type-options
nosniff
x-request-id
b33225f4-d374-4bbb-8fc2-46ff74752651
x-served-by
cache-lga21963-LGA
x-timer
S1700217873.472944,VS0,VE0
211021221.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/211021221.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Fri, 17 Nov 2023 10:44:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4172670F361240EDB46252045DCAC7E3 Ref B: EWR30EDGE1406 Ref C: 2023-11-17T10:44:33Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=211021221&tm=gtm002&Ver=2&mid=5fcb9008-00bb-4397-b2f9-0bd9bc1fcdad&sid=4b66a7d0853611ee8e608d8f3c685772&vid=4b66ea30853611ee854845245e079cb5&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=PayStubs&p=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Flogin&r=&lt=680&evt=pageLoad&sv=1&rn=109941
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 10:44:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F8F30FDD40C043689DBAF780362393CA Ref B: EWR30EDGE1406 Ref C: 2023-11-17T10:44:33Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
frame.html
dntcl.qualaroo.com/ Frame A4C0 		323 B
708 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dntcl.qualaroo.com/frame.html
Requested by
Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/83441/jkd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=604800
cdn-cache
HIT
cdn-cachedat
07/10/2023 15:17:54
cdn-edgestorageid
885
cdn-fileserver
639
cdn-proxyver
1.03
cdn-pullzone
99568
cdn-requestcountrycode
US
cdn-requestid
efbad6121b9cc62d8ffa0317d15eae9c
cdn-requestpullcode
206
cdn-requestpullsuccess
True
cdn-status
200
cdn-storageserver
DE-571
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding
gzip
content-type
text/html
date
Fri, 17 Nov 2023 10:44:33 GMT
last-modified
Sun, 09 Jul 2023 20:56:17 GMT
server
BunnyCDN-NY1-885
vary
Accept-Encoding
.deploy_status_henson.json
js.stripe.com/v3/ Frame 6734 		474 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-459a68348097644092c5bb89a4e4e20d.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
45
x-cache
HIT
content-length
299
x-request-id
bc410b3e-6c39-4473-b51f-8474132671e4
x-served-by
cache-lga21935-LGA
last-modified
Thu, 16 Nov 2023 22:23:18 GMT
server
Fastly
etag
"28e5e8c7fce287e1ef809f62f7279735"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
62528
.deploy_status_henson.json
js.stripe.com/v3/ Frame 6734 		474 B
376 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-459a68348097644092c5bb89a4e4e20d.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
45
x-cache
HIT
content-length
299
x-request-id
2f6a53b7-ec08-45ec-b3ea-f5773125fee1
x-served-by
cache-lga21935-LGA
last-modified
Thu, 16 Nov 2023 22:23:18 GMT
server
Fastly
etag
"28e5e8c7fce287e1ef809f62f7279735"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
62529
280638974420595
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/280638974420595?v=2.9.138&r=stable&domain=pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 Nov 2023 10:44:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
bc7k5RhPj0rOlb2TL9P/OJeIEkqGqFdXN0VpWGKKSSGNsk15k/OtBRQKfeY1FWRV4EwpXy8jiRo8s5ea9VzyZA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:800::1726:a84a Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 15 Oct 2023 08:32:45 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=33743
accept-ranges
bytes
content-length
3272
csp-report
q.stripe.com/ Frame A68B 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700217873701873
x-envoy-upstream-service-time
6
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217873698993
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame A68B 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Fri, 17 Nov 2023 10:44:33 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
257
x-cache
HIT
content-length
15509
x-request-id
2fe13f05-ed67-4825-9cd9-ce3eb57892ce
x-served-by
cache-lga21963-LGA
server
Fastly
x-timer
S1700217874.651990,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
55
collect
gtm.paystubs.com/g/ 		0
0
page
rs.fullstory.com/rec/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/assets/index-yFQbcp9D.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1454
main.MTdjYzNiZDU2MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		417 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHEF1OBC77UAAU7KU0H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.208 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id
a38c22c
date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023110908143792A24FFEC9F8D8E5356B
vary
Accept-Encoding
x-cache
TCP_HIT from a184-51-148-204.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01104831bbfb6b196ae59a850efc0b1bb80b1bc8e4459f5098496b7b833e45623bdab569a2e3c4bcd1ca95795a0bd2933a6fc4d09a63d79fff2a2b168cd13c9f1b6e0c8d7949ecd56813a8f684cb6729be5491ed8b9100be2539c863eecee2f33d
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
110602
/
www.woopra.com/track/ce/ 		0
0
get-cookie
merchant-ui-api.stripe.com/link/ Frame 6734 		35 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/link/get-cookie
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.90.98.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-98-12.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=link%2Fget-cookie; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=link%2Fget-cookie; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
35
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
accept, content-type, x-requested-with, x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
sessions
api.stripe.com/v1/elements/ Frame 6734 		11 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.stripe.com/v1/elements/sessions?key=pk_test_51MqyrmEg8DID0LVdyI2jrMNnVETj8yPzv0yZRassAaOkoQknLjW1aZJXanxkP4Hb76AkKXbEuBxFTKiUdyX7VjK400wfs11HK9&type=deferred_intent&locale=en-US&deferred_intent[mode]=payment&deferred_intent[amount]=1099&deferred_intent[currency]=usd&referrer_host=pcom-react-pavlo-jira-fixes.react-dev.paystubs.com&currency=usd
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.202.153.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
api-34-202-153-183.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
stripe-version
2022-11-15
request-id
req_SdfBlxA3QVtJDI
content-length
11594
server
nginx
x-stripe-routing-context-priority-tier
api-testmode
access-control-max-age
300
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control
no-cache, no-store
access-control-allow-credentials
true
vary
Origin
timing-allow-origin
https://js.stripe.com
tr
api.nivaai.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nivaai.com/tr?command=config&na=0763cc37-537a-49dd-812f-59ca3bb254e5&ntag=6249ec2b-9496-41ca-97c0-e50802176b13&pathname=/login
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/assets/index-yFQbcp9D.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-59.phl50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-trace-id
Root=1-65574411-3812aa5f3f65f39b6768f380;Sampled=0;lineage=fc8b8e8b:0
x-amzn-requestid
6c2b23df-0953-44e1-a0cc-a0fa1dff6458
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
OieS1FyAIAMEgoA=
content-length
0
x-amz-cf-id
svgqb3FRQLtU_lHXp-jI75VUtLmXGMfFmqI_OFBt5BawTRNm7puqjg==
access-control-allow-headers
*
bounce
secure.adnxs.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=88af339a74aa97d101dd5c01de2cb91576cb2904&sp=S-149357862&u=9c988384b6094037610962448ca3e859eaf8d62e&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://secure.adnxs.com/setuid?entity=52&code=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D0763cc37-537a-49dd-812f-59ca3bb254e5
43 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
an-x-request-uuid
d4888077-f1f9-4b52-9579-c85540cf6671
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.134; 5.181.234.134; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
an-x-request-uuid
7050fe39-8efb-4810-b233-aaec0b573d03
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D0763cc37-537a-49dd-812f-59ca3bb254e5
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.134; 5.181.234.134; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://api.nivaai.com/tr?f=06c472030e7c9695fa372a64ea36a9961379d226&sp=S-408726195&u=7f17264a8e801c6bb9afb48ba7b3e3b3f19ce502&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 10:44:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
Date
Fri, 17 Nov 2023 10:44:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=578f90fd67fdcd54956dced2ce20dcdf9142f9ad&sp=S-675849123&u=24de6614a05c34eeb09bc7dde9a000dfd17242ed&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://sync.outbrain.com/cookie-sync?p=niva&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&initiator=partner
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=niva&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&initiator=partner
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 10:44:34 GMT
Cache-Control
no-cache
X-TraceId
b20916a393f4c75dd9f0a56fbaf6610a
Content-Length
0

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
6b27e8b3-3dec-4036-968a-43054237400c
x-amzn-trace-id
Root=1-65574411-2cdda0f81aa96d7814e0dacd;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://sync.outbrain.com/cookie-sync?p=niva&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&initiator=partner
access-control-allow-origin
*
x-amz-apigw-id
OieS1GGCIAMEGug=
content-length
0
x-amz-cf-id
TdWzmZFpu2bBlGl22QwfswZJ2ovA2hi612de3njmkXaQD1RFIN6rLg==
access-control-allow-headers
*
sync.htm
ade.clmbtech.com/uid/
Redirect Chain
  • https://api.nivaai.com/tr?f=10e1cb15cb44ad36b7722a7fef0612e3bbac4066&sp=S-284953716&u=a8ef51bbd1c64b45e7882e2e876dcb9f9dfe470d&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=0763cc37-537a-49dd-812f-59ca3bb254e5
0
0
pixelCt.tpmn
ad.tpmn.co.kr/
Redirect Chain
  • https://api.nivaai.com/tr?f=3fde1860a45a4d59a7f2c2df8f7e2bbe789958b2&sp=S-917263458&u=4f4b8a4c63d370bb51eb06faa3c3f3fc1284a917&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=0763cc37-537a-49dd-812f-59ca3bb254e5
0
0
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://api.nivaai.com/tr?f=c5a8fb7c5f1bbd179115d5a349e8ff22a6bab02d&sp=S-593187240&u=d92a278a4606529cd50ed2ace51a2aeb962a2f67&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 10:44:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
Date
Fri, 17 Nov 2023 10:44:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/
Redirect Chain
  • https://api.nivaai.com/tr?f=13915bcddbc8ea773106010e33f79d42736fde25&sp=S-836291754&u=8dd9b9a903319008c55018a4b8a3531d27852f4f&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&NivaUserId=0763cc37-537a-49dd-812f-59ca3bb254e5&google_cm&google_hm=ay1iRmc1N005R3FET2JVTmc0a2VVTjE4eTUwc18ya0lxUjB5N1hrZw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=0763cc37-537a-49dd-812f-59ca3bb254e5&google_gid=CAESEEDZxXt_ilPyAeMk9YNcdWo&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=0763cc37-537a-49dd-812f-59ca3bb254e5&google_gid=CAESEEDZxXt_ilPyAeMk9YNcdWo&google_cver=1&google_ula=913071,0
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
410545
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=0763cc37-537a-49dd-812f-59ca3bb254e5&google_gid=CAESEEDZxXt_ilPyAeMk9YNcdWo&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
392
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/
Redirect Chain
  • https://api.nivaai.com/tr?f=67809ed156accf698c802524599a09d023fc8b57&sp=S-754890621&u=b50a3e8fe9c914cef312a296a4450862b81e7c45&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6105788880556502446
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6105788880556502446
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
606249
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
an-x-request-uuid
b27b462d-4743-48d3-8f85-cbef8b85a75a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6105788880556502446
x-proxy-origin
5.181.234.134; 5.181.234.134; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
sync-criteo.ads.yieldmo.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=9f97d441f4444636c3f67b18cec10f49bf921729&sp=S-283719645&u=cfcd17ec7319e306a166aa165c6dbaad0c2207b3&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://sync-criteo.ads.yieldmo.com/sync?id=0763cc37-537a-49dd-812f-59ca3bb254e5&pn_id=criteo&ext=1
43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=0763cc37-537a-49dd-812f-59ca3bb254e5&pn_id=criteo&ext=1
Protocol
H2
Server
18.204.84.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-84-59.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
7947bfeb-5d77-4c4c-8136-de155038ddbc
x-amzn-trace-id
Root=1-65574411-5ae590063819df281310a4ab;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://sync-criteo.ads.yieldmo.com/sync?id=0763cc37-537a-49dd-812f-59ca3bb254e5&pn_id=criteo&ext=1
access-control-allow-origin
*
x-amz-apigw-id
OieS1E9woAMETcg=
content-length
0
x-amz-cf-id
qY4g2gt84ZAYwlfOX0yDmlOXK2MPuVEmDSJBcHkSQs5FxPfxTM6HSw==
access-control-allow-headers
*
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/
Redirect Chain
  • https://api.nivaai.com/tr?f=50d816a0c974b04d4441ca0b3e837ffc515e1506&sp=S-469872513&u=3b78f7c921324d7d7303805205ee8e9b400ca89e&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0763cc37-537a-49dd-812f-59ca3bb254e5
0
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
2137

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
bb3d7a36-7c10-4a74-8854-7c91fe768703
x-amzn-trace-id
Root=1-65574411-4852caca0e71be5a3b376a08;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
x-amz-apigw-id
OieS1F6mIAMEL3w=
content-length
0
x-amz-cf-id
wTZ3R7O79LspleT4fI6MZOl1AS5hYM_PzAoU59XSTB9rxsLmfaMdyA==
access-control-allow-headers
*
sync
criteo-partners.tremorhub.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=f46adeadb3950a7cf9fcd0d17a68baaa13be848e&sp=S-920573186&u=2c7ceef4481901ec1c404517849bdbc435a1f8ee&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://criteo-partners.tremorhub.com/sync?UICR=0763cc37-537a-49dd-812f-59ca3bb254e5
43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
2600:1f18:612b:4280:16a1:69e3:4d3c:d7f4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 17 Nov 2023 10:44:34 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
64938af6-df53-4ae2-bec7-5730af38895a
x-amzn-trace-id
Root=1-65574411-1cad578544fb72817441df99;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://criteo-partners.tremorhub.com/sync?UICR=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
x-amz-apigw-id
OieS1HvrIAMEYQw=
content-length
0
x-amz-cf-id
gpputlYHdHXKNd56whU4RaEojPzTXiAqr0fcRxJS2omGOY2E9onNFA==
access-control-allow-headers
*
cksync.php
contextual.media.net/
Redirect Chain
  • https://api.nivaai.com/tr?f=35de529461e52b1119d5c8ea0029316c5e5fa7d5&sp=S-537482901&u=f9ccdcf6d2e254b49ef01e96d490c34ecdf50ea1&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=0763cc37-537a-49dd-812f-59ca3bb254e5
53 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 10:44:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Fri, 17 Nov 2023 10:44:34 GMT

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
84187f21-3885-4c7b-b35e-4df784aa6723
x-amzn-trace-id
Root=1-65574411-30aae32f16a6efc44fa25735;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
x-amz-apigw-id
OieS1FheIAMEcCA=
content-length
0
x-amz-cf-id
9h0jSMNa3KCIHWytn5Vz_r-YgZZUxgFq4t0r5aNH0RkB_6oTCSCM2g==
access-control-allow-headers
*
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=5a729f206aeb17edfd30fdac7043f3d8e11ace45&sp=S-815263974&u=7ec12f30e78b7ba22b11f3cc743f6f5daed7f57d&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
0
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://api.nivaai.com/tr?f=720332f281690805753f2f83ad415bbb2eb68a37&sp=S-297568410&u=04d0bbea8b9a652c488d655211583668789cee18&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
52.201.115.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-115-137.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
ab17fb46-85e0-4e24-b7ad-3d6a1d4a67b6
x-amzn-trace-id
Root=1-65574411-0f379e0c466e86df27f07e21;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
x-amz-apigw-id
OieS1FTYIAMEGZQ=
content-length
0
x-amz-cf-id
O5h_p9fUcrzSSI_O3_dC1ka0oxmJgK1wE60V7XBczZxHryJMeyUC4Q==
access-control-allow-headers
*
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://api.nivaai.com/tr?f=d37ccd7a5f5e5be7dafe55443a379374b3018a06&sp=S-614972385&u=2fa307d78f0e2a2dc67168bab9d88b668a441ec4&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=0763cc37-537a-49dd-812f-59ca3bb254e5
43 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
HTTP/1.1
Server
216.22.16.41 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
479a26fa-e5ac-4f08-8344-47d446de877e
x-amzn-trace-id
Root=1-65574411-3f092bf75f8ce5620df635d7;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
x-amz-apigw-id
OieS1G9CoAMECBQ=
content-length
0
x-amz-cf-id
eJ3pXzboiWdplIzbAs_c-yVSlNGtDNxMI91MNhSBenhg-k9KwJm8DA==
access-control-allow-headers
*
um
criteo-sync.teads.tv/
Redirect Chain
  • https://api.nivaai.com/tr?f=eb35ac08f3c3d3bf1f4d4bb4b9216728cec2e51a&sp=S-758392614&u=4b9903641f4a0f9066270e7298999cd8430099ff&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://criteo-sync.teads.tv/um?eid=80&uid=0763cc37-537a-49dd-812f-59ca3bb254e5
23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
23.56.163.154 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-154.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 17 Nov 2023 10:44:34 GMT
pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
45f536c8-eac8-4560-b8aa-94e260a30b1b
x-amzn-trace-id
Root=1-65574411-2cf5f53374740817522c2fa4;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://criteo-sync.teads.tv/um?eid=80&uid=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
x-amz-apigw-id
OieS1EcyIAMEpvQ=
content-length
0
x-amz-cf-id
IhYXdFVbIeeN3gT0hEHic3E2tjiRxSR1Xll7p3_fdgVztZa9fLnxfA==
access-control-allow-headers
*
xuid
eb2.3lift.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=6747cc23f746153f2b2a7b602ecaccb9a7bd50a3&sp=S-908142673&u=a72c1de4414b04d8f890b3bc3d3aaf4e17195654&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://eb2.3lift.com/xuid?mid=2711&xuid=0763cc37-537a-49dd-812f-59ca3bb254e5&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=0763cc37-537a-49dd-812f-59ca3bb254e5&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=0763cc37-537a-49dd-812f-59ca3bb254e5&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2711&xuid=0763cc37-537a-49dd-812f-59ca3bb254e5&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 17 Nov 2023 10:44:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58301/
Redirect Chain
  • https://api.nivaai.com/tr?f=fa3bbf1175eaaa621af07ec71d795fdafcb24f15&sp=S-326971458&u=21f4666dec325f4a4b4710f87ab6732088377337&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&verify=true
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&verify=true
date
Fri, 17 Nov 2023 10:44:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
idsync
tg.socdm.com/aux/
Redirect Chain
  • https://api.nivaai.com/tr?f=8727e54d6e13b409a2403aa659f030a6dd59210d&sp=S-690825437&u=51d12f19f79e8deec40d7f35a2eb45cc509f63a8&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=0763cc37-537a-49dd-812f-59ca3bb254e5
0
0
sync
visitor.omnitagjs.com/visitor/
Redirect Chain
  • https://api.nivaai.com/tr?f=d118ec24b37db2b9f1ccadf241e4632ccb6790e3&sp=S-573964182&u=346a1dd908b89059217820e615719f5cc3da5024&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=0763cc37-537a-49dd-812f-59ca3bb254e5
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
3.138.212.158 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-138-212-158.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
ea55dc7a-5eb5-47f8-b8fd-dccf958a500a
x-amzn-trace-id
Root=1-65574411-00073c6404e337b535718c7e;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
x-amz-apigw-id
OieS1H_zIAMEEvA=
content-length
0
x-amz-cf-id
nXQnhmv-ypITx6ul4koezsb1X8YTkWjOZVmw7cYn8lKCubvV2aLRWw==
access-control-allow-headers
*
rum
r.casalemedia.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=bf57843020d0f2b0dcfb9ec94410d3c3deb0fb7a&sp=S-812435679&u=e63568adcf6106c2f7e9176c17ec7132f883d6c5&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&C=1
43 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhqbOPlRq4RpR3grmJ6qDN7%2BCDzzwz8yz2HdpbS7yldp3lemIWbr9GkIndu3CA1sB1QvR6242Cf9IW8ifEaenOMGBKM59lTXaa6%2FdtaMkhoJv7z7DyqZkjJVdKwakhnJ2IEy"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82776110a97242c0-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=solj6WieECOLCwJp35oLsQKEXA1Gd7%2BHXa9s50vXgWLCeOwGRKWKwv6t4f7ZZ23UWA4MRHDvHpg5%2FFvFp9aQTfKFKw2a%2BTePqZV2MwxX3jAT3ELSI5mysEJMMWnVmxL%2FW5Hi"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5&C=1
cache-control
no-cache
cf-ray
82776110694642c0-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
partner.mediawallahscript.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=ecab21dcaece99acd3bd66fae38db4331a45a7d4&sp=S-938176540&u=6348dcc6f5e862a2bb2c7b536d708d2663b07dfa&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&custom=&tag_format=img&tag_action=sync&cb=
  • https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&custom=&tag_format=img&tag_action=sync&cb=&final=true&reqid=4bb7f7e0-8536-11ee-96a9-6...
0
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&custom=&tag_format=img&tag_action=sync&cb=&final=true&reqid=4bb7f7e0-8536-11ee-96a9-6595e636bad7&timestamp=2023-11-17T10%3A44%3A34.014Z
Protocol
H2
Server
184.73.254.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-254-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
private, no-cache, must-revalidate, no-store, max-age=0
server
nginx
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
server
nginx
vary
Accept, Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
/?account_id=2045&partner_id=2106&uid=0763cc37-537a-49dd-812f-59ca3bb254e5&custom=&tag_format=img&tag_action=sync&cb=&final=true&reqid=4bb7f7e0-8536-11ee-96a9-6595e636bad7&timestamp=2023-11-17T10%3A44%3A34.014Z
content-type
text/plain; charset=utf-8
cache-control
private, no-cache, must-revalidate, no-store, max-age=0
content-length
232
expires
Sat, 26 Jul 1997 05:00:00 GMT
match
ad.360yield.com/ul_cb/
Redirect Chain
  • https://api.nivaai.com/tr?f=2da2e7f29a444e02a7e52c5d5a488a5d14f5d7ae&sp=S-642739185&u=8cfc590d34394c2ef0723049fbdeea93acdcdde9&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
44.197.77.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-77-254.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 10:44:34 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
date
Fri, 17 Nov 2023 10:44:34 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=e75980556eaeb9f2ac6ac8d45f1cbe771f427983&sp=S-795682431&u=91432ca9eecf758860845d8f9400c2f7a59ccad2&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://matching.ivitrack.com/sync?realm=niva&uid=0763cc37-537a-49dd-812f-59ca3bb254e5
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=niva&uid=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
5aba7e01-c115-42c2-ada2-ccd4e70e4a21
x-amzn-trace-id
Root=1-65574411-164903b716b5f61d4f261c20;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://matching.ivitrack.com/sync?realm=niva&uid=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
x-amz-apigw-id
OieS1FspIAMEoQQ=
content-length
0
x-amz-cf-id
dUNjb1gfpJ19VmovHT1ex7Q7989Y7yK2vw9-k4rdHOcTqW9gmqKjJw==
access-control-allow-headers
*
sync
live.rezync.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=efd86e105013597855154feb5f5b4a4256397333&sp=S-318674529&u=ff81ad8dbf0046097baa9c3be3bb85ec8afe33a3&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=0763cc37-537a-49dd-812f-59ca3bb254e5&_li_chk=true&previous_uuid=f77e269f04f24079b9ab5d3768580996
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f77e269f-04f2-4079-b9ab-5d3768580996
0
0
push
exchange.mediavine.com/usersync/
Redirect Chain
  • https://api.nivaai.com/tr?f=9f088d50c82a135f4a2c97b4e4ffbacefecal139&sp=S-829541076&u=f27de6c2072ec7b8298bf7817723af9fbb265cc2&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=0763cc37-537a-49dd-812f-59ca3bb254e5
0
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
3.211.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-29-151.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
49d40407-a63f-462c-b98a-880df5e6d07c
x-amzn-trace-id
Root=1-65574411-3509d22c46b75a9969f70114;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
x-amz-apigw-id
OieS1G3KoAMEMhQ=
content-length
0
x-amz-cf-id
rCwEBAMpoaVRp4o874igyuz2m6TPbHFm5J2yPIJi81AcGAwr_4u2Ow==
access-control-allow-headers
*
c.gif
c.bing.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=aaidc180e92278a7cc930079632585e48adf97ab&sp=S-615239870&u=7becd6406b1f8918e6159bb49a0735bdb10b2187&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=0763cc37-537a-49dd-812f-59ca3bb254e5
42 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=0763cc37-537a-49dd-812f-59ca3bb254e5
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BBEB9C3645E440318619CED061DA52E1 Ref B: EWR30EDGE1406 Ref C: 2023-11-17T10:44:33Z
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

date
Fri, 17 Nov 2023 10:44:33 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
f9d24d80-e709-49e8-8455-e9b1d57a812b
x-amzn-trace-id
Root=1-65574411-476a63011179bec72543957b;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=0763cc37-537a-49dd-812f-59ca3bb254e5
access-control-allow-origin
*
x-amz-apigw-id
OieS1E0eIAMEa0Q=
content-length
0
x-amz-cf-id
tvbaG9Wswg1YcrEsAGae_L57uBuVmM4klzNSzjEb2diiAVRLGwRnhg==
access-control-allow-headers
*
1017
jadserve.postrelease.com/suid/
Redirect Chain
  • https://api.nivaai.com/tr?f=6cda20d25a20df7c58b358f9c7a1b76260e6dc34&sp=S-470638592&u=2526a56da4de76625aed68c63a7a21b3a698f8ed&na=0763cc37-537a-49dd-812f-59ca3bb254e5
  • https://jadserve.postrelease.com/suid/1017?vk=0763cc37-537a-49dd-812f-59ca3bb254e5
0
0
/
www.google.com/pagead/1p-user-list/11223038493/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11223038493/?random=1700217873373&cv=11&fst=1700215200000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116618575&u_w=1600&u_h=1200&url=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Flogin&frm=0&tiba=PayStubs&fmt=3&is_vtc=1&cid=CAQSGwDICaaNtI6oaFEQQWzJ1HajSBXU9fGZOhRjFw&random=1846169713&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
211021221
www.clarity.ms/tag/uet/ 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/211021221
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/211021221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
-1
date
Fri, 17 Nov 2023 10:44:33 GMT
x-azure-ref
20231117T104433Z-by9apsnpnx1bbfk29mc36yrfbs00000001u0000000001nd7
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
829
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=280638974420595&ev=PageView&dl=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Flogin&rl=&if=false&ts=1700217873814&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1700217873812.1644726128&ler=empty&it=1700217873603&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 17 Nov 2023 10:44:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873889701
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217873889124
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873917915
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1700217873917274
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873917921
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1700217873917374
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873889317
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217873889141
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873889842
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217873889230
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873889697
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217873889150
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873889511
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217873888965
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873889627
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217873889017
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873889717
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217873889103
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873889280
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217873889055
access-control-allow-credentials
true
content-length
0
6
m.stripe.com/ Frame A68B 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.37.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-37-98.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Fri, 17 Nov 2023 10:44:34 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700217874093934
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1700217874093613
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:33 GMT
x-stripe-server-envoy-start-time-us
1700217873917580
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1700217873917325
access-control-allow-credentials
true
content-length
0
identify_bb163.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.208 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id
a38c250
date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023110908143792A24FFEC9F8D8E53570
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-51-148-204.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01104831bbfb6b196ae59a850efc0b1bb80b1bc8e4459f5098496b7b833e45623bdab569a2e3c4bcd1ca95795a0bd2933a6243b2bf3b03dec8e7f9480c4ff92f4eef2ac59b732af75cecf7d85a95aa600d62739369400d06f9a9ac5dc91e98c94c
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
36076
pixel
analytics.tiktok.com/api/v2/ 		0
790 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.208 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
493f533.a38c25f
date
Fri, 17 Nov 2023 10:44:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-51-148-204.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time
57,184.51.148.204
server-timing
cdn-cache; desc=MISS, edge; dur=12, origin; dur=50, inner; dur=47
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231117104433AE2DB2DB707AE75AA0D5
x-cache-remote
TCP_MISS from a23-220-104-213.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
50,23.220.104.213
x-tt-trace-host
018b9ce44e0c487113b05e27c266db62bc72ebaafb67e3bc46a7c028ac379a69b6344dc0c3f3819d6a1efc8259b5a9a4bf52e35d661be248c7254032b2abe5658e554a2362785ec2db7a2a432e46b0032eaef1b8c2ea70d81a304dfae959d3048e2aa5da1b3159e7094937881deb11e4b5
access-control-allow-headers
Authorization,*
expires
Fri, 17 Nov 2023 10:44:34 GMT
banner.js
js-eu1.hs-banner.com/v2/139577915/ 		0
0
fb.js
js-eu1.hsadspixel.net/ 		0
0
collectedforms.js
js-eu1.hscollectedforms.net/ 		0
0
139577915.js
js-eu1.hs-analytics.net/analytics/1700217600000/ 		0
0
clarity.js
www.clarity.ms/s/0.7.18/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.18/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/211021221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
content-encoding
br
last-modified
Thu, 16 Nov 2023 12:21:47 GMT
etag
W/"0x8DBE69E9A6E7807"
vary
Accept-Encoding
x-azure-ref
20231117T104433Z-by9apsnpnx1bbfk29mc36yrfbs00000001u0000000001ndg
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
31b61e72-801e-003a-6092-1834a3000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2335A413B6104C9D82FE1D30B4059135&RedC=c.clarity.ms&MXFR=0F41BD99B9216B7D03C3AE55BD21659A
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2335A413B6104C9D82FE1D30B4059135&MUID=209278712A966AF637626BBD2B3E6BBD
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2335A413B6104C9D82FE1D30B4059135&MUID=209278712A966AF637626BBD2B3E6BBD
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
server
Microsoft-IIS/10.0
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 50F5A02DADA347D584C5CE39189CDF7D Ref B: EWR30EDGE1406 Ref C: 2023-11-17T10:44:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2335A413B6104C9D82FE1D30B4059135&MUID=209278712A966AF637626BBD2B3E6BBD
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:34 GMT
x-stripe-server-envoy-start-time-us
1700217874048880
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217874048689
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:34 GMT
x-stripe-server-envoy-start-time-us
1700217874051581
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1700217874051274
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:34 GMT
x-stripe-server-envoy-start-time-us
1700217874058389
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700217874058119
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 6734 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8712367e2a4753018de6c5692dc45ff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 17 Nov 2023 10:44:34 GMT
x-stripe-server-envoy-start-time-us
1700217874068605
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1700217874068046
access-control-allow-credentials
true
content-length
0
collect
v.clarity.ms/ 		0
0
v2
rs.fullstory.com/rec/bundle/ 		0
0
0
bat.bing.com/actionp/ 		0
0
/
www.woopra.com/track/push/ 		0
0
collect
v.clarity.ms/ 		0
0
/
o4505159641530368.ingest.sentry.io/api/4505192500625408/envelope/ 		0
0
6464bbc2b411a231097dccfb_logo_mobile.svg
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/6464bbc2b411a231097dccfb_logo_mobile.svg
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-120.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd3dde64a6e766a4d1ed233c47cc6f6549b44b631dcb67594ff77c61b2c71bd5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:33:43 GMT
x-amz-version-id
IUtVaOk1aulSxAJqOhin_cgRGe5tjyys
content-encoding
br
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
age
238252
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 17 May 2023 11:34:28 GMT
server
AmazonS3
etag
W/"58aff547dbddba076a9f1a95ee3afa68"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
EsvMnb1V7Gweh0jhrXSDqJ5x2OloGwOLj8sVJrnkspogO69MJf_F7w==
65045a51b1376435015b969d_PayStubs_logo%20(5).png
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/65045a51b1376435015b969d_PayStubs_logo%20(5).png
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-120.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
beec0d053c8f74c5fc8aeac7373378e9a1897eea0ed27e8edf56383f71201655

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 16:16:12 GMT
x-amz-version-id
SZZDQgv3K_8pLBmuzb5hsNqYJQTIVFju
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
age
2658503
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4791
last-modified
Fri, 15 Sep 2023 13:21:23 GMT
server
AmazonS3
etag
"0e13cfd6c5e306141e11c86fb87ebfd5"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
3oH-vKUfvpGURyvANcgb3b3ATRf8E4sds9zxv9g3hL_4vnTMfHZwQw==
6502c48e10da9a3470e9a521_Group%2021062.png
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 		301 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/6502c48e10da9a3470e9a521_Group%2021062.png
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-120.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80b2f78cd58c98116e945004bee55da41f0506adacc10e362b75d95a4bdb24df

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 01:49:57 GMT
x-amz-version-id
EbCICCiaEFYJmGsX3.ETOYysJiduBKms
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
age
896078
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
307721
last-modified
Thu, 14 Sep 2023 08:30:08 GMT
server
AmazonS3
etag
"a2946505a71ba2bab346afe5a1e36861"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
SUDPH2er2dElun-czTcxqv0944zIifaCHf90c-96g44urVOLZMMidg==
650949474a1e9f95adf04245_Text%20and%20checklist.svg
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 		57 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/650949474a1e9f95adf04245_Text%20and%20checklist.svg
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-120.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65e824fcf534553c1cbfb6a8404a0e6fa966604c846bf5fc348b27d9ade63bb9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 16:16:12 GMT
x-amz-version-id
rBRO7_5uxrAwm.KvJfpJLJyFf1GFzUnk
content-encoding
br
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
age
2658503
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 19 Sep 2023 07:10:00 GMT
server
AmazonS3
etag
W/"a81f99ff020845068432380cd4b4461b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
fNElhFnuax0JF2X7IaR3GQv29cBfzz_L_W423crb_FC73V3rsAVwZQ==
645deba153d0f1967d356f30_eye-slash.svg
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/645deba153d0f1967d356f30_eye-slash.svg
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-120.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11788b09fd68530090570b96be13fc8f3f76fd14ede52598b40f4421dc7e9c04

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 15:49:23 GMT
x-amz-version-id
mxV6YRkfgGAoR50O7IeiClcG8Aq0fBYx
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
age
1018512
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
756
last-modified
Fri, 12 May 2023 07:32:51 GMT
server
AmazonS3
etag
"cbce5c1c2c7666c6adfa9c7e10819261"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
U8jbDP8QxJ0b0jmUYDDugw9SE72bivCqn0cEVHSWiqbEZHK18t_5aw==
6464bbc2f940eff813ca1dfb_eye.svg
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 		709 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/6464bbc2f940eff813ca1dfb_eye.svg
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-120.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c64435f07e61b7860c6fdfc7b918f7483557be76fba80d11dc075096d6f814f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 15:49:23 GMT
x-amz-version-id
1L9mjJsugL3bWTVicLmwzVnb7nZUutsI
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
age
1018512
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
709
last-modified
Wed, 17 May 2023 11:34:28 GMT
server
AmazonS3
etag
"71115c2be2c72c65c1fade72f1ccc93b"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
hks0o0yMUcJ0hMLhqo1jn_lK8gDbt6PFsNyA7TvkypZ6FCY4dV-QZw==
645deaa9825a96ec23f12bba_Google_Icon.svg
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/645deaa9825a96ec23f12bba_Google_Icon.svg
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-120.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ce88aa2cd221354d7ba1a07337a09e1632241bc1d755c2db614b1de1c383217

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:33:43 GMT
x-amz-version-id
ZSPvQ1rnM_znT78vGvO2EYVLHCURSOiS
content-encoding
br
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
age
238252
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 12 May 2023 07:28:43 GMT
server
AmazonS3
etag
W/"ce02bd8f1a1ab99c1b117260050c3647"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
iNck_aJwyNGiZU2hkAAy8vbWzg6I_7-JgCl8qgbWgLHHQ-mkI2vfcg==
auth0.min.js
cdn.auth0.com/js/auth0/9.18/ 		182 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/9.18/auth0.min.js
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7a00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c01cdbf532e04e0405e5a197ca95d698bc179640c8e1945487a5db0a05923caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
0oSyqygNJmIxgTdWAY.70ye9IMXesbI9
content-encoding
gzip
via
1.1 cedbf7a51c689bd1e26af4b73768d270.cloudfront.net (CloudFront)
date
Fri, 17 Nov 2023 10:31:34 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
JFK50-P6
age
781
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 18 Jan 2022 16:34:50 GMT
server
AmazonS3
etag
W/"e940a743df0750a57e7f584934a24620"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800,public
x-robots-tag
noindex
x-amz-cf-id
RuIBa0U-5A_8CyJSpLKMhHLmpaEmsVkUxEgaWyUqy4BefLWYF0WXZg==
object-assign.min.js
cdn.auth0.com/js/polyfills/1.0/ 		278 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/polyfills/1.0/object-assign.min.js
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7a00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
QnBigF9q9VrtNR8TU_yhfoN9BlecmQ2x
date
Fri, 17 Nov 2023 08:15:28 GMT
via
1.1 cedbf7a51c689bd1e26af4b73768d270.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
JFK50-P6
age
8947
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
278
last-modified
Thu, 08 Jun 2017 20:30:02 GMT
server
AmazonS3
etag
"4dfaafaab07b1c6c2314bfe79a1baa81"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800,public
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
iww0gBUSgq-48QqGd4WN2-PAcXUhojXu0oHroZUTeVRQOEDnzTFr5Q==
F37Bolton-Medium.woff
cdn-static.paystubs.com/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-static.paystubs.com/fonts/F37Bolton-Medium.woff
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.124.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.124.160.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
25dae1888760b37dbff06288494fb41311061429bade1fc162aa8c6ca585e21d

Request headers

Referer
https://auth-staging.paystubs.com/
Origin
https://auth-staging.paystubs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABPtcPoXclvOUpg8LbXm7mu9rcPfbD7w56c7ssh94rQUj3qaxDmEPlrkDQA3ZqmrbP4uT5lC60nKLbS8LYipqdjYF7LGcaYdvAy_
x-goog-storage-class
STANDARD
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
x-goog-meta-access-control-allow-origin
*
content-length
49996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Mon, 03 Apr 2023 11:34:01 GMT
server
UploadServer
etag
"3066d93c9ea9e6502973dd20a645a961"
x-goog-generation
1680521640999403
x-goog-hash
crc32c=8jBZ4g==, md5=MGbZPJ6p5lApc90gpkWpYQ==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
49996
accept-ranges
bytes
content-type
font/woff
F37Bolton-Regular.woff
cdn-static.paystubs.com/fonts/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-static.paystubs.com/fonts/F37Bolton-Regular.woff
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.124.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.124.160.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
93b04a3a6e5c5e1fe28c7e7c0a50351b232c214b20fb91365711510283864b7b

Request headers

Referer
https://auth-staging.paystubs.com/
Origin
https://auth-staging.paystubs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABPtcPq0HRxDr7j7v-WWEZv0RPoNvK5Wyu8Jv8LOv9zLZLl7plKGfdChMEt_l23S2DH5qCBG8lbttnCc-9_dtDQMywb2yA
x-goog-storage-class
STANDARD
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
x-goog-meta-access-control-allow-origin
*
content-length
47604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Mon, 03 Apr 2023 11:34:15 GMT
server
UploadServer
etag
"1fb246470401e7bbd67f2a3f794e32dd"
x-goog-generation
1680521655467666
x-goog-hash
crc32c=SwgE7A==, md5=H7JGRwQB57vWfyo/eU4y3Q==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
47604
accept-ranges
bytes
content-type
font/woff
gtm.js
www.googletagmanager.com/ 		299 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9f22a64f27f322080e1f7a6e9754c4aa0eb4ba660322cb42416a489f5b3656a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98357
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Nov 2023 10:44:34 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MDB3MHPDXM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b536f65314dc13cbc151f417523851bacf1db4003d59c36deb9b63c43229a382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82414
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 10:44:34 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:800::1726:a84a Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Nov 2023 09:07:27 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=63372
accept-ranges
bytes
content-length
3840
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 17 Nov 2023 10:44:34 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F7A6649243184820A91D177C545DA3AB Ref B: EWR30EDGE1406 Ref C: 2023-11-17T10:44:34Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
fbevents.js
connect.facebook.net/en_US/ 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 Nov 2023 10:44:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
OyMz3Y6O5PVYj7InByuxxLe1ja3E8ZKGnrsROq9RDEovPjqe/5ltGKpHZnCn88b7shK/QAVabQAh+v/ICVM1GA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/?random=1700217874444&cv=11&fst=1700217874444&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116618575&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DX1lfdVBiWTM&ref=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20with%20Auth0&auid=308205673.1700217873&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a346053390aa172aee9f1133395a3b49f9633fee85c59d27b744db045665ea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1622
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jkd.js
cl.qualaroo.com/ki.js/83441/ 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl.qualaroo.com/ki.js/83441/jkd.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
12c15d09c171fb3d000989e553e09f267ca5ddfec2827ba4f7620015df8e0225

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
ZDQHHG537R4NZ9K1
x-amz-server-side-encryption
AES256
cdn-cachedat
10/30/2023 12:13:55
cdn-pullzone
92714
x-amz-id-2
NEOBVkadC1Qxw3FyX6EgnWs1+B0KyYiEVuIkzbrWtMH8OhQVy0QhGbD9bhNuzJX1bqwrm7k1CVY=
last-modified
Mon, 30 Oct 2023 11:44:00 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"bc8596cb14d803019e5d5accd3bfc9f8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/ecmascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=0, s-maxage=3600
cdn-requestid
b0b4eab2d4a86306cc20fceef37264d5
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
fs.js
edge.fullstory.com/s/ 		247 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
878fa0dda1bf5303d4c094f42ba9f7b3aaff615c75b0f89ef4011ea9f5adcaf7

Request headers

Referer
Origin
https://auth-staging.paystubs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:57:51 GMT
content-encoding
br
age
2803
x-guploader-uploadid
ABPtcPqjJRPyV2gBKFuPjJ_l9n0d7nGC_OQcOVBCphgS-opcVxDVw72S8u772l0WeZhDGdq-px-YuzIXiQMbBp32HHr0YNccBiP4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69204
last-modified
Fri, 10 Nov 2023 14:06:35 GMT
server
UploadServer
etag
"76afec209977b7bdc80ad7f037ea3611"
vary
Accept-Encoding
x-goog-generation
1699625194984472
x-goog-hash
crc32c=LMNjrA==, md5=dq/sIJl3t73ICtfwN+o2EQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
69204
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Nov 2023 10:57:51 GMT
139577915.js
js-eu1.hs-scripts.com/ 		2 KB
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/139577915.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1536be82ecfe4cf7eb46fafcbb5bbaa1f69c90971d2ec9058f134f471a18d62a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-hubspot-correlation-id
672fc019-534c-4d7c-892c-a04698b79e0b
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=2038
age
1
x-envoy-upstream-service-time
13
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
672fc019-534c-4d7c-892c-a04698b79e0b
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 10:43:58 GMT
server
cloudflare
x-trace
2BDC6A83A54407402B2816D9CEA02669FDE2F9D77E000000000000000000
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-7695f4b84d-gb9sd
cache-control
public, max-age=30
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
cf-ray
827761139e491b94-DUB
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHEF1OBC77UAAU7KU0H0&lib=ttq
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.208 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
16cc99cad9524df10d0054894b8077353ed0045aa3fb5587e8e1d31fa0852ab1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id
48315cbb.a38c2fd
date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-51-148-204.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time
16,184.51.148.204
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=8, inner; dur=4
content-length
1751
pragma
no-cache
server
nginx
x-tt-logid
202311171044341E770C3DC79159F14B23
x-cache-remote
TCP_MISS from a23-220-104-219.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.220.104.219
x-tt-trace-host
018b9ce44e0c487113b05e27c266db62bc72ebaafb67e3bc46a7c028ac379a69b6f77496c8abd837ab89b9ddad3bd3c9ed5eb6d47d904a91207762cefe8725da40ad6854103f94de2e34a027d01c3b1fb2437495b856ee369550e07c630098a60f43846674a228bcd0d1c169ee3b8e1e67
expires
Fri, 17 Nov 2023 10:44:34 GMT
widget.js
wchat.freshchat.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://wchat.freshchat.com/js/widget.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-199-76.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
w.js
static.woopra.com/js/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.woopra.com/js/w.js
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
9213bf77e387d83295bc8f3fbedd1f0d95601ab5f0a1f1b8927af599531c2b23

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
18349
x-cache
HIT, HIT
content-length
12997
x-served-by
cache-iad-kjyo7100087-IAD, cache-lga21961-LGA
last-modified
Thu, 02 Nov 2023 23:29:38 GMT
server
Apache/2.2.15 (Red Hat)
x-timer
S1700217874.455570,VS0,VE0
etag
"21dbc-94f0-60933c2eb33ac"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-cache-hits
2, 41
ntag.js
www.nivaai.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivaai.com/ntag.js?id=6249ec2b-9496-41ca-97c0-e50802176b13
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b04ba4d5260643ffb3391278327417e0ee2b05220260770cb6a21b1fd148dbd6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1::glbvv-1700217874460-4bf501f0f307
age
2403353
x-matched-path
/ntag.js
etag
W/"1f6e22d85d1b46e955d4656374f1b52e"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="ntag.js"
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:800::1726:a84a Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 15 Oct 2023 08:32:45 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=33742
accept-ranges
bytes
content-length
3272
280638974420595
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/280638974420595?v=2.9.138&r=stable&domain=auth-staging.paystubs.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3c4fe844b18496bf0be2ed42cc178e8039788647be2793f00a8e7972c69204ad
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 Nov 2023 10:44:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
2S/6gAk3W5WfBZG+3iMNcAjcpcJh92593Hlquo2v7y1v4irMky3l+rSDtuBNIres2Czq3dK7xd1eltxJ7vXSKw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
web
edge.fullstory.com/s/settings/MCM6B/v1/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/MCM6B/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
842cc4b7277aa4070e812687e553c32ebc03920c3a188cc0c7efcafa056e5453

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:43:46 GMT
content-encoding
gzip
age
48
x-guploader-uploadid
ABPtcPobu1MGyulRbnvzWc8gz6Akw4-BsbpXTq72S8OuO_wuq36IeYFBgCl56uI_JDXeHgfU3NqjdHnjXBEsRJtE8r0SVkwHfuUr
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1322
last-modified
Fri, 17 Nov 2023 10:41:29 GMT
server
UploadServer
etag
"8c624d63898c6c0210d83822fe8b840e"
x-goog-generation
1699625489541167
x-goog-hash
crc32c=zVN12Q==, md5=jGJNY4mMbAIQ2Dgi/ouEDg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1322
accept-ranges
bytes
content-type
application/json
expires
Fri, 17 Nov 2023 10:58:46 GMT
/
www.woopra.com/track/ce/ 		0
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woopra.com/track/ce/?project=paystubs.com&instance=woopra&meta=&screen=1600x1200&language=en-US&app=js-client&referer=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2F&cookie=1uI6b1REsJIU&event=pv&timeout=600000&idptnc=c35an4fCEOzj&ce_url=%2Flogin%3Fstate%3DhKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DX1lfdVBiWTM4Lm9%252BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%253D%253D%26code_challenge%3DzcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&ce_title=Sign%20In%20with%20Auth0&ce_domain=auth-staging.paystubs.com&ce_uri=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DX1lfdVBiWTM4Lm9%252BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%253D%253D%26code_challenge%3DzcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&ce_scroll%20depth=1&ce_returning=false
Requested by
Host: static.woopra.com
URL: https://static.woopra.com/js/w.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.95.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.95.55.162.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
content-type
text/javascript; charset=utf-8
tr
api.nivaai.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nivaai.com/tr?command=config&na=4d069421-8294-40fc-9f9b-fa1b4b78762e&ntag=6249ec2b-9496-41ca-97c0-e50802176b13&pathname=/login
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-59.phl50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-trace-id
Root=1-65574412-72ae39ee6ff4d13e1dc0baa1;Sampled=0;lineage=fc8b8e8b:0
x-amzn-requestid
3fae6c2a-1df6-48f5-a780-4e34e18a45c4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
OieS8F6fIAMEqRA=
content-length
0
x-amz-cf-id
xd-Uw_tVThXJG_rPlTrJauUZj7EkB2SNV3GdbE6NGmILcTMlrnwV0g==
access-control-allow-headers
*
setuid
secure.adnxs.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=88af339a74aa97d101dd5c01de2cb91576cb2904&sp=S-149357862&u=9c988384b6094037610962448ca3e859eaf8d62e&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://secure.adnxs.com/setuid?entity=52&code=4d069421-8294-40fc-9f9b-fa1b4b78762e
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
an-x-request-uuid
b4c63f94-7bda-4340-8697-023dd697d311
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.134; 5.181.234.134; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
8cccbf37-28d8-43e6-a632-e61dca788594
x-amzn-trace-id
Root=1-65574412-383185cc3a3cf7484adc94c3;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://secure.adnxs.com/setuid?entity=52&code=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8F6eoAMEqRA=
content-length
0
x-amz-cf-id
uYEAn-tfiSbR25HSdpXqnwNrGcw20IY6KQqgPnhfJB09ranwm7BdiA==
access-control-allow-headers
*
sync
x.bidswitch.net/
Redirect Chain
  • https://api.nivaai.com/tr?f=06c472030e7c9695fa372a64ea36a9961379d226&sp=S-408726195&u=7f17264a8e801c6bb9afb48ba7b3e3b3f19ce502&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 10:44:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
da079292-5b1b-4ead-812c-3f79619313ed
x-amzn-trace-id
Root=1-65574412-1bd9d2683ef86fe963dc79f2;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://x.bidswitch.net/sync?dsp_id=46&user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
access-control-allow-origin
*
x-amz-apigw-id
OieS8F8vIAMEccQ=
content-length
0
x-amz-cf-id
3axEBNImbmhTqHfoNwUEUfc1TXNWSUMhuSTQ1tomlO5Uj2RKeU3nSw==
access-control-allow-headers
*
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=578f90fd67fdcd54956dced2ce20dcdf9142f9ad&sp=S-675849123&u=24de6614a05c34eeb09bc7dde9a000dfd17242ed&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://sync.outbrain.com/cookie-sync?p=niva&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e&initiator=partner
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=niva&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e&initiator=partner
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 10:44:34 GMT
Cache-Control
no-cache
X-TraceId
7365d27f5abb3fdbc4e434bd9e1f1f9b
Content-Length
0

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
45882269-cfdd-4cde-aae9-70ca4314c659
x-amzn-trace-id
Root=1-65574412-47e93b5a296c8cda68cc273d;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://sync.outbrain.com/cookie-sync?p=niva&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e&initiator=partner
access-control-allow-origin
*
x-amz-apigw-id
OieS8FT1oAMEeYg=
content-length
0
x-amz-cf-id
m5j6XB60lpADB8fRX8K84GfjlEPftL48KCqn1pWFA4ssJoXCeh-Q6w==
access-control-allow-headers
*
sync.htm
ade.clmbtech.com/uid/
Redirect Chain
  • https://api.nivaai.com/tr?f=10e1cb15cb44ad36b7722a7fef0612e3bbac4066&sp=S-284953716&u=a8ef51bbd1c64b45e7882e2e876dcb9f9dfe470d&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=4d069421-8294-40fc-9f9b-fa1b4b78762e
68 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
2600:141b:1c00:1d::172c:cb04 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Fri, 17 Nov 2023 10:44:34 GMT
x-content-type-options
nosniff
server
Bhoot
x-frame-options
sameorigin
content-type
image/jpeg
x-upstream
172.29.17.240:80
content-length
68
x-xss-protection
1; mode=block

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
1a1f7f7b-d687-4815-94e9-95c0453c32d7
x-amzn-trace-id
Root=1-65574412-25b9d441642ff60460ed26ec;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8EvtoAMEnIg=
content-length
0
x-amz-cf-id
iZgrFo1S2BgDhKgN_60p4r3F_HAqjAUL5E7SMnzKL0sfzQG7CGY9vg==
access-control-allow-headers
*
pixelCt.tpmn
ad.tpmn.co.kr/
Redirect Chain
  • https://api.nivaai.com/tr?f=3fde1860a45a4d59a7f2c2df8f7e2bbe789958b2&sp=S-917263458&u=4f4b8a4c63d370bb51eb06faa3c3f3fc1284a917&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=4d069421-8294-40fc-9f9b-fa1b4b78762e
170 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.166.102.34.bc.googleusercontent.com
Software
/
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
vary
accept-encoding
content-type
image/png;charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
6c714392-dde7-4000-b318-f25bf5541f75
x-amzn-trace-id
Root=1-65574412-51bee356156e8c2f1f5dec65;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8EtPoAMEqeg=
content-length
0
x-amz-cf-id
oAat3MUIOYDEvp3KUb8yNLswwTxvnNct-YLkwsJxqKCcCl69qAQ44Q==
access-control-allow-headers
*
sync
x.bidswitch.net/
Redirect Chain
  • https://api.nivaai.com/tr?f=c5a8fb7c5f1bbd179115d5a349e8ff22a6bab02d&sp=S-593187240&u=d92a278a4606529cd50ed2ace51a2aeb962a2f67&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 10:44:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
54e76eb2-449c-4a38-b4ec-053aafd134c0
x-amzn-trace-id
Root=1-65574412-5a9c9a24391587414763ca33;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://x.bidswitch.net/sync?dsp_id=46&user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
access-control-allow-origin
*
x-amz-apigw-id
OieS8FyVIAMEowg=
content-length
0
x-amz-cf-id
O-9gvr4TWINXaiPEcQi8S7THoiGQWcjHcdgQEO8ShGThnxbdRoHvcQ==
access-control-allow-headers
*
cookiematch.aspx
dis.criteo.com/dis/rtb/google/
Redirect Chain
  • https://api.nivaai.com/tr?f=13915bcddbc8ea773106010e33f79d42736fde25&sp=S-836291754&u=8dd9b9a903319008c55018a4b8a3531d27852f4f&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&NivaUserId=4d069421-8294-40fc-9f9b-fa1b4b78762e&google_cm&google_hm=ay1iRmc1N005R3FET2JVTmc0a2VVTjE4eTUwc18ya0lxUjB5N1hrZw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=4d069421-8294-40fc-9f9b-fa1b4b78762e&google_gid=CAESEEDZxXt_ilPyAeMk9YNcdWo&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=4d069421-8294-40fc-9f9b-fa1b4b78762e&google_gid=CAESEEDZxXt_ilPyAeMk9YNcdWo&google_cver=1&google_ula=913071,0
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
423998
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=4d069421-8294-40fc-9f9b-fa1b4b78762e&google_gid=CAESEEDZxXt_ilPyAeMk9YNcdWo&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
392
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/
Redirect Chain
  • https://api.nivaai.com/tr?f=67809ed156accf698c802524599a09d023fc8b57&sp=S-754890621&u=b50a3e8fe9c914cef312a296a4450862b81e7c45&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3715516230670867889
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3715516230670867889
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
392946
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
an-x-request-uuid
26b979ca-8acb-4b2c-a109-aa049a0fea3e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3715516230670867889
x-proxy-origin
5.181.234.134; 5.181.234.134; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
sync-criteo.ads.yieldmo.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=9f97d441f4444636c3f67b18cec10f49bf921729&sp=S-283719645&u=cfcd17ec7319e306a166aa165c6dbaad0c2207b3&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://sync-criteo.ads.yieldmo.com/sync?id=4d069421-8294-40fc-9f9b-fa1b4b78762e&pn_id=criteo&ext=1
43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=4d069421-8294-40fc-9f9b-fa1b4b78762e&pn_id=criteo&ext=1
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
18.204.84.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-84-59.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
bf8c1ab6-c8f5-4fc2-9991-1c1f61331d01
x-amzn-trace-id
Root=1-65574412-7df688b37c77bd9d3f555b9b;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://sync-criteo.ads.yieldmo.com/sync?id=4d069421-8294-40fc-9f9b-fa1b4b78762e&pn_id=criteo&ext=1
access-control-allow-origin
*
x-amz-apigw-id
OieS8Gb7oAMEcrw=
content-length
0
x-amz-cf-id
KfuYYzO_ybvr-Vc4I9hDwVytLt2e1aNSyDaG9TGR5uYvfnhqNTW4Xg==
access-control-allow-headers
*
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/
Redirect Chain
  • https://api.nivaai.com/tr?f=50d816a0c974b04d4441ca0b3e837ffc515e1506&sp=S-469872513&u=3b78f7c921324d7d7303805205ee8e9b400ca89e&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4d069421-8294-40fc-9f9b-fa1b4b78762e
0
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1995

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
e6908ead-9ea1-457b-863f-fd0513b589e2
x-amzn-trace-id
Root=1-65574412-2887130d63b09fe3553f2aa4;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8Gr8oAMEu0Q=
content-length
0
x-amz-cf-id
DwE6p5ShkIj1Jec5bW7oWFnn0TzNnyFmuAaeqa30BixcvNxcU0zomg==
access-control-allow-headers
*
sync
criteo-partners.tremorhub.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=f46adeadb3950a7cf9fcd0d17a68baaa13be848e&sp=S-920573186&u=2c7ceef4481901ec1c404517849bdbc435a1f8ee&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://criteo-partners.tremorhub.com/sync?UICR=4d069421-8294-40fc-9f9b-fa1b4b78762e
43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
2600:1f18:612b:4280:16a1:69e3:4d3c:d7f4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 17 Nov 2023 10:44:34 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
1f9f74f9-547f-46c6-925c-b0be3c21bc7c
x-amzn-trace-id
Root=1-65574412-457e0e5234ba1fa136d91bc4;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://criteo-partners.tremorhub.com/sync?UICR=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8FhpIAMEs0Q=
content-length
0
x-amz-cf-id
wYTMcdGKoOxinpL3dFYunRC19FpdxwQUqrWTOz--lVtpM8zM0nirkw==
access-control-allow-headers
*
cksync.php
contextual.media.net/
Redirect Chain
  • https://api.nivaai.com/tr?f=35de529461e52b1119d5c8ea0029316c5e5fa7d5&sp=S-537482901&u=f9ccdcf6d2e254b49ef01e96d490c34ecdf50ea1&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=4d069421-8294-40fc-9f9b-fa1b4b78762e
53 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 10:44:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Fri, 17 Nov 2023 10:44:34 GMT

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
941c1ad4-872a-4de6-9fc8-45a95b1cd716
x-amzn-trace-id
Root=1-65574412-3244b3bd192a73cc407d010e;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8EsPIAMEMig=
content-length
0
x-amz-cf-id
3CnZyEdesW-IHTelFAIxZaLzfE8s6ISbF9q4Oc46eMxXTeDIOAoaZw==
access-control-allow-headers
*
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=5a729f206aeb17edfd30fdac7043f3d8e11ace45&sp=S-815263974&u=7ec12f30e78b7ba22b11f3cc743f6f5daed7f57d&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
42 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
d22592cc-957c-4427-bd3f-051983289697
x-amzn-trace-id
Root=1-65574412-6f471ca575eb18d55000378e;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=4d069421-8294-40fc-9f9b-fa1b4b78762e&expires=30
access-control-allow-origin
*
x-amz-apigw-id
OieS8EbloAMEBxw=
content-length
0
x-amz-cf-id
0C9Mt0OVnyZE5mY-ZriMthHuLdxESJoWIGeyRWXPLvLaQENOiwODzA==
access-control-allow-headers
*
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://api.nivaai.com/tr?f=720332f281690805753f2f83ad415bbb2eb68a37&sp=S-297568410&u=04d0bbea8b9a652c488d655211583668789cee18&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
52.201.115.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-115-137.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
d13cb1ca-cbe4-4ade-8c98-330c97b36ebe
x-amzn-trace-id
Root=1-65574412-1a0cdf65611b441b388349fd;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8FjlIAMErsA=
content-length
0
x-amz-cf-id
N8nkyWOZDS_mKbr_T0pWtoPGvsvAL_tc9yHoCppa8MI06x2JPQE1Og==
access-control-allow-headers
*
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://api.nivaai.com/tr?f=d37ccd7a5f5e5be7dafe55443a379374b3018a06&sp=S-614972385&u=2fa307d78f0e2a2dc67168bab9d88b668a441ec4&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=4d069421-8294-40fc-9f9b-fa1b4b78762e
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
HTTP/1.1
Server
216.22.16.41 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
56f57d0f-90ed-40a6-af3d-c61bd25b7f64
x-amzn-trace-id
Root=1-65574412-73fd355b6150be5119bf5459;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8HVzIAMENzQ=
content-length
0
x-amz-cf-id
imJFr0-Yfmh0P2cBhU-VxaKzgkZH9hYCqEKPIN8VwCMyhDi3emtUsQ==
access-control-allow-headers
*
um
criteo-sync.teads.tv/
Redirect Chain
  • https://api.nivaai.com/tr?f=eb35ac08f3c3d3bf1f4d4bb4b9216728cec2e51a&sp=S-758392614&u=4b9903641f4a0f9066270e7298999cd8430099ff&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://criteo-sync.teads.tv/um?eid=80&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
23.56.163.154 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-154.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 17 Nov 2023 10:44:34 GMT
pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
7f6645c2-0a02-4e2f-a605-775e0fbba210
x-amzn-trace-id
Root=1-65574412-2f8e896126de5a176965a55b;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://criteo-sync.teads.tv/um?eid=80&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8HGrIAMEk9g=
content-length
0
x-amz-cf-id
GSVXxXQKnVGnqu8znBIB5S-CVdDZjGUogeQi84Vzmz9BdcdtUsuO6Q==
access-control-allow-headers
*
xuid
eb2.3lift.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=6747cc23f746153f2b2a7b602ecaccb9a7bd50a3&sp=S-908142673&u=a72c1de4414b04d8f890b3bc3d3aaf4e17195654&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://eb2.3lift.com/xuid?mid=2711&xuid=4d069421-8294-40fc-9f9b-fa1b4b78762e&dongle=013b
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=4d069421-8294-40fc-9f9b-fa1b4b78762e&dongle=013b
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
983e4526-d1b6-4be7-ba81-a88c54f20c3d
x-amzn-trace-id
Root=1-65574412-5565566656cdc65115627e07;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://eb2.3lift.com/xuid?mid=2711&xuid=4d069421-8294-40fc-9f9b-fa1b4b78762e&dongle=013b
access-control-allow-origin
*
x-amz-apigw-id
OieS8EdRoAMEARQ=
content-length
0
x-amz-cf-id
QLZAW2rnRK_wzw3azsmCFt9Fg1NF8n8pcrHuO5vQDxkF_HLzhX7quw==
access-control-allow-headers
*
sync
ups.analytics.yahoo.com/ups/58301/
Redirect Chain
  • https://api.nivaai.com/tr?f=fa3bbf1175eaaa621af07ec71d795fdafcb24f15&sp=S-326971458&u=21f4666dec325f4a4b4710f87ab6732088377337&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
a56809b0-bf61-4028-b089-a90809e6ed15
x-amzn-trace-id
Root=1-65574412-5aefdc9e0d00de6743412890;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8GAVoAMENrw=
content-length
0
x-amz-cf-id
SxTHX-kdKwJEBPYzWVlDMMXOxyO0LYN_qh-RMEIUte5la2h6Nf-88w==
access-control-allow-headers
*
idsync
tg.socdm.com/aux/
Redirect Chain
  • https://api.nivaai.com/tr?f=8727e54d6e13b409a2403aa659f030a6dd59210d&sp=S-690825437&u=51d12f19f79e8deec40d7f35a2eb45cc509f63a8&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
0
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
HTTP/1.1
Server
124.146.153.170 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

X-SO-Cluster-ID
0
Date
Fri, 17 Nov 2023 10:44:34 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=niva&dsp_uid=4d069421-8294-40fc-9f9b-fa1b4b78762e","cluster_id":0,"gdpr":false,"ipv4":"5.181.234.134","key":"ZVdEEsCo8YwAAJN0OIMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40367"}
X-SO-Key
ZVdEEsCo8YwAAJN0OIMAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40367
P3P
CP="See also http://www.scaleout.jp/privacy/"
Cache-Control
private
X-SO-HostName
a-ad40367.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng40.dc4p.scaleout.jp
X-SO-IP
5.181.234.134

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
5cd17a1b-8137-434f-a602-4c3134b236b2
x-amzn-trace-id
Root=1-65574412-305537747f353e3576406693;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8FoNIAMEIgQ=
content-length
0
x-amz-cf-id
bFUxSMNtuyy957aWsBX4GR0z0lDyHHzmnTv66VHKhDaoLbKxcMIuow==
access-control-allow-headers
*
sync
visitor.omnitagjs.com/visitor/
Redirect Chain
  • https://api.nivaai.com/tr?f=d118ec24b37db2b9f1ccadf241e4632ccb6790e3&sp=S-573964182&u=346a1dd908b89059217820e615719f5cc3da5024&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=4d069421-8294-40fc-9f9b-fa1b4b78762e
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
3.138.212.158 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-138-212-158.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
782c0e38-bedb-4608-89cf-fe7facabec02
x-amzn-trace-id
Root=1-65574412-4b2c02ae02fa667923b5989e;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8FfooAMEiJg=
content-length
0
x-amz-cf-id
-59RdCVeUijauYck0xfdJrPAT3zqRu1Nl0_FeW8uYIuphq7MFNwVuA==
access-control-allow-headers
*
rum
r.casalemedia.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=bf57843020d0f2b0dcfb9ec94410d3c3deb0fb7a&sp=S-812435679&u=e63568adcf6106c2f7e9176c17ec7132f883d6c5&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
43 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSFoeph6ecmJmOL%2FhX5liKvFjjtol74rMH3sseaYW8WsSq6%2BC3cpEwftcbwFGu9Fb9%2BIU1m3Fzb95%2BaukB%2BQHWtwefb7FRoubz6%2FMSECnTzakrUmRHbljcnFAHJpKbiMNbD9"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827761142d2e4201-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
8e4626a0-3a21-4fe2-8a8b-6c7643ae9e50
x-amzn-trace-id
Root=1-65574412-60f03b9a789a2b503bc05a40;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8ElAIAMEG7w=
content-length
0
x-amz-cf-id
REpQN5W6C_lsfutP_1bLw-OKn2tg5RSQDyP3yhpioTXE6hfRVhf4pA==
access-control-allow-headers
*
/
partner.mediawallahscript.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=ecab21dcaece99acd3bd66fae38db4331a45a7d4&sp=S-938176540&u=6348dcc6f5e862a2bb2c7b536d708d2663b07dfa&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e&custom=&tag_format=img&tag_action=sync&cb=
0
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e&custom=&tag_format=img&tag_action=sync&cb=
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
184.73.254.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-254-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
private, no-cache, must-revalidate, no-store, max-age=0
server
nginx
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
82c46610-d707-489a-923e-1404861177f2
x-amzn-trace-id
Root=1-65574412-02bde60013752a0a3da21120;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e&custom=&tag_format=img&tag_action=sync&cb=
access-control-allow-origin
*
x-amz-apigw-id
OieS8FDmIAMEJFg=
content-length
0
x-amz-cf-id
YWFJkVYgijZhxwtRwDXZHqh0Ehiv34ThQKO458v2ppd9_qJ7NsY03g==
access-control-allow-headers
*
match
ad.360yield.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=2da2e7f29a444e02a7e52c5d5a488a5d14f5d7ae&sp=S-642739185&u=8cfc590d34394c2ef0723049fbdeea93acdcdde9&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
44.197.77.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-77-254.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 10:44:34 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
3b8042bf-c4a5-42dd-9782-a479e9efcece
x-amzn-trace-id
Root=1-65574412-67d7feb565f91ff857332280;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8FJnoAMET9A=
content-length
0
x-amz-cf-id
Fy8SDEcXp549l_SIldxtcseD4Mc7Q8MtEH-mNSaqxgRq1SsLONQwOg==
access-control-allow-headers
*
sync
matching.ivitrack.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=e75980556eaeb9f2ac6ac8d45f1cbe771f427983&sp=S-795682431&u=91432ca9eecf758860845d8f9400c2f7a59ccad2&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://matching.ivitrack.com/sync?realm=niva&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=niva&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:33 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
13ded223-9d90-4c8d-a3cb-6d7c5c9951bc
x-amzn-trace-id
Root=1-65574412-304d69ab2e2d9f2c741fd8dd;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://matching.ivitrack.com/sync?realm=niva&uid=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8FwRoAMECZg=
content-length
0
x-amz-cf-id
OHDQI7F7xpDf5zfODVz49rifL08psTEh5s4ramBUk6PuNTxFD0uvGQ==
access-control-allow-headers
*
35759
i6.liadm.com/s/
Redirect Chain
  • https://api.nivaai.com/tr?f=efd86e105013597855154feb5f5b4a4256397333&sp=S-318674529&u=ff81ad8dbf0046097baa9c3be3bb85ec8afe33a3&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3425455830206429616
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=696d5bcb-a0c4-4453-a036-7af42f9a45d1
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=696d5bcb-a0c4-4453-a036-7af42f9a45d1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=696d5bcb-a0c4-4453-a036-7af42f9a45d1
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:f0c6:ec14:4b0d:2411 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 10:44:34 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=696d5bcb-a0c4-4453-a036-7af42f9a45d1
Date
Fri, 17 Nov 2023 10:44:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
push
exchange.mediavine.com/usersync/
Redirect Chain
  • https://api.nivaai.com/tr?f=9f088d50c82a135f4a2c97b4e4ffbacefecal139&sp=S-829541076&u=f27de6c2072ec7b8298bf7817723af9fbb265cc2&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=4d069421-8294-40fc-9f9b-fa1b4b78762e
0
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
3.211.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-29-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
40476211-a1ac-4873-9204-72b534812974
x-amzn-trace-id
Root=1-65574412-09448a6064d35aff36934308;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8FvpIAMEpkQ=
content-length
0
x-amz-cf-id
eNJniVVeSYUGa1mGupWyBgPSBTdZs5o97U_GryUhnbR4YcoZfUFfYA==
access-control-allow-headers
*
c.gif
c.bing.com/
Redirect Chain
  • https://api.nivaai.com/tr?f=aaidc180e92278a7cc930079632585e48adf97ab&sp=S-615239870&u=7becd6406b1f8918e6159bb49a0735bdb10b2187&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=4d069421-8294-40fc-9f9b-fa1b4b78762e
42 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F738C4A0B8C541E09E3A1A5A5411BE9F Ref B: EWR30EDGE1406 Ref C: 2023-11-17T10:44:34Z
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
6d6d4464-a41a-4946-a33b-c7a58e7c6602
x-amzn-trace-id
Root=1-65574412-0f0feb034ae8eb5f101827b8;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8HodoAMEE5Q=
content-length
0
x-amz-cf-id
GrSuNeG5trXfMBtVhM66FMwq4h3vCIlo0cyIyCQgQRAMXOairnYYoA==
access-control-allow-headers
*
1017
jadserve.postrelease.com/suid/
Redirect Chain
  • https://api.nivaai.com/tr?f=6cda20d25a20df7c58b358f9c7a1b76260e6dc34&sp=S-470638592&u=2526a56da4de76625aed68c63a7a21b3a698f8ed&na=4d069421-8294-40fc-9f9b-fa1b4b78762e
  • https://jadserve.postrelease.com/suid/1017?vk=4d069421-8294-40fc-9f9b-fa1b4b78762e
43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=4d069421-8294-40fc-9f9b-fa1b4b78762e
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Server
3.232.219.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-219-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 10:44:34 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
51ef82b0-6bd4-4ed4-8577-5b2ad2457643
x-amzn-trace-id
Root=1-65574412-095f745463bdfa88428c5483;Sampled=0;lineage=fc8b8e8b:0
x-cache
Miss from cloudfront
content-type
application/json
location
https://jadserve.postrelease.com/suid/1017?vk=4d069421-8294-40fc-9f9b-fa1b4b78762e
access-control-allow-origin
*
x-amz-apigw-id
OieS8HUUoAMEZJg=
content-length
0
x-amz-cf-id
HpBkzda0xpE75HzbHX1NTHtUuWDsLenE128PtryaJKsd-STX-pY9rQ==
access-control-allow-headers
*
main.MTdjYzNiZDU2MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		417 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHEF1OBC77UAAU7KU0H0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.208 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id
a38c31d
date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023110908143792A24FFEC9F8D8E5356B
vary
Accept-Encoding
x-cache
TCP_HIT from a184-51-148-204.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01104831bbfb6b196ae59a850efc0b1bb80b1bc8e4459f5098496b7b833e45623bdab569a2e3c4bcd1ca95795a0bd2933a6fc4d09a63d79fff2a2b168cd13c9f1b6e0c8d7949ecd56813a8f684cb6729be5491ed8b9100be2539c863eecee2f33d
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length
110602
211021221.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/211021221.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a9ae3d49c9ea02f3915ad9c400addeefabaa073c58a17cedab13334b6db9a87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Fri, 17 Nov 2023 10:44:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B331E3036E3641CC8566396F03765200 Ref B: EWR30EDGE1406 Ref C: 2023-11-17T10:44:34Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=211021221&tm=gtm002&Ver=2&mid=46dc2463-ee2d-4718-bcb1-584b84672fb2&sid=4b66a7d0853611ee8e608d8f3c685772&vid=4b66ea30853611ee854845245e079cb5&vids=0&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20In%20with%20Auth0&p=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DX1lfdVBiWTM4Lm9%252BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%253D%253D%26code_challenge%3DzcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&r=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2F&lt=1125&evt=pageLoad&sv=1&rn=809967
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 10:44:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 23C97FB1A30948F5AC2C081B3DC7B895 Ref B: EWR30EDGE1406 Ref C: 2023-11-17T10:44:34Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11223038493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11223038493/?random=1700217874444&cv=11&fst=1700215200000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116618575&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DX1lfdVBiWTM&ref=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2F&frm=0&tiba=Sign%20In%20with%20Auth0&fmt=3&is_vtc=1&cid=CAQSKQDICaaNC3_HdYs_yew5xgmdntmKjD-oxBA02iuqkUkBzDpHWv2aGu-L&random=1386607341&rmt_tld=0&ipr=y
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
rs.fullstory.com/rec/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
caa7941d9aaa93375c7bc8a681a3d6431b5975254c0630471cecb2fef043b227

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth-staging.paystubs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1455
211021221
www.clarity.ms/tag/uet/ 		692 B
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/211021221
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/211021221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5f8a659ee9bc475773c7d3b015253bc346f88416a728d81a03ab9d29c1f8e28

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
-1
date
Fri, 17 Nov 2023 10:44:34 GMT
x-azure-ref
20231117T104434Z-by9apsnpnx1bbfk29mc36yrfbs00000001u0000000001nen
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
692
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
banner.js
js-eu1.hs-banner.com/v2/139577915/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-banner.com/v2/139577915/banner.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762d414bf2714b6fe76639bc1fbcc33aa9ba3864ca7fde6659cb84742b064fc2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
x-amz-version-id
aBUAtUHU47qpA0dGyZw_4AJxLA7wBeFR
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
685TFCKTZ2AXY395
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
7c3dd653-1df9-497a-928c-cafa8ad3ddc6
age
34
x-envoy-upstream-service-time
54
x-amz-id-2
mM2jP2Dn4KsVL2f9DcFX8znt7GgFVuUQOFenBGt8kzaFsuSjTMtMjzTl49CStOyMHXnz13ObGRQ=
x-evy-trace-listener
listener_https
x-request-id
7c3dd653-1df9-497a-928c-cafa8ad3ddc6
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 18 Oct 2023 18:58:40 GMT
server
cloudflare
etag
W/"2b95f3416152c0ff9c468601d615a158"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
vary
origin, Accept-Encoding
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-6bfd96c9d5-v5rkj
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8277611479c956e5-DUB
expires
Fri, 17 Nov 2023 10:49:00 GMT
fb.js
js-eu1.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hsadspixel.net/fb.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
x-amz-version-id
MNLx4JOx3WSJAJIp0HalotEMdYQEQdMj
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P2
age
459
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.494/bundles/pixels-release.js&cfRay=81ebe2c3589a34fb-DUB
x-cache
Hit from cloudfront
x-hubspot-correlation-id
0d4de842-e951-4767-93da-087a052c939d
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
6
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0d4de842-e951-4767-93da-087a052c939d
last-modified
Fri, 27 Oct 2023 13:56:49 UTC
server
cloudflare
etag
W/"14edbc97b72939e54b0993394190ecf8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-797758f45b-8q8m9
cf-ray
827761147f191b88-DUB
x-amz-cf-id
vwE3P1MlSOUGDDdxEF73hv2aGk4vH2dWsBAjLg-d59wMG4MTPSUpEQ==
x-hs-target-asset
adsscriptloaderstatic/static-1.494/bundles/pixels-release.js
collectedforms.js
js-eu1.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://auth-staging.paystubs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
x-amz-version-id
XYPPFvciWFKtpS2hNgrEqmNT6fxOdL.H
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-cf-pop
FRA56-P2
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
1dbe0eac-d5d3-4303-9c49-b6e88299a523
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.433/bundles/project.js&cfRay=823e0c217ba134f5-AMS
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1dbe0eac-d5d3-4303-9c49-b6e88299a523
last-modified
Mon, 23 Oct 2023 13:11:34 UTC
server
cloudflare
etag
W/"7864f8fd485be672e98358eb894b6fd7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-6bf864b4cf-8nzrq
cf-ray
827761147c129582-DUB
x-amz-cf-id
FuinHjs6Kys45QuaiY-Lh7Neze-_WuTgDp3d4miR8DwxAld-GdnHdA==
x-hs-target-asset
collected-forms-embed-js/static-1.433/bundles/project.js
139577915.js
js-eu1.hs-analytics.net/analytics/1700217600000/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-analytics.net/analytics/1700217600000/139577915.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8fa502aa6e698f52859119ae625a5eb218eb7d144c97a7e48fb3bf7cee4825a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
NPTE8YB218F7HZJK
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
74e9ca75-7cd6-4493-8be8-218706ba7b51
age
34
x-envoy-upstream-service-time
21
x-amz-id-2
Q8kZ/h01W8J2Op5ZSDyqTPys7czQD5YQnenNB6dKTs07T3zrZcbenQ2pf9V3Op7t7Z46sleJ1S4=
x-evy-trace-listener
listener_https
x-request-id
74e9ca75-7cd6-4493-8be8-218706ba7b51
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 15 Nov 2023 17:37:36 GMT
server
cloudflare
etag
W/"47bdb8ef1d8750ec8799b9327e2b590f"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-685c9bd749-n4wfp
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
827761147e9f56fd-DUB
expires
Fri, 17 Nov 2023 10:49:00 GMT
identify_bb163.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.208 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id
a38c32e
date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023110908143792A24FFEC9F8D8E53570
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-51-148-204.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01104831bbfb6b196ae59a850efc0b1bb80b1bc8e4459f5098496b7b833e45623bdab569a2e3c4bcd1ca95795a0bd2933a6243b2bf3b03dec8e7f9480c4ff92f4eef2ac59b732af75cecf7d85a95aa600d62739369400d06f9a9ac5dc91e98c94c
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
36076
pixel
analytics.tiktok.com/api/v2/ 		0
791 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.208 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
28fb798.a38c333
date
Fri, 17 Nov 2023 10:44:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-51-148-204.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time
50,184.51.148.204
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=42, inner; dur=35
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231117104434A1B4D155E2106E81FEA2
x-cache-remote
TCP_MISS from a23-220-104-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
42,23.220.104.198
x-tt-trace-host
018b9ce44e0c487113b05e27c266db62bc72ebaafb67e3bc46a7c028ac379a69b671c15adfffadab2d62841308f8060ddba25b789ecb2b383c8be35441a1d561acdb3ebb1d256da24003ea11d8b9ee7dd35815c522abd5e6c9df8befd861e15aaf39234d4a016c4f15b5acfd523873c88d
access-control-allow-headers
Authorization,*
expires
Fri, 17 Nov 2023 10:44:34 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=280638974420595&ev=PageView&dl=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DX1lfdVBiWTM4Lm9%252BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%253D%253D%26code_challenge%3DzcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&rl=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2F&if=false&ts=1700217874625&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1700217873812.1644726128&ler=other&it=1700217874497&coo=false&tm=1&rqm=GET
Requested by
Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 17 Nov 2023 10:44:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
clarity.js
www.clarity.ms/s/0.7.13/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.13/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/211021221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
br
last-modified
Tue, 17 Oct 2023 11:58:02 GMT
etag
W/"0x8DBCF0850CC9F3D"
vary
Accept-Encoding
x-azure-ref
20231117T104434Z-by9apsnpnx1bbfk29mc36yrfbs00000001u0000000001net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
108a9dd9-101e-0065-498d-18809f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
collect
v.clarity.ms/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 10:44:34 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Origin
Access-Control-Allow-Origin
https://auth-staging.paystubs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
act
analytics.tiktok.com/api/v2/pixel/ 		0
791 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.208 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
22eecd56.a38c379
date
Fri, 17 Nov 2023 10:44:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-51-148-204.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time
27,184.51.148.204
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=19, inner; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023111710443464126380D3E084A18408
x-cache-remote
TCP_MISS from a23-220-104-202.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,23.220.104.202
x-tt-trace-host
018b9ce44e0c487113b05e27c266db62bc72ebaafb67e3bc46a7c028ac379a69b6341249fce4613d14a7b02c1517c83dfe71dc56c9a96684a5341f3facd4e314cd3e1f12c6f75b66b83f4d4133dde25ca2898e0fbc3c504b5d4fc81f2ca0a4850c356f7720dcfbb63882fd0f64d992e4ee
access-control-allow-headers
Authorization,*
expires
Fri, 17 Nov 2023 10:44:34 GMT
json
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		117 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=139577915
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3200::90:0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10bdda36dcff1675fc2c5a6db3302e6a3b5addb65fc342cb59ad10ebb2a29661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
9fe1c4fb-69c3-4963-b65e-47e0edbc42a4
content-encoding
br
x-envoy-upstream-service-time
16
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9fe1c4fb-69c3-4963-b65e-47e0edbc42a4
server
cloudflare
x-trace
2BB7A57586FD2482BEEE5D00D9C64A8B9366925305000000000000000000
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://auth-staging.paystubs.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-7695f4b84d-54t25
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRh1Xer%2FIy5sCY2tguk9e6Jiexc%2Ff1HyVZvIzA1r3W%2FBpc911NIYmUySF%2FbZpbOeXtouUIhOppjDcpdQxS%2FIpy3cwXUDoAo6nXVUXFmZfePJ0iUhveZR8su7GMUEUHCukw6%2Bm7NiSnJ9Gv5Yy7CFGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
827761175f691b96-DUB
access-control-allow-headers
*
collect
v.clarity.ms/ 		0
325 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 17 Nov 2023 10:44:34 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Origin
Access-Control-Allow-Origin
https://auth-staging.paystubs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 		117 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=139577915&utk=
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52849fa881a24ed0355833bb931e752f4e992ceb77b2dfd878874f4e4166ee2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
20bfbce9-b229-42f1-9f34-d28df546d0ca
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
20bfbce9-b229-42f1-9f34-d28df546d0ca
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://auth-staging.paystubs.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-7b8bd784bd-l92zw
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
827761165f6c9582-DUB
frame.html
dntcl.qualaroo.com/ Frame 08AC 		323 B
709 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dntcl.qualaroo.com/frame.html
Requested by
Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/83441/jkd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=604800
cdn-cache
HIT
cdn-cachedat
07/10/2023 15:17:54
cdn-edgestorageid
885
cdn-fileserver
639
cdn-proxyver
1.03
cdn-pullzone
99568
cdn-requestcountrycode
US
cdn-requestid
59ad1d6ac4466e9a1d1669b81f7ff238
cdn-requestpullcode
206
cdn-requestpullsuccess
True
cdn-status
200
cdn-storageserver
DE-571
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding
gzip
content-type
text/html
date
Fri, 17 Nov 2023 10:44:34 GMT
last-modified
Sun, 09 Jul 2023 20:56:17 GMT
server
BunnyCDN-NY1-885
vary
Accept-Encoding
challenge
auth-staging.paystubs.com/usernamepassword/ 		18 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-staging.paystubs.com/usernamepassword/challenge
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:a718 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Auth0-Client
eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOC4xIn0=
Referer
https://auth-staging.paystubs.com/login?state=hKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=X1lfdVBiWTM4Lm9%2BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%3D%3D&code_challenge=zcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 10:44:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
ca3359cb18b4d77e4bf7
alt-svc
h3=":443"; ma=86400
content-length
18
server
cloudflare
etag
W/"12-9fs4x/hyJ5DkqQF2LYZkOdHRWWM"
x-ratelimit-remaining
99
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
x-ratelimit-reset
1700217876
x-ratelimit-limit
100
cf-ray
82776116aa83435c-EWR
widget.js
paystubs-help.freshchat.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://paystubs-help.freshchat.com/js/widget.js
Requested by
Host: pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
URL: https://pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.64.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
__ptq.gif
track-eu1.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=220916345&v=1.1&a=139577915&r=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2F&pu=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DX1lfdVBiWTM4Lm9%252BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%253D%253D%26code_challenge%3DzcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&t=Sign+In+with+Auth0&cts=1700217874988&vi=adcab43964f19a580c57fb1144acc1d3&nc=true&u=125208469.adcab43964f19a580c57fb1144acc1d3.1700217874985.1700217874985.1700217874985.1&b=125208469.1.1700217874985&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
737cef6a-9dfb-4eb4-890f-0ce6b35d85e7
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
2
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
737cef6a-9dfb-4eb4-890f-0ce6b35d85e7
last-modified
Fri, 17 Nov 2023 10:44:35 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NawBX9xG8CcOEUfqb0S61QUBAu48PGxEkyxry9Pauk7zn978Klrc2KjMSd3sj0vzZuVGLMSpDkk0PfYkIBDaoVvMv2xcuiV3wbDrfn2wQn2BZX%2FbNP8HYqG%2F9dzcabzEB1Dkf8UWZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-c45b89896-h6gkd
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
827761186e17711e-DUB
x-robots-tag
none
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 10:44:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
78c0d2cd-b64e-4e5e-8f79-cb553c3c4f23
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
78c0d2cd-b64e-4e5e-8f79-cb553c3c4f23
Server
cloudflare
X-Trace
2B9154C1E21B275516F5FF4AC5C1B62D6A3C693FE7000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-6974cf5977-5t9q2
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
82776118af571b95-DUB
collect
gtm.paystubs.com/g/ 		65 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm.paystubs.com/g/collect?v=2&tid=G-MDB3MHPDXM&gtm=45je3b81v9117494111z89116618575&_p=1700217874301&gcd=11l1l1l1l1&dma=0&cid=2078854251.1700217874&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=US&sst.gse=1&sst.gcd=11l1l1l1l1&sst.tft=1700217874301&_s=1&sid=1700217873&sct=1&seg=1&dl=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DX1lfdVBiWTM4Lm9%252BTmZMOFdwelRMLUdXMmxWTVk5MWE5TTNmcFZUd2FEZA%253D%253D%26code_challenge%3DzcIlWtRxGh0zPkiS7nZgWPd_KjSmL8pXyFLkE7ZYnX0%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&dr=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2F&dt=Sign%20In%20with%20Auth0&en=page_view&ep.timestamp=2023-11-17%2000%3A44%3A34&tfd=1869&richsstsse
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.123.193.35.bc.googleusercontent.com
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:35 GMT
x-content-type-options
nosniff
content-type
text/plain
access-control-allow-origin
https://auth-staging.paystubs.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-accel-buffering
no
js
www.googletagmanager.com/gtag/ 		231 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11223038493
Requested by
Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6dd7d896b85ad3a10e5c19231f20df4d77e39b82b2869cb30b4b59daa3f8a6eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81634
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Nov 2023 10:44:35 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11223038493&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60266cddb2a9636c88b651f5c0fe511dcfefb8656d66286e93eb10f5b04b3869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:44:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81642
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Nov 2023 10:44:35 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/?random=1700217875299&cv=11&fst=1700217875299&bg=ffffff&guid=ON&async=1&gtm=45be3b81&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DX1lfdVBiWTM&ref=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20with%20Auth0&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=308205673.1700217873&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11223038493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0ae1ff2feff6337bd3f009b4dbe34d17d0124f7c20e013eb66fa522f7307a9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1626
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11223038493/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11223038493/?random=1700217875299&cv=11&fst=1700215200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBTRFBGLXc2djM3em1zV0tTWFFwVzlJUi1TcE94WHpIUaFupWxvZ2luo3RpZNkgUG9VcGFBa3hUUTVPbWJxZ3BuMFByelcwWFZ2amRZNnGjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DX1lfdVBiWTM&ref=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2F&frm=0&tiba=Sign%20In%20with%20Auth0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN1ask3C0iPX-YfExjwqFa8xOU9rORbqVwY7Qk1j-OFsozdqPt&random=3621614746&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 10:44:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=MCM6B&UserId=55757608-de0d-4a25-b3df-0bee77c68c31&SessionId=f5f257f2-8e8e-4739-b1b1-814821aff098&PageId=f674159a-be60-4857-88ec-2a901e81bde5&Seq=1&PageStart=1700217874630&PrevBundleTime=0&LastActivity=830
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
3abfece5399545e3db71f772b1a3c4698a58475866ba4052b49a38a158cd8b74

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://auth-staging.paystubs.com
date
Fri, 17 Nov 2023 10:44:35 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gtm.paystubs.com
URL
https://gtm.paystubs.com/g/collect?v=2&tid=G-MDB3MHPDXM&gtm=45je3b81v9117494111z89116618575&_p=1700217872853&gcd=11l1l1l1l1&dma=0&cid=2078854251.1700217874&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=US&sst.gse=1&sst.gcd=11l1l1l1l1&sst.tft=1700217872853&_s=1&sid=1700217873&sct=1&seg=0&dl=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Flogin&dt=PayStubs&en=page_view&_fv=1&_nsi=1&_ss=1&ep.timestamp=2023-11-17%2000%3A44%3A33&tfd=1501&richsstsse
Domain
www.woopra.com
URL
https://www.woopra.com/track/ce/?project=paystubs.com&instance=woopra&meta=&screen=1600x1200&language=en-US&app=js-client&referer=&cookie=wITB377MXqim&event=pv&timeout=600000&idptnc=umizqhXiu3WZ&ce_url=%2Flogin&ce_title=PayStubs&ce_domain=pcom-react-pavlo-jira-fixes.react-dev.paystubs.com&ce_uri=https%3A%2F%2Fpcom-react-pavlo-jira-fixes.react-dev.paystubs.com%2Flogin&ce_scroll%20depth=0&ce_returning=false
Domain
ade.clmbtech.com
URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=0763cc37-537a-49dd-812f-59ca3bb254e5
Domain
ad.tpmn.co.kr
URL
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=0763cc37-537a-49dd-812f-59ca3bb254e5
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=0763cc37-537a-49dd-812f-59ca3bb254e5&expires=30
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=0763cc37-537a-49dd-812f-59ca3bb254e5
Domain
live.rezync.com
URL
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f77e269f-04f2-4079-b9ab-5d3768580996
Domain
jadserve.postrelease.com
URL
https://jadserve.postrelease.com/suid/1017?vk=0763cc37-537a-49dd-812f-59ca3bb254e5
Domain
js-eu1.hs-banner.com
URL
https://js-eu1.hs-banner.com/v2/139577915/banner.js
Domain
js-eu1.hsadspixel.net
URL
https://js-eu1.hsadspixel.net/fb.js
Domain
js-eu1.hscollectedforms.net
URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Domain
js-eu1.hs-analytics.net
URL
https://js-eu1.hs-analytics.net/analytics/1700217600000/139577915.js
Domain
v.clarity.ms
URL
https://v.clarity.ms/collect
Domain
rs.fullstory.com
URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=MCM6B&UserId=55757608-de0d-4a25-b3df-0bee77c68c31&SessionId=f5f257f2-8e8e-4739-b1b1-814821aff098&PageId=3cf7eb5c-7cb3-40c7-800b-b47f3eeb416e&Seq=1&PageStart=1700217873838&PrevBundleTime=0&IsNewSession=true&SkipResponseBody=true
Domain
bat.bing.com
URL
https://bat.bing.com/actionp/0?ti=211021221&tm=gtm002&Ver=2&mid=5fcb9008-00bb-4397-b2f9-0bd9bc1fcdad&sid=4b66a7d0853611ee8e608d8f3c685772&vid=4b66ea30853611ee854845245e079cb5&vids=1&msclkid=N&evt=pageHide
Domain
www.woopra.com
URL
https://www.woopra.com/track/push/
Domain
v.clarity.ms
URL
https://v.clarity.ms/collect
Domain
o4505159641530368.ingest.sentry.io
URL
https://o4505159641530368.ingest.sentry.io/api/4505192500625408/envelope/?sentry_key=66b3d6bc5f5b4ac5ad1fdb2e4933582b&sentry_version=7&sentry_client=sentry.javascript.react%2F7.77.0

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| auth0 object| dataLayer object| config undefined| leeway undefined| convertedLeeway object| params function| displayError function| show_signup function| show_signin function| show function| hide function| show_sign_up function| hide_sign_up number| pwShown number| pwShowSignUp function| show_forget function| back object| google_tag_manager object| google_tag_data object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| fbq function| _fbq object| _fbq_gtm_ids object| GooglebQhCsO object| _kiq string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS function| initFreshChat function| initialize function| initiateCall string| TiktokAnalyticsObject object| ttq object| __woo object| woopra function| ntag object| process function| WoopraTracker function| WoopraLoadScript object| woopraTracker object| KI string| _fs_loaded function| _fs_shutdown function| UET function| UET_init function| UET_push function| lintrk object| ueto_1d275a46f1 object| uetq object| gaGlobal object| _hsp object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| clarity object| clarityuetq boolean| PIXELS_RAN object| enabledEventSettings object| _hsq boolean| _hspb_loaded boolean| _hspb_ran object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug boolean| _hstc_ran string| __hsUserToken number| expireDateTime

96 Cookies

Domain/Path Name / Value
auth-staging.paystubs.com/usernamepassword/login Name: _csrf
Value: BY1lCwsR6JYo9Fc16sVMaMZu
i.liadm.com/s Name: _li_ss
Value: CiIKBgiiARDCFgoGCNIBEMIWCgUIChDCFgoJCP____8HEMwW
i6.liadm.com/s Name: _li_ss
Value: CgA
pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/ Name: ki_r
Value:
.paystubs.com/ Name: _gcl_au
Value: 1.1.308205673.1700217873
.tiktok.com/ Name: _ttp
Value: 2YIfAoqlf8m6nWwRsk1N61KTQba
pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/ Name: ki_t
Value: 1700217872859%3B1700217872859%3B1700217873496%3B1%3B2
.bing.com/ Name: MUID
Value: 209278712A966AF637626BBD2B3E6BBD
.bat.bing.com/ Name: MR
Value: 0
.pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/ Name: wooTracker
Value: wITB377MXqim
.paystubs.com/ Name: _ga
Value: GA1.1.2078854251.1700217874
pcom-react-pavlo-jira-fixes.react-dev.paystubs.com/ Name: _na
Value: 0763cc37-537a-49dd-812f-59ca3bb254e5
auth-staging.paystubs.com/ Name: did
Value: s%3Av0%3A4b880e40-8536-11ee-acb2-f50457bc9f4b.TWpmTLhj6JY4BQFDY1V1Wn15Drfxp%2FLJ0Xt%2FLVPDh3M
auth-staging.paystubs.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQO_qasFzDVkMAWjyHCICno8CRJmV89zOqhywz4aydvEnz9Lf2MnB7nf6OXRdwzjV4EBfUA07t1QzJ3pTvGkrJEGmY29va2llg6dleHBpcmVz1_-2oO4AZVs4ka5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.urnM7KLwYaQtgH1xqSVsvU9GazzgS2opCdQzkiL8tO0
auth-staging.paystubs.com/ Name: did_compat
Value: s%3Av0%3A4b880e40-8536-11ee-acb2-f50457bc9f4b.TWpmTLhj6JY4BQFDY1V1Wn15Drfxp%2FLJ0Xt%2FLVPDh3M
auth-staging.paystubs.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQO_qasFzDVkMAWjyHCICno8CRJmV89zOqhywz4aydvEnz9Lf2MnB7nf6OXRdwzjV4EBfUA07t1QzJ3pTvGkrJEGmY29va2llg6dleHBpcmVz1_-2oO4AZVs4ka5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.urnM7KLwYaQtgH1xqSVsvU9GazzgS2opCdQzkiL8tO0
.paystubs.com/ Name: _fbp
Value: fb.1.1700217873812.1644726128
www.clarity.ms/ Name: CLID
Value: 817093307c4e467db267a8aecdd453cb.20231117.20241116
.paystubs.com/ Name: _tt_enable_cookie
Value: 1
.paystubs.com/ Name: _ttp
Value: iIRp_lpy3qM6JLuAEBeTKG9O0Br
.c.bing.com/ Name: MR
Value: 0
.adnxs.com/ Name: uuid2
Value: 3715516230670867889
.3lift.com/ Name: tluid
Value: 4623741592245038529208
.taboola.com/ Name: t_gid
Value: 4511e293-3cab-4cbf-8ebc-cfe0e27cbbb7-tuctc50c991
.taboola.com/ Name: t_pt_gid
Value: 4511e293-3cab-4cbf-8ebc-cfe0e27cbbb7-tuctc50c991
.doubleclick.net/ Name: IDE
Value: AHWqTUlEt_SNXLS1KB99am5GXHV3zpzesS7S3nkXKdCD0GR1-DPEJ2FJlJ1Hk43NmZ0
.casalemedia.com/ Name: CMID
Value: ZVdEEUTkh-8POUSUHyM1qAAA
.casalemedia.com/ Name: CMPS
Value: 146
.casalemedia.com/ Name: CMPRO
Value: 146
.liadm.com/ Name: lidid
Value: f77e269f-04f2-4079-b9ab-5d3768580996
.tremorhub.com/ Name: tvid
Value: c5210ea2af17457e8e01f739bb5eec84
.mediawallahscript.com/ Name: mCookie
Value: 4bba68e0-8536-11ee-988b-497e77fded25
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%7D
.smartadserver.com/ Name: pid
Value: 3664866981126833353
.smartadserver.com/ Name: TestIfCookieP
Value: ok
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%224bbc3da0-8536-11ee-a1b9-a314900d8d8d%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: mv_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%224bbc3da0-8536-11ee-a1b9-a314900d8d8d%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%224bbc3da0-8536-11ee-a1b9-a314900d8d8d%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%224bbc3da0-8536-11ee-a1b9-a314900d8d8d%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
.teads.tv/ Name: tt_viewer
Value: 6f7b64a8-cc92-40b9-badc-e70372ca8753
.media.net/ Name: visitor-id
Value: 3432194730813443000V10
.360yield.com/ Name: tuuid
Value: 05a67351-c6d4-43c3-9f5f-aeb21277944d
.360yield.com/ Name: tuuid_lu
Value: 1700217874
.sharethrough.com/ Name: stx_user_id
Value: 60724ce3-2925-43d8-9cd6-8cadc91a684e
.360yield.com/ Name: umeh
Value: !38,0,1762425874,-1
.yieldmo.com/ Name: yieldmo_id
Value: 3FM4WU7dd47JTOAoKzjS%7C1700179200000%7C0
.yahoo.com/ Name: A3
Value: d=AQABBBJEV2UCEJUtnrpkrDvr_hqZkLI0Lw0FEgEBAQGVWGVhZdxC0iMA_eMAAA&S=AQAAAmrjL_o4slzRcudgTLTZVx0
.c.bing.com/ Name: SRM_B
Value: 209278712A966AF637626BBD2B3E6BBD
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~2f3m
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 209278712A966AF637626BBD2B3E6BBD
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.bidswitch.net/ Name: c
Value: 1700217874
.bidswitch.net/ Name: tuuid_lu
Value: 1700217874
.bidswitch.net/ Name: tuuid
Value: 4e44dc9a-629d-4f61-9a79-a2e821c34912
m.stripe.com/ Name: m
Value: b5f6423f-31d6-4a51-a9c2-dd9881efd467dc1841
.omnitagjs.com/ Name: ayl_visitor
Value: 4be11c501c1043998605e2f046377033
.rezync.com/ Name: zync-uuid
Value: db2db2aa-1ace-483f-b36e-827f244e2e87:1700217874.1285012
live.rezync.com/ Name: sd-session-id
Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiZGIyZGIyYWEtMWFjZS00ODNmLWIzNmUtODI3ZjI0NGUyZTg3OjE3MDAyMTc4NzQuMTI4NTAxMiJ9.ZVdEEg.ldUFnhNsU4knp60U2n1cF5-cNqw
.tpmn.co.kr/ Name: uuid
Value: ec5ecbddc04346349f5323491290aff7
.auth-staging.paystubs.com/ Name: wooTracker
Value: 1uI6b1REsJIU
auth-staging.paystubs.com/ Name: _na
Value: 4d069421-8294-40fc-9f9b-fa1b4b78762e
.paystubs.com/ Name: _uetsid
Value: 4b66a7d0853611ee8e608d8f3c685772
.paystubs.com/ Name: _uetvid
Value: 4b66ea30853611ee854845245e079cb5
.paystubs.com/ Name: _ga_MDB3MHPDXM
Value: GS1.1.1700217873.1.1.1700217874.0.0.0
.adnxs.com/ Name: anj
Value: dTM7k!M4.FD>6NRF']wIg2GTzdUOv'!]tb:8i_il:z!9PUasDqN]RCpSjNv6Sjrt?Q-^AR^'A(8T(ALyDCS6JaZ:Wc?9'J0Rp?DI/X%W#.wL4W1Qw2Haj[0e
.ads.yieldmo.com/ Name: ptrcriteo
Value: 4d069421-8294-40fc-9f9b-fa1b4b78762e
.tremorhub.com/ Name: tv_UICR
Value: 4d069421-8294-40fc-9f9b-fa1b4b78762e
.smartadserver.com/ Name: csync
Value: 79:4d069421-8294-40fc-9f9b-fa1b4b78762e
exchange.mediavine.com/ Name: niva
Value: %7B%22id%22%3A%224d069421-8294-40fc-9f9b-fa1b4b78762e%22%2C%22version%22%3A%22niva%22%7D
.360yield.com/ Name: um
Value: !38,6mAB7w2xr6SwCf63B8siEzAbb00HeKnAPd6QUNvyS3VgUEcYismYvZW2YKAjdE6paDY,1707993874
.paystubs.com/ Name: fs_lua
Value: 1.1700217874628
.paystubs.com/ Name: fs_uid
Value: #MCM6B#55757608-de0d-4a25-b3df-0bee77c68c31:f5f257f2-8e8e-4739-b1b1-814821aff098:1700217873831::2#/1731753873
.media.net/ Name: data-c
Value: 4d069421-8294-40fc-9f9b-fa1b4b78762e~~3
.media.net/ Name: data-c-ts
Value: 1700217874
.paystubs.com/ Name: _clck
Value: 1k5haa1%7C2%7Cfgs%7C0%7C1416|2|fgs|0|1416
.rubiconproject.com/ Name: khaos
Value: LP2HTO7B-Y-CI5P
.rubiconproject.com/ Name: audit
Value: 1|rZzBA//7jt7uBJV0J+BrBhKtPgiH7m3oYrL3L3qo4biMaGpsUGBQ3nxDsWKxsya/DHMlAetLwTKM1KxoLazIt+aleybw1oy9Ba0etFFpiE1bJWCIrNqCvepDOq7rDPRaRiJ0YNbhFkIbjzcEVIzG6vVvcTnQD70VDDRywNtGMzPY2wQXDGpodUhHSswxfA6JpmvllXEtYN4=
.tpmn.co.kr/ Name: criteo
Value: 4d069421-8294-40fc-9f9b-fa1b4b78762e
.postrelease.com/ Name: visitor
Value: f7ad0f5e-0f1d-4671-bdf1-b91b2be9007d
.postrelease.com/ Name: status
Value: 0
.socdm.com/ Name: SOC
Value: ZVdEEsCo8YwAAJN0OIMAAAAA
.turn.com/ Name: uid
Value: 3425455830206429616
.adsrvr.org/ Name: TDID
Value: 696d5bcb-a0c4-4453-a036-7af42f9a45d1
.adsrvr.org/ Name: TDCPM
Value: CAESGQoKbGl2ZWludGVudBILCPaB5ouH2bM8EAUYBSABKAIyCwjk7Ni4ndmzPBAFOAE.
auth-staging.paystubs.com/ Name: ki_t
Value: 1700217874976%3B1700217874976%3B1700217874976%3B1%3B1
auth-staging.paystubs.com/ Name: ki_r
Value: aHR0cHM6Ly9wY29tLXJlYWN0LXBhdmxvLWppcmEtZml4ZXMucmVhY3QtZGV2LnBheXN0dWJzLmNvbS8%3D
.paystubs.com/ Name: __hstc
Value: 125208469.adcab43964f19a580c57fb1144acc1d3.1700217874985.1700217874985.1700217874985.1
.paystubs.com/ Name: hubspotutk
Value: adcab43964f19a580c57fb1144acc1d3
.paystubs.com/ Name: __hssrc
Value: 1
.paystubs.com/ Name: __hssc
Value: 125208469.1.1700217874985
.hubspot.com/ Name: __cf_bm
Value: fXh1baNazJfbOZnmNi8l_CMwJYrLRD1HzcG4SSraPKM-1700217875-0-AUBhCvwGKFgUGr1y1l3pv8UqMIegnBGuGy9PZp+/eMAxyR6REM7uIN/UYCmTstBIhS5/s/8ccOd0CbM55/tFZY0=
.hubspot.com/ Name: _cfuvid
Value: _FdO7MUqYAAoo0861avTWNySgOjWFu9cA2houlVipc4-1700217875332-0-604800000
.paystubs.com/ Name: FPID
Value: FPID2.2.Q%2FCRdEDme6JoAMz5pawXlmMCqrF%2BvTzrCmsH%2FUiMakE%3D.1700217874
.paystubs.com/ Name: FPLC
Value: hp9rnXW%2BeNezVQwkfC4ITAqmXalOhHwfqdTYaK0Zr2VwkOpPEMq3rQ9bHgigx%2BA%2F6nkJNcSEUbZLIj4TNsQ0Fu1RGUEbHIK%2Bl0E%2BPRDnknAdFNECOmxUAA3rG0KG7Q%3D%3D

6 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://wchat.freshchat.com/js/widget.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://wchat.freshchat.com/js/widget.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://v.clarity.ms/collect
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://v.clarity.ms/collect
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://paystubs-help.freshchat.com/js/widget.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.tpmn.co.kr
ade.clmbtech.com
analytics.tiktok.com
api-eu1.hubapi.com
api.nivaai.com
api.stripe.com
auth-staging.paystubs.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn-static.paystubs.com
cdn.auth0.com
cl.qualaroo.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d.turn.com
dis.criteo.com
dntcl.qualaroo.com
eb2.3lift.com
edge.fullstory.com
exchange.mediavine.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
googleads.g.doubleclick.net
gtm.paystubs.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
jadserve.postrelease.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
js-eu1.hscollectedforms.net
js.stripe.com
live.rezync.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
merchant-ui-api.stripe.com
o4505159641530368.ingest.sentry.io
partner.mediawallahscript.com
paystubs-help.freshchat.com
pcom-react-pavlo-jira-fixes.react-dev.paystubs.com
pixel.rubiconproject.com
q.stripe.com
r.casalemedia.com
r.stripe.com
rs.fullstory.com
rtb-csync.smartadserver.com
secure.adnxs.com
snap.licdn.com
static.woopra.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tg.socdm.com
track-eu1.hubspot.com
uploads-ssl.webflow.com
ups.analytics.yahoo.com
v.clarity.ms
visitor.omnitagjs.com
wchat.freshchat.com
widget.freshworks.com
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
www.nivaai.com
www.woopra.com
x.bidswitch.net
ad.tpmn.co.kr
ade.clmbtech.com
bat.bing.com
gtm.paystubs.com
jadserve.postrelease.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hsadspixel.net
js-eu1.hscollectedforms.net
live.rezync.com
o4505159641530368.ingest.sentry.io
pixel.rubiconproject.com
rs.fullstory.com
tg.socdm.com
v.clarity.ms
www.woopra.com
104.18.36.155
124.146.153.170
13.224.214.59
13.225.63.120
141.226.224.48
142.251.40.162
15.197.193.217
151.101.129.91
151.101.192.176
162.55.95.220
172.65.192.122
172.65.202.201
172.65.208.22
172.65.219.229
172.65.232.43
172.65.238.60
172.65.240.166
18.204.84.59
18.238.4.103
184.51.148.208
184.73.254.83
20.110.205.119
20.114.189.135
216.22.16.41
23.47.168.66
23.56.163.154
2600:141b:1c00:1d::172c:cb04
2600:141b:800::1726:a84a
2600:1f18:612b:4280:16a1:69e3:4d3c:d7f4
2600:1f18:ed:550a:f0c6:ec14:4b0d:2411
2600:9000:2511:7a00:10:474e:104a:2961
2606:4700::6813:a718
2607:f8b0:4020:804::2008
2607:f8b0:4020:805::2004
2607:f8b0:4020:807::2002
2620:112:f002:bbbb::23
2620:1ec:46::40
2620:1ec:c11::200
2a02:6ea0:c454::1
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
2a06:98c1:3200::90:0
3.138.212.158
3.211.29.151
3.225.218.10
3.232.219.155
3.90.98.12
34.102.166.132
34.117.157.22
34.120.195.249
34.160.124.226
34.192.26.169
34.202.153.183
35.186.194.58
35.192.42.214
35.193.123.107
35.201.112.186
35.211.178.172
35.71.139.29
44.197.77.254
52.201.115.137
52.89.37.98
54.152.199.76
54.186.23.98
64.202.112.159
68.67.160.76
68.67.179.87
69.173.151.100
74.119.119.150
76.223.64.65
76.76.21.241
08e57da2e4e7172c19d9982a1ccc90402da5c4453093123e982e1fa7f9eccc8f
097e9aaff3e2b5bd9aa333c4f34092ad450260fa8240a48b556d3873faa3d679
0a346053390aa172aee9f1133395a3b49f9633fee85c59d27b744db045665ea4
0a39871377278f3eb590fc0d64a4b46137a8959030f6b3fe9b5c7ef7e7da2015
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10bdda36dcff1675fc2c5a6db3302e6a3b5addb65fc342cb59ad10ebb2a29661
11788b09fd68530090570b96be13fc8f3f76fd14ede52598b40f4421dc7e9c04
12c15d09c171fb3d000989e553e09f267ca5ddfec2827ba4f7620015df8e0225
1536be82ecfe4cf7eb46fafcbb5bbaa1f69c90971d2ec9058f134f471a18d62a
16cc99cad9524df10d0054894b8077353ed0045aa3fb5587e8e1d31fa0852ab1
1c29229a800cc364c4bdbd63abdd676f570302a3b90c618ffe54f54447bc0d83
1ce88aa2cd221354d7ba1a07337a09e1632241bc1d755c2db614b1de1c383217
200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492
20beff9c8aad2f98db1451d2d71b6ae4ef15c00ab8754c80509597a3d2581f45
2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4
25dae1888760b37dbff06288494fb41311061429bade1fc162aa8c6ca585e21d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8
2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3abfece5399545e3db71f772b1a3c4698a58475866ba4052b49a38a158cd8b74
3c4fe844b18496bf0be2ed42cc178e8039788647be2793f00a8e7972c69204ad
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
467ccbacec57c9cf78730076b29b925ebc5e809a49ec1f300a00dd108bb5f16c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52849fa881a24ed0355833bb931e752f4e992ceb77b2dfd878874f4e4166ee2a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5abe2682d02cfca8bed232e4eaf1b204c61d13f3c9c205757a32bf3f4dd1ef9e
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5c64435f07e61b7860c6fdfc7b918f7483557be76fba80d11dc075096d6f814f
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60266cddb2a9636c88b651f5c0fe511dcfefb8656d66286e93eb10f5b04b3869
62f9ffce81dd12ce204a19107f20c529600ff266ed9146551fb89c00d84072e0
65e824fcf534553c1cbfb6a8404a0e6fa966604c846bf5fc348b27d9ade63bb9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dd7d896b85ad3a10e5c19231f20df4d77e39b82b2869cb30b4b59daa3f8a6eb
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
762d414bf2714b6fe76639bc1fbcc33aa9ba3864ca7fde6659cb84742b064fc2
7a9ae3d49c9ea02f3915ad9c400addeefabaa073c58a17cedab13334b6db9a87
80b2f78cd58c98116e945004bee55da41f0506adacc10e362b75d95a4bdb24df
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
842cc4b7277aa4070e812687e553c32ebc03920c3a188cc0c7efcafa056e5453
878fa0dda1bf5303d4c094f42ba9f7b3aaff615c75b0f89ef4011ea9f5adcaf7
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9213bf77e387d83295bc8f3fbedd1f0d95601ab5f0a1f1b8927af599531c2b23
93b04a3a6e5c5e1fe28c7e7c0a50351b232c214b20fb91365711510283864b7b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9f7c8972392da7127e432e534201ce4056d0256d060157cec33a113e1e8029f6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ae1ff2feff6337bd3f009b4dbe34d17d0124f7c20e013eb66fa522f7307a9c
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a8fa502aa6e698f52859119ae625a5eb218eb7d144c97a7e48fb3bf7cee4825a
b04ba4d5260643ffb3391278327417e0ee2b05220260770cb6a21b1fd148dbd6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b536f65314dc13cbc151f417523851bacf1db4003d59c36deb9b63c43229a382
b9f22a64f27f322080e1f7a6e9754c4aa0eb4ba660322cb42416a489f5b3656a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd3dde64a6e766a4d1ed233c47cc6f6549b44b631dcb67594ff77c61b2c71bd5
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42
beec0d053c8f74c5fc8aeac7373378e9a1897eea0ed27e8edf56383f71201655
c01cdbf532e04e0405e5a197ca95d698bc179640c8e1945487a5db0a05923caa
caa7941d9aaa93375c7bc8a681a3d6431b5975254c0630471cecb2fef043b227
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddce5d923065edc47c2b3a1d0157f2cfc0d502566b43b1014a51cb18ebd77cb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd15c214dd7af23d3a1c8df699cfcac47b583c70aa96d30abb3b0c213d1b0fb
f5f8a659ee9bc475773c7d3b015253bc346f88416a728d81a03ab9d29c1f8e28
f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576