signin.aws.org Open in urlscan Pro
13.248.245.245 Public Scan

URL: https://my.aws.org/service
Title: My Account

URL: https://my.aws.org/Individual/ContactSignUp
Title: Become a Free User

URL: https://my.aws.org/Individual
Title: Become a Member

URL: https://my.aws.org/Corporate
Title: Become a Corporate Member

aea892e467587cd82.awsglobalaccelerator.com

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://signin.aws.org/ HTTP 302
https://my.aws.org/service HTTP 302
https://my.aws.org/ HTTP 302
https://signin.aws.org/oauth2/default/v1/authorize?client_id=0oa9owvgzafo3rhRb696&redirect_uri=https%3A%2F%2Fmy.aws.org%2Fservice&response_type=code&scope=openid%20profile%20email&code_challenge=su43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw&response_mode=form_post&nonce=638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1&x-client-SKU=ID_NET461&x-client-ver=6.16.0.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://secure.adnxs.com/px?id=1782352&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1782352%26t%3D2

Request Chain 38

https://ib.adnxs.com/seg?add=37159874 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D37159874

Request Chain 89

https://bcp.crwdcntrl.net/5/c=12671/seg=22.7.27/seg=22.10.1/seg=22.10.2/seg=22.10.3/seg=22.10.5/seg=22.10.8/seg=22.10.9/seg=22.10.11/seg=22.10.12/seg=22.10.15/seg=22.10.16/seg=22.10.17/seg=22.10.18/seg=22.10.19/seg=22.10.20/seg=22.10.21/seg=22.10.22/seg=22.10.23/seg=22.10.24/seg=22.16.6/seg=AWS HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=22.7.27/seg=22.10.1/seg=22.10.2/seg=22.10.3/seg=22.10.5/seg=22.10.8/seg=22.10.9/seg=22.10.11/seg=22.10.12/seg=22.10.15/seg=22.10.16/seg=22.10.17/seg=22.10.18/seg=22.10.19/seg=22.10.20/seg=22.10.21/seg=22.10.22/seg=22.10.23/seg=22.10.24/seg=22.16.6/seg=AWS

Request Chain 117

https://10176109.fls.doubleclick.net/activityi;src=10176109;type=assoc0;cat=aws-a0;ord=7123803034151;npa=0;auiddc=1709659985.1718112742;ps=1;pcor=414151139;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4650v9181793797za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0 HTTP 302
https://10176109.fls.doubleclick.net/activityi;dc_pre=CL3cgt7U04YDFe0VdgYdW9gD8g;src=10176109;type=assoc0;cat=aws-a0;ord=7123803034151;npa=0;auiddc=1709659985.1718112742;ps=1;pcor=414151139;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4650v9181793797za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0

Request Chain 130

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=73D1CDDB37DE414FA1887FF0CEAD61FF&RedC=c.clarity.ms&MXFR=0CBD2E0FF7BB6971251D3A94F3BB676D HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=73D1CDDB37DE414FA1887FF0CEAD61FF&MUID=18DCA89166A062C21B37BC0A67746308

141 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request authorize Show response
signin.aws.org/oauth2/default/v1/
Redirect Chain

https://signin.aws.org/
https://my.aws.org/service
https://my.aws.org/
https://signin.aws.org/oauth2/default/v1/authorize?client_id=0oa9owvgzafo3rhRb696&redirect_uri=https%3A%2F%2Fmy.aws.org%2Fservice&response_type=code&scope=openid%20profile%20email&code_challenge=su...

36 KB
16 KB

212ms
212ms

Document
text/html

13.248.245.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.aws.org/oauth2/default/v1/authorize?client_id=0oa9owvgzafo3rhRb696&redirect_uri=https%3A%2F%2Fmy.aws.org%2Fservice&response_type=code&scope=openid%20profile%20email&code_challenge=su43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw&response_mode=form_post&nonce=638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1&x-client-SKU=ID_NET461&x-client-ver=6.16.0.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.245.245 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a89ec8d90520e6032ca172f1a83d7523709efd75371a9f9af8f532b6f5a50a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Tue, 11 Jun 2024 13:32:21 GMT
Keep-Alive: timeout=5, max=99
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex,nofollow
accept-ch: Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store
content-language: en
content-security-policy-report-only: default-src 'self' awsau.okta.com signin.aws.org *.oktacdn.com; connect-src 'self' awsau.okta.com awsau-admin.okta.com signin.aws.org *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com awsau.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' awsau.okta.com signin.aws.org *.oktacdn.com; style-src 'unsafe-inline' 'self' awsau.okta.com signin.aws.org *.oktacdn.com; frame-src 'self' awsau.okta.com awsau-admin.okta.com signin.aws.org login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' awsau.okta.com signin.aws.org *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' awsau.okta.com signin.aws.org data: *.oktacdn.com fonts.gstatic.com
expires: 0
p3p: CP="HONK"
pragma: no-cache
referrer-policy: no-referrer
x-content-type-options: nosniff
x-okta-request-id: ZmhR5VXaATuvmB1sXZYnIwAACcM
x-rate-limit-limit: 60
x-rate-limit-remaining: 59
x-rate-limit-reset: 1718112801
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: private
content-length: 0
date: Tue, 11 Jun 2024 13:32:20 GMT
location: https://signin.aws.org/oauth2/default/v1/authorize?client_id=0oa9owvgzafo3rhRb696&redirect_uri=https%3A%2F%2Fmy.aws.org%2Fservice&response_type=code&scope=openid%20profile%20email&code_challenge=su43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw&response_mode=form_post&nonce=638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1&x-client-SKU=ID_NET461&x-client-ver=6.16.0.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 63ms
31ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: signin.aws.org
URL: https://signin.aws.org/oauth2/default/v1/authorize?client_id=0oa9owvgzafo3rhRb696&redirect_uri=https%3A%2F%2Fmy.aws.org%2Fservice&response_type=code&scope=openid%20profile%20email&code_challenge=su43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw&response_mode=form_post&nonce=638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1&x-client-SKU=ID_NET461&x-client-ver=6.16.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3710384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPYSaJa8BNBZxe2yYDSET9vd8x3gtQviIwuIko0pUIaablbaUV5Qp%2FLoMAfmexORjT0mvGNemXTy3puGq7e%2BCMKFZq9GzEy2VvDZFN1D7Ids9Z7gkyIRmkxMjPVK%2FLPEfQcSreh8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8921f77bac53ab9c-YYZ
expires: Sun, 01 Jun 2025 13:32:21 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/ 99 KB
17 KB 84ms
54ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1706790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17188
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62deef96-4324"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bt0CHTlaFU2DND943CfvGRSKPlViBxkzFDJAJNuINBKfeAcNLPlJKkuonrgh4wW6VheHst7%2B2bNWvH523nSnWARkKGxcKbPlx9B%2BpiESWsbypxrnr5r%2BzHmdgDxoByw2KZYiJ62l"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8921f77bac54ab9c-YYZ
expires: Sun, 01 Jun 2025 13:32:21 GMT

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
25 KB 60ms
31ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 625
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2505073
cdn-cachedat: 03/18/2024 12:50:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"450fc463b8b1a349df717056fbb3e078"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 21f548f3038b4b7ba5c2a46cd2c808c4
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8921f77bae5c39d8-YYZ
cdn-requestpullsuccess: True

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
15 KB 82ms
53ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 845
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2207617
cdn-cachedat: 01/15/2024 23:55:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d9546264512a0d1d1b72a704d75281bf
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8921f77bae5e39d8-YYZ
cdn-requestpullsuccess: True

GET
H/1.1 200
OK style-sheet
signin.aws.org/api/internal/brand/theme/ 606 B
3 KB 122ms
119ms Stylesheet
text/css 13.248.245.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.aws.org/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=b5630ce4c582ccbb9dc211f676ba8f6abce83cfc2d2d1c4db09e4876396c25ed1cc33833d42b1eb06c8b601382adfa7e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.245.245 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aea892e467587cd82.awsglobalaccelerator.com

Software

nginx /

Resource Hash

d2de9726d45a6699f1f20f5670feac4fe7cf319e27f12d486315a6b8e45a514a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' awsau.okta.com signin.aws.org .oktacdn.com; connect-src 'self' awsau.okta.com awsau-admin.okta.com signin.aws.org .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com awsau.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' awsau.okta.com signin.aws.org .oktacdn.com; style-src 'unsafe-inline' 'self' awsau.okta.com signin.aws.org .oktacdn.com; frame-src 'self' awsau.okta.com awsau-admin.okta.com signin.aws.org login.okta.com .vidyard.com com-okta-authenticator:; img-src 'self' awsau.okta.com signin.aws.org .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' awsau.okta.com signin.aws.org data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform-version: "10.0.0"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-okta-request-id: ZmhR5VXaATuvmB1sXZYnKAAACcM
Date: Tue, 11 Jun 2024 13:32:21 GMT
content-security-policy: default-src 'self' awsau.okta.com signin.aws.org *.oktacdn.com; connect-src 'self' awsau.okta.com awsau-admin.okta.com signin.aws.org *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com awsau.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' awsau.okta.com signin.aws.org *.oktacdn.com; style-src 'unsafe-inline' 'self' awsau.okta.com signin.aws.org *.oktacdn.com; frame-src 'self' awsau.okta.com awsau-admin.okta.com signin.aws.org login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' awsau.okta.com signin.aws.org *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' awsau.okta.com signin.aws.org data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit: 2400
x-content-type-options: nosniff
Content-Encoding: gzip
x-rate-limit-remaining: 2399
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
Server: nginx
accept-ch: Sec-CH-UA-Platform-Version
Vary: Accept-Encoding
Content-Type: text/css
x-rate-limit-reset: 1718112801
cache-control: max-age=31536000, must-revalidate
Keep-Alive: timeout=5, max=98
expires: Wed, 11 Jun 2025 13:32:21 GMT

GET
H2 200 okta-sign-in.min.js Show response
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/ 2 MB
505 KB 217ms
77ms Script
application/javascript 18.67.76.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/okta-sign-in.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9daf3347512399224f539e52835e58e95719f510297e544fed33e18a99bda076

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-sha1sum: 780804dd723a375058f81c58c0d4d8f9c3e85a0a
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
date: Wed, 05 Jun 2024 10:27:33 GMT
via: 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
age: 529487
x-cache: Hit from cloudfront
last-modified: Tue, 29 Nov 2022 22:22:15 GMT
server: nginx
etag: W/"e1e293ebd34a4b6e2155c41f9eed7073"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: m0jRayA4BmbzyFv4zjg0EBFVZwDFV4g2wxAjbcrv5lFjIW5hRBCyiA==
expires: Thu, 05 Jun 2025 10:27:33 GMT

GET
H2 200 okta-sign-in.min.css
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/ 222 KB
38 KB 179ms
41ms Stylesheet
text/css 18.67.76.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/okta-sign-in.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f82da44225ccffe54b17728bca07164af78a2807ca5c0f22bae83e07b9877575

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-sha1sum: f89344013d233a955e8765deee6ec272f477f859
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
date: Sat, 08 Jun 2024 07:45:11 GMT
via: 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
age: 280030
x-cache: Hit from cloudfront
last-modified: Tue, 29 Nov 2022 22:21:09 GMT
server: nginx
etag: W/"c9bf93734c591718e3e48bf20e27845a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: N9pWpp3QUAqiq6yBrjAP1zZOGWnKjnLbuVLMBDVmyqzrqfcWMzrLQw==
expires: Sun, 08 Jun 2025 07:45:11 GMT

GET
H2 200 custom-signin.73947dcedbe30f708373f1b3405f6417.css
ok14static.oktacdn.com/assets/loginpage/css/ 9 KB
3 KB 209ms
72ms Stylesheet
text/css 18.67.76.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

79e149cae4cee318fb0fc5beb4feec6880022de818efdb269f8cf90298d61a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-sha1sum: 35d16198401d1fd985775d017f4a337e2a74c215
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
date: Fri, 07 Jun 2024 10:58:10 GMT
via: 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
age: 354851
x-cache: Hit from cloudfront
last-modified: Thu, 14 Mar 2024 00:03:29 GMT
server: nginx
etag: W/"73947dcedbe30f708373f1b3405f6417"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: RvX-De5Fauoqz1E7r_URA4H-5LY7Sfh5wuATuDzykps781ejuATY7A==
expires: Sat, 07 Jun 2025 10:58:10 GMT

GET
H2 200 logo-site.png
my.aws.org/images/structure/ 3 KB
3 KB 151ms
150ms Image
image/png 68.66.137.215
ALLCOVERED-EAST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.aws.org/images/structure/logo-site.png
Requested by: Host: signin.aws.org
URL: https://signin.aws.org/oauth2/default/v1/authorize?client_id=0oa9owvgzafo3rhRb696&redirect_uri=https%3A%2F%2Fmy.aws.org%2Fservice&response_type=code&scope=openid%20profile%20email&code_challenge=su43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw&response_mode=form_post&nonce=638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1&x-client-SKU=ID_NET461&x-client-ver=6.16.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.66.137.215 , United States, ASN393571 (ALLCOVERED-EAST1-AS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bb75068935fb6b9ba1c0a473bc207ee9d8c3b9500a6297c0e0281fa86e2d864c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:21 GMT
last-modified: Mon, 03 Jun 2024 20:38:21 GMT
server: Microsoft-IIS/10.0
etag: "819394f9f5b5da1:0"
x-powered-by: ASP.NET
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 2577

GET
H2 200 fs08tib0p6Sf2MAaP697
ok14static.oktacdn.com/fs/bco/1/ 6 KB
6 KB 174ms
37ms Image
image/png 18.67.76.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok14static.oktacdn.com/fs/bco/1/fs08tib0p6Sf2MAaP697

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

738c31fb414f5f6372ee7180d83ce6f9cd86aef272da38358a521e6b992fc00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:22:05 GMT
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 074df32306fddeb7d54ca41312e6888e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
age: 1134616
x-cache: Hit from cloudfront
content-length: 6115
last-modified: Tue, 17 Oct 2023 12:38:36 GMT
server: nginx
etag: "86f924858fee41fd0ba92215415be0d3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: Ieng9UBqW9HO0D1H6U5j9GgE4g27y28VhhFV6xm-EqP86-OZqhbvMw==
expires: Thu, 29 May 2025 10:22:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 365 KB
113 KB 174ms
87ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3cded682d4429ceb9d18b33a1c742807ec1874918baa324ee279a92f5e26e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114841
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js Show response
ok14static.oktacdn.com/assets/js/mvc/loginpage/ 204 KB
76 KB 37ms
37ms Script
application/javascript 18.67.76.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js

Requested by

Host:
URL: OktaUtil.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-132-15.iad50.r.cloudfront.net

Software

nginx /

Resource Hash

6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-sha1sum: 91eca02abf11239ec4af7a30b1da6e2610f1b9a6
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
date: Sun, 09 Jun 2024 13:02:35 GMT
via: 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
age: 174587
x-cache: Hit from cloudfront
last-modified: Thu, 09 Nov 2023 01:10:29 GMT
server: nginx
etag: W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: oeIqeAyXm_URhj8OwhcAr3VIi4yaSE16CFz_hmbdUoK5m0bNQS2cgQ==
expires: Mon, 09 Jun 2025 13:02:35 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/webfonts/ 151 KB
152 KB 33ms
32ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 405346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 154840
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62deef96-25cd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MiU6RNO6G5ce7Nj2rUjg3y%2BgTFXdPILJ81Hts%2BKg8Usg0hYyYYkJ1Hxl6nnVZzBWtnTDgGAL6jCw040bcf9ZU%2F8f5XUlqT6fxQuQL4SkCwnvydiX2rWeTCW6NTprIbALOVPAld5x"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8921f77f5b30ab9c-YYZ
expires: Sun, 01 Jun 2025 13:32:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
107 KB 80ms
79ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4Z1B9GMBJL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d82368e4efce993fd661f9b3070e53cfd509f87e6b50cc1a80729cf48059052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109717
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
40ms Script
text/javascript 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 12:10:21 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4921
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 11 Jun 2024 14:10:21 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 78ms
78ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-939217791&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a82808468d89475c0ad42f3bdfd1970a7e9dec0bf4b100a42ef890face043cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83175
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 118ms
43ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 11 Jun 2024 13:32:21 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 45819FC76DDD403FA8CFDAF2F2812682 Ref B: NYCEDGE1315 Ref C: 2024-06-11T13:32:22Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 225 KB
82 KB 86ms
86ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698899790&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0cd442446461816770a9d997e50a0048acd98b9ee7609ba466af034d4a8da96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83394
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 80ms
80ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-823951548&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbf7c5d717d52b91c44115eff6b717a7062a72443e2f699280ef492fe3d3723c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86603
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 237 KB
84 KB 105ms
104ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698917351&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a884641f6d176a36a7d02592196b84b66636c586149c7179b32ab1031cb3c3a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86287
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 225 KB
82 KB 92ms
91ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698851026&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

101dc48016a976855fb061475dedcd46aba8a99f54515c03f9cae8943bc8d985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83396
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 82ms
81ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698852211&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e141d2e91af0eca84e54444a44adaa87839ef85d1dda49ed049f840f3917efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83093
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 265 KB
91 KB 182ms
182ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698900474&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0816a9a40ccecfb78a2217150b1d69df47c384ee40f8841d75d9b72e907eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93181
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 182ms
182ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698852250&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

312744e4e7c815437bdbd832503b05318d4aca20d26d0a6c7765eaa7ddcd0142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83091
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 182ms
182ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698900063&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

080abe696dd6e05665676c48bba598643910600f36210d84883894e3e1a351ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83125
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 192ms
186ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698916847&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30f4117ffb6012eccc2ddd8b1984ba6a97ce2bb1a602f2195a607aead08ead7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83114
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 191ms
188ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698852454&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f8e44fb770830c17d64fe8f350bd3a1e2322973dac2d61070e0901b7ead8894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83118
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 195ms
192ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698852031&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87ca36a6443c0fe39ebded269100a8419644ef671af0326335eab3c15ed28391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83137
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 231ms
229ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698917243&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1662d874fcd2d07a0e0abe3d238108f8f4b647856f2eeab4d9adadef96eed62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83093
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 237ms
234ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698899985&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14a6ffacba49b0178455b592a02f7d068725be0fd13b9162ea02e1fe2d753a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83122
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 195ms
193ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698900441&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b8727cee49e226d1fec406a9d4d5edf5a8b6d807556c2be2a094c7556409c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83119
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 234ms
232ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-698917033&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7804a34561c3694e115fd88ae4cfae45f23704d50e4c3a98da386455f068aa98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83117
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1609343/ 70 KB
22 KB 72ms
21ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1609343/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60ea479342c05e0eb25f4ee3341e310d8ad95a71ab8e14a994c8b27c50c43e76

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2D64mc4Bdq.ObhbeLWMVrMbPj95H7.Yg
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Jun 2024 13:32:22 GMT
x-amz-request-id: RGV1TBR29J35VCMZ
age: 15622
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21851
x-amz-id-2: c410akFd9tC9x1ZNAxp28/G8tOEl0MlUDWkZUHrnm8M18Zx3z3jtuDvM3sguUpGq0tkSYgm4Lmk=
x-served-by: cache-yyz4536-YYZ
last-modified: Sun, 09 Jun 2024 11:34:40 GMT
server: AmazonS3
x-timer: S1718112742.330236,VS0,VE1
etag: "5397f4bc09f6dbab3393809652536903"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 93
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 hotjar-3587914.js Show response
static.hotjar.com/c/ 18 KB
6 KB 150ms
41ms Script
application/javascript 52.85.132.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3587914.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.132.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fa06f24d6369f8f402fb13c285946677480487d5228ced67791f718625f2a9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 13:32:22 GMT
via: 1.1 48b970169016f7185b7cff9e185ee0b2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2
age: 30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/86edda96f849da58129e17076f5d7ea0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: qZ_x2J5n13CFkQwq-LQ1RXk5BWPwMIERLPLMyu83gRoO2E17nrmFOQ==

GET
H2 200 7723471.js Show response
js.hs-scripts.com/ 2 KB
1 KB 160ms
70ms Script
application/javascript 2606:4700::6810:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/7723471.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eac427daa6d26185e751090ee500acd8aa96fc2b711c5eb2d68dd50765836792

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: 168a698c-c995-4565-a1bf-913fc27f5f1d
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2503
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 168a698c-c995-4565-a1bf-913fc27f5f1d
cf-bgj: minify
last-modified: Tue, 11 Jun 2024 13:31:14 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.aws.org
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-bz48r
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 8921f77fdc134bbb-BUF
expires: Tue, 11 Jun 2024 13:33:52 GMT

GET
H2 200 launch-1d46b1fdc4ab.min.js Show response
assets.adobedtm.com/175f7caa2b90/91cd0aa8db80/ 52 KB
18 KB 114ms
30ms Script
application/x-javascript 2600:141b:e800:1192::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/175f7caa2b90/91cd0aa8db80/launch-1d46b1fdc4ab.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJMFVNQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d71097df5430fcb0005a2dec79054bdda41242894ac23196d7d6d39aa0ca10bf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 13:45:06 GMT
server: AkamaiNetStorage
etag: "0535eb0db944594e80ee0e35093168d2:1655905506.682346"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 17803
expires: Tue, 11 Jun 2024 14:32:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 113ms
36ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 11 Jun 2024 13:32:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=12, mss=1297, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: mYuTz0l0M7uH+IGsPd4JgcXaGUf23HvcQ9b7wgxbNjSsCptRrGuD7g4s3CEmQm0j8ibgy0WUi4Dyyvomi/Uixg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1782352&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1782352%26t%3D2

43 B
1 KB

30ms
30ms

Image
image/gif

68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1782352%26t%3D2

Requested by

Protocol

Server

68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
an-x-request-uuid: 87b33e7c-00fb-42ce-843b-0319ed6d5f0d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.40; 96.9.249.40; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
an-x-request-uuid: 0e95677a-bb5f-41ee-8e1d-2d1bdd1b23ec
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1782352%26t%3D2
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.40; 96.9.249.40; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?add=37159874
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D37159874

43 B
1 KB

41ms
41ms

Image
image/gif

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D37159874

Requested by

Protocol

Server

68.67.160.137 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
an-x-request-uuid: ce619ac6-e8e0-42b0-ac7d-243a65f1f997
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.40; 96.9.249.40; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
an-x-request-uuid: 5dc950d8-7fda-4594-9323-75c8996bcb5e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D37159874
x-proxy-origin: 96.9.249.40; 96.9.249.40; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK introspect Show response
signin.aws.org/idp/idx/ 27 KB
29 KB 148ms
147ms Fetch
application/ion+json 13.248.245.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.aws.org/idp/idx/introspect

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/js/okta-sign-in.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.245.245 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aea892e467587cd82.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e2a4e3f3295d447e676c3cc729848ff7fb92306d8c9db3612f452bc529c5cb36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' awsau.okta.com signin.aws.org .oktacdn.com; connect-src 'self' awsau.okta.com awsau-admin.okta.com signin.aws.org .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com awsau.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' awsau.okta.com signin.aws.org .oktacdn.com; style-src 'unsafe-inline' 'self' awsau.okta.com signin.aws.org .oktacdn.com; frame-src 'self' awsau.okta.com awsau-admin.okta.com signin.aws.org login.okta.com .vidyard.com com-okta-authenticator:; img-src 'self' awsau.okta.com signin.aws.org .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' awsau.okta.com signin.aws.org data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Okta-User-Agent-Extended: okta-auth-js/6.9.0 okta-signin-widget-6.9.0
Accept-Language: en
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/ion+json; okta-version=1.0.0
Accept: application/ion+json; okta-version=1.0.0
sec-ch-ua-platform-version: "10.0.0"
Referer
sec-ch-ua-platform: "Win32"

Response headers

x-okta-request-id: ZmhR5lXaATuvmB1sXZYnOQAACcM
Date: Tue, 11 Jun 2024 13:32:22 GMT
content-security-policy: default-src 'self' awsau.okta.com signin.aws.org *.oktacdn.com; connect-src 'self' awsau.okta.com awsau-admin.okta.com signin.aws.org *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com awsau.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' awsau.okta.com signin.aws.org *.oktacdn.com; style-src 'unsafe-inline' 'self' awsau.okta.com signin.aws.org *.oktacdn.com; frame-src 'self' awsau.okta.com awsau-admin.okta.com signin.aws.org login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' awsau.okta.com signin.aws.org *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' awsau.okta.com signin.aws.org data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp
x-rate-limit-limit: 2000
x-content-type-options: nosniff
x-rate-limit-remaining: 1994
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
accept-ch: Sec-CH-UA-Platform-Version
vary: Origin
Content-Type: application/ion+json;okta-version=1.0.0
access-control-allow-origin: https://signin.aws.org
x-rate-limit-reset: 1718112746
access-control-allow-credentials: true
cache-control: no-cache, no-store
X-Robots-Tag: noindex,nofollow
Keep-Alive: timeout=5, max=97
expires: 0

GET
H/1.1 200
OK iframe.html
login.okta.com/discovery/ Frame 2B7D 0
0 177ms
45ms Document
text/html 99.84.191.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.okta.com/discovery/iframe.html

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-122.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Age: 79862
Connection: keep-alive
Content-Length: 451
Content-Type: text/html
Date: Mon, 10 Jun 2024 15:21:21 GMT
ETag: "b84c759c61e4500dec73d24345856b08"
Last-Modified: Thu, 06 Jun 2024 15:21:17 GMT
Server: AmazonS3
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
X-Amz-Cf-Id: QPfA8ySJhouzF_JZ7-kBa7tW7rhcV1k78GdVHXM1kX9IpYYSEcSOBA==
X-Amz-Cf-Pop: IAD89-C2
X-Cache: Hit from cloudfront

GET
H2 200 json Show response
trc.taboola.com/1609343/trc/3/ 3 KB
2 KB 118ms
111ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1609343/trc/3/json?tim=1718112742366&data=%7B%22id%22%3A152%2C%22ii%22%3A%22%2Foauth2%2Fdefault%2Fv1%2Fauthorize%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1718112742350%2C%22cv%22%3A%2220240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-awshyperscopemediacom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1718112742365%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0%22%2C%22tos%22%3A12%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1609343/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c063acde579081db28961d7885925e475dd06bcec0a65a8273830ea80bf69f2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 90
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.19375
x-fastly-to-nlb-rtt: 68372
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-yyz4536-YYZ
x-log-content-encoding: gzip
server: nginx
x-timer: S1718112742.386531,VS0,VE90
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 26033049.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 45ms
44ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26033049.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f0958a6596c984c82dae401a464f2ec5df106fcd7d3ddf05e77c0d0cf5d486dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 11 Jun 2024 13:32:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE43DCC7408A44AA99A3BB04D1B1905D Ref B: NYCEDGE1315 Ref C: 2024-06-11T13:32:22Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
359 B 69ms
68ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26033049&tm=gtm002&Ver=2&mid=ae3e934e-95df-4768-856f-9ef80699637c&sid=087332d027f711ef92563b2b38734559&vid=087341d027f711ef8f236de17e945557&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Member%20Log%20in&p=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0&r=&lt=2721&evt=pageLoad&sv=1&rn=932843

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 13:32:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 555527C4DD5A4D32B58EB688F6989135 Ref B: NYCEDGE1315 Ref C: 2024-06-11T13:32:22Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.87505d7070188439ce69.js Show response
script.hotjar.com/ 222 KB
55 KB 145ms
40ms Script
application/javascript 99.84.191.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.87505d7070188439ce69.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3587914.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-41.iad89.r.cloudfront.net

Software

Resource Hash

47339883a3b9e740ee111c8e679fd7b1e8322360c72a8184c0b6b45866209709

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 08:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 03c6bb07a0ba5f6bce71fe21ae4e3d78.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 16576
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56140
last-modified: Tue, 11 Jun 2024 08:55:29 GMT
etag: "842daa3406a2b599a38628e533b78ad3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 8A3MZeC-DMsPV0QWWqU0uO8Ch7SVdOAM8igOt77i5IdaJEkdeBUM9w==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 100 B
305 B 49ms
48ms XHR
text/plain 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=457206467&t=pageview&_s=1&dl=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0&ul=en-us&de=UTF-8&dt=Member%20Log%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAIC~&jid=630258056&gjid=1157128692&cid=9542997.1718112742&tid=UA-110089980-1&_gid=2047425649.1718112742&_r=1&_slc=1&gtm=45He4650n81MJMFVNQv77958976za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=674228696

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

baee9652bd26adbccdfa19ed37fd91e70d9804f806e3c72d75d54184640867fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signin.aws.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7723471.js Show response
js.hs-analytics.net/analytics/1718112600000/ 70 KB
25 KB 168ms
74ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1718112600000/7723471.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7723471.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92596e8f5f7d018a3a92783fff79b9b26a94f7873b4b4f62a865d788f28fabd8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: DK55NSF10ACKJ4KX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: d1954c0f-0d4e-40e5-ad8f-0c90c841c8ee
x-envoy-upstream-service-time: 20
x-amz-id-2: oEN5gihfqkcfExTvWBccfensz9i6WLpPM5O3TNgPHrcJf8KldlGnrrTOYDFoiZJxu3TiqHsR9OM=
x-evy-trace-listener: listener_https
x-request-id: d1954c0f-0d4e-40e5-ad8f-0c90c841c8ee
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 30 May 2024 21:02:33 GMT
server: cloudflare
etag: W/"b3f6533c073c114b9af46489703fba2e"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8921f780dad54bd8-BUF
expires: Tue, 11 Jun 2024 13:37:12 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
24 KB 184ms
91ms Script
application/javascript 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7723471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af4c240d46b3e99eea9ccbfd9c0c1c856c710a5ed3692f455767a96224171b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1159/bundles/project.js&cfRay=8921f780dbad4bd3-EWR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"e6c06eb0663c717e3d4635531672a1e1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1159/bundles/project.js
date: Tue, 11 Jun 2024 13:32:22 GMT
x-amz-version-id: V4YhUHRJMuZkqxb1cpgehoNLVpfwce83
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 ea42f57e1e0a065bc1c1c637f97d3be4.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD61-P1
x-hubspot-correlation-id: 61822135-6e1c-4619-a59f-ebef84674183
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-request-id: 61822135-6e1c-4619-a59f-ebef84674183
last-modified: Mon, 03 Jun 2024 20:17:08 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isg0l2vH%2BE1Au%2B6yEqWwiA8vyvhOcyp%2Fknv44%2Bx2JhyTXhnY8haaywlWK%2FkIyyr610daJwP2NyzNMELrUNJrWz%2FHyLy8lqVgGOjjMZCdQceTAcPcgNTbjG8cELyKH2yF%2F0ftG4K%2FVvoKuZQK"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-9c6mc
cf-ray: 8921f780dbad4bd3-BUF
x-amz-cf-id: qFo0bQDrC3FzPak1t40cW7y5V-e6tECmw_5F_WfC9kqpW6r7rypGvA==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 139ms
46ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7723471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47d1036cdfb7fa765e45f0f3d193baadcd53005e95a2f9bf7b531ebfbf41ea2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
x-amz-version-id: tGbAtiolnAFnleIlWBGAzvQOiFsm5cIW
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 55ee52bf-ac4b-461f-ba16-f2c23474e38f
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.563/bundles/pixels-release.js&cfRay=88bf63fe1add41de-EWR
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age: 277
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 55ee52bf-ac4b-461f-ba16-f2c23474e38f
last-modified: Thu, 30 May 2024 14:14:49 UTC
server: cloudflare
etag: W/"7f1cb0f6264fd05edb4cc0ec6a9bc096"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-9c6mc
cf-ray: 8921f780dc7d4bbb-BUF
x-amz-cf-id: i0E6zu1ara243Tckx9L_nnExbMWNu_QFfTpjZkXFKooQlUnmrZ5BVg==
x-hs-target-asset: adsscriptloaderstatic/static-1.563/bundles/pixels-release.js

GET
H2 200 7723471.js Show response
js.hs-banner.com/ 63 KB
19 KB 153ms
79ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7723471.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7723471.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c81e497989a05fae2732c42be178103cd6e1eb680941fb7b895f1618ee9b35b2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
x-amz-version-id: k81PvEdUqd.181zMlFmo41O9Y63Tsp6C
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: FG21KAJ4PCNGJJA3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 077b84cc-63b6-4d10-92b8-f9d2534392e6
x-envoy-upstream-service-time: 55
x-amz-id-2: /e+yjjsSaUhi+jgqXuWJPaL/NjsotfNfVEsng9qgoBd+aUIT8R0eyg9S5G++4nrl4WF0JW+ACsU=
x-evy-trace-listener: listener_https
x-request-id: 077b84cc-63b6-4d10-92b8-f9d2534392e6
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 24 May 2024 22:51:47 GMT
server: cloudflare
etag: W/"4589ad27e35abec51cf95f08e494151a"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.aws.org
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-2r68v
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8921f780bb9f4bd3-BUF
expires: Tue, 11 Jun 2024 13:37:22 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
92 KB 154ms
61ms Script
application/javascript 2606:4700::6812:8c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7723471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js&cfRay=892177f63a2e728a-EWR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"be45bdb720f44c8db4ee42bc228ff2a8"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js
date: Tue, 11 Jun 2024 13:32:22 GMT
x-amz-version-id: HLkmxotJV8gQ_mnvhNwLT9fnVmh1uWjb
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 d9057c384f4ac5ba2672d2ff44de7e08.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3
x-hubspot-correlation-id: d09516b2-57b6-40a0-a1ae-a933541b281a
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-request-id: d09516b2-57b6-40a0-a1ae-a933541b281a
last-modified: Thu, 30 May 2024 10:22:15 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs
cf-ray: 8921f780ded84bc0-BUF
x-amz-cf-id: TX8sUKRomklGKmB8um1bQ8AklgfNk9r9RRfJe-yLnSJcWMrC9hHwOg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 77ms
76ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10176109

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/175f7caa2b90/91cd0aa8db80/launch-1d46b1fdc4ab.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

8357cfe609146477a5ef163f9f6d6ecf6e32a40b23ad8733d8202a7e737a2614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77517
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET
H2 200 checkbox-sign-in-widget.png
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/img/ui/forms/ 3 KB
4 KB 37ms
37ms Image
image/png 18.67.76.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/img/ui/forms/checkbox-sign-in-widget.png

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/okta-sign-in.min.css
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:09:09 GMT
x-amz-meta-sha1sum: e0bb021ffdf93c68fef44de2a3b08f378b6fb50a
via: 1.1 074df32306fddeb7d54ca41312e6888e.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: IAD89-P2
age: 804193
x-cache: Hit from cloudfront
content-length: 3141
last-modified: Tue, 29 Nov 2022 22:21:11 GMT
server: nginx
etag: "7846b2f8c6d0a7ca69fdd3d3c294e92d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: NJ7EP-MCrKcnPC66eTT_tp5bXZpgk0E5fD8yJE5xexFHZkCVYvqc1g==
expires: Mon, 02 Jun 2025 06:09:09 GMT

GET
H2 200 proximanova-sbold-webfont.41acb8650115f83780fc.woff2
ok14static.oktacdn.com/assets/loginpage/font/assets/ 20 KB
20 KB 44ms
35ms Font
application/font-woff2 18.67.76.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/loginpage/font/assets/proximanova-sbold-webfont.41acb8650115f83780fc.woff2

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ok14static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 15:00:27 GMT
x-amz-meta-sha1sum: dd4beda27e8057403b27d1276ca9d68902692615
via: 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: IAD89-P2
age: 1809115
x-cache: Hit from cloudfront
content-length: 20328
last-modified: Thu, 09 Nov 2023 01:12:22 GMT
server: nginx
etag: "27429b092c0595aa8803b611bd7508f3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: HgtBxs0xp_qHW3KGRxYkMo15RUvg1LlOurplytsXFPVO7YIfARS-AA==
expires: Wed, 21 May 2025 15:00:27 GMT

GET
H2 200 proximanova-reg-webfont.353416ed0ff540352235.woff2
ok14static.oktacdn.com/assets/loginpage/font/assets/ 20 KB
20 KB 45ms
36ms Font
application/font-woff2 18.67.76.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ok14static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 15:00:27 GMT
x-amz-meta-sha1sum: 2b5fcd8431953c44e410d0489899e74f6d2cfecc
via: 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: IAD89-P2
age: 1809115
x-cache: Hit from cloudfront
content-length: 20416
last-modified: Thu, 09 Nov 2023 01:11:45 GMT
server: nginx
etag: "d99a7377dabb55772ca9f986b0a04b57"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: W5CMAhdKiavhj0GyfjlNuYoHArx3gBRNVUVkkQAGOgVoiWFtP54plw==
expires: Wed, 21 May 2025 15:00:27 GMT

GET
H2 200 okticon.woff
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/font/ 20 KB
21 KB 45ms
37ms Font
application/font-woff 18.67.76.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/font/okticon.woff

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.9.0/css/okta-sign-in.min.css
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-sha1sum: 4d706297987d613a4e3f4f23d08c62d16830845d
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront)
date: Thu, 06 Jun 2024 23:41:10 GMT
x-amz-cf-pop: IAD89-P2
age: 395471
x-cache: Hit from cloudfront
content-length: 20600
last-modified: Tue, 29 Nov 2022 22:21:10 GMT
server: nginx
etag: "db28723126138387cdf40680e6e0fa5d"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: qMl05-PWoLjDNxHa2jvPMIpWsSuiBetXblgZN8hk74vPJ7ffzMeppw==
expires: Fri, 06 Jun 2025 23:41:10 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
346 B 206ms
48ms XHR
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-110089980-1&cid=9542997.1718112742&jid=630258056&gjid=1157128692&_gid=2047425649.1718112742&_u=YGBACEAABAAAACAAIC~&z=636711305

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 13:32:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signin.aws.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 332 KB
109 KB 74ms
71ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4Z1B9GMBJL&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

817b8dbdc70c85a41dbadcfebef210c95e490761ea4aa9ba419ec1a4a6dc9436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111586
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 13:32:22 GMT

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H2 200 26033049 Show response
www.clarity.ms/tag/uet/ 979 B
1 KB 336ms
181ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26033049
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26033049.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4993b6ea3d04988a32d48d14fa918bb5e358b48b3d5d986d4535170b4a0f91b1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Tue, 11 Jun 2024 13:32:22 GMT
x-azure-ref: 20240611T133222Z-15d9dbcbcc4z2pc9qb610xb3cs000000082g00000000agww
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 979
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/939217791/ 3 KB
2 KB 183ms
51ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939217791/?random=1718112742530&cv=11&fst=1718112742530&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-939217791&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b03a36c03394d2885f1847f0445813cc18b3a314fd16a9cdf6618fac7e64a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1779
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698899790/ 3 KB
2 KB 171ms
60ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698899790/?random=1718112742550&cv=11&fst=1718112742550&bg=ffffff&guid=ON&async=1&gtm=45be46a0h2z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698899790&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

723573738950514c6f2ed7a5afe3291549563f23473828fc56ac558684a43531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1781
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/823951548/ 3 KB
2 KB 142ms
56ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/823951548/?random=1718112742575&cv=11&fst=1718112742575&bg=ffffff&guid=ON&async=1&gtm=45be4650v9179854494z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-823951548&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d399c83c70bd90ee09c37b7fa17e37d9e3d588c718226c422322cf0693e9a0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1789
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698917351/ 3 KB
2 KB 120ms
54ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698917351/?random=1718112742597&cv=11&fst=1718112742597&bg=ffffff&guid=ON&async=1&gtm=45be4650v9181659370z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698917351&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7141a3a28533686f44ae1ad83b6dc83b6d3f0cb77e38ef02ca90aea726d46526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1790
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698852211/ 3 KB
2 KB 104ms
58ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698852211/?random=1718112742616&cv=11&fst=1718112742616&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698852211&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b048bd80ed56413591efe761b3c5507131b364e698d3243b08a1eb0be3d8cd67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1776
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698851026/ 3 KB
2 KB 80ms
56ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698851026/?random=1718112742639&cv=11&fst=1718112742639&bg=ffffff&guid=ON&async=1&gtm=45be46a0h2z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698851026&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bc5d25c0cf79d34bf38f4dafa4e4a7a998ad3ed2eb88ef1483c7de9b072128e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1782
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 133ms
47ms Ping
text/plain 2607:f8b0:4004:c19::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-4Z1B9GMBJL&gtm=45je4650v9138842453z877958976za200&_p=1718112741774&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=9542997.1718112742&ecid=112853931&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718112742&sct=1&seg=0&dl=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0&dt=Member%20Log%20in&en=page_view&_fv=1&_ss=1&tfd=3162
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Z1B9GMBJL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signin.aws.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 47ms
47ms Ping
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4Z1B9GMBJL&cid=9542997.1718112742&gtm=45je4650v9138842453z877958976za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Z1B9GMBJL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signin.aws.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 491910421947139 Show response
connect.facebook.net/signals/config/ 67 KB
14 KB 37ms
36ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/491910421947139?v=2.9.157&r=stable&domain=signin.aws.org&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4394adf94f134a9cb2d7bbd97d1c01be9108558520cc1b52157188cadcb2915

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 11 Jun 2024 13:32:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13856
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=63, mss=1297, tbw=63451, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: BGHqm9h3Iddp7gWIIUiD+1ZfwgLWvWOtqL0m1Uhp8KPtSdCCF5YqsD79IeAROUwvmOeLwVbTLvLfeiYkO8+DVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698852250/ 3 KB
2 KB 55ms
54ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698852250/?random=1718112742706&cv=11&fst=1718112742706&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698852250&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a99015f59fcb8adb19517171a12dd9ae8e64243f42bdd372647b90c4400e79d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1797
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698900063/ 3 KB
2 KB 50ms
50ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698900063/?random=1718112742767&cv=11&fst=1718112742767&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698900063&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

291c8e5cc25942d774f341e01e1ff27031591e1f51bd487d25958446a718ce0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1796
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 22ms
21ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1609343/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Jun 2024 13:32:22 GMT
x-amz-request-id: Q89PZAPY13C01VBS
age: 3311
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: WyW+sQit27+5QQaPOprDWlxQkOlwneaUZDqksoV7u0dxhY+oAngI45yJEW41JVZdfQSdWufJIXs=
x-served-by: cache-yyz4536-YYZ
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1718112743.788834,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 46
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 4928

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 22ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1609343/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Jun 2024 13:32:22 GMT
x-amz-request-id: F0ERNPAEKW73Z8P2
age: 8100
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: plsZvdnyCt2i8Bpor4XZ/Hw8FQ82hV+hAUU7z72e8PcCioobdkLHvDkUimb10ggYrfGsRVEk5hI=
x-served-by: cache-yyz4536-YYZ
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1718112743.789009,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 15
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 9505

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698852454/ 3 KB
2 KB 50ms
50ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698852454/?random=1718112742790&cv=11&fst=1718112742790&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698852454&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33f58ef6b1e05fe5624e3c1c9fca4e867939439fc8fca0ef5869643e271c3362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1797
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698852031/ 3 KB
2 KB 56ms
56ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698852031/?random=1718112742816&cv=11&fst=1718112742816&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698852031&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31342a32bbdc91b619c966207f24b69f65a2a1ca094276d092b19b1bab17ca2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1793
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698900441/ 3 KB
2 KB 50ms
50ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698900441/?random=1718112742834&cv=11&fst=1718112742834&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698900441&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

810e159067f5ea3e5f3dccf9fcf31c65ecca021964b4e7cad447eec39323546c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1795
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 169ms
95ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-110089980-1&cid=9542997.1718112742&jid=630258056&_u=YGBACEAABAAAACAAIC~&z=2003011116

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698916847/ 3 KB
2 KB 50ms
49ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698916847/?random=1718112742855&cv=11&fst=1718112742855&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698916847&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d32ec1d4c0104da824181101d09b98d91516d31150044d9b36233611a7b2f78c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1797
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698900474/ 3 KB
2 KB 50ms
50ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698900474/?random=1718112742882&cv=11&fst=1718112742882&bg=ffffff&guid=ON&async=1&gtm=45be46a0h2v9181659645z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698900474&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

328afb20d55188683bbda62037d6fc038ca172cdbe1a2e1454ae34b66b0644f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1807
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698917243/ 3 KB
2 KB 55ms
54ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698917243/?random=1718112742900&cv=11&fst=1718112742900&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698917243&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f5fc481ae6f168510a217d1d45c1022124d3e1a1f5d10f8707105867210e83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1796
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698917033/ 3 KB
2 KB 55ms
55ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698917033/?random=1718112742922&cv=11&fst=1718112742922&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698917033&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d77df012bb03a4d53e019bafa57b517989881cac8b15d7f93328a475ec037f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1797
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698899985/ 3 KB
2 KB 48ms
48ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698899985/?random=1718112742942&cv=11&fst=1718112742942&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-698899985&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-99-84-191-41.iad89.r.cloudfront.net

Software

cafe /

Resource Hash

73bca0cb2ee09e45d40f7f8e54ba2e78184e72576bc986c2bab2bc3c58b54452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1795
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK b8b3dc6d-bcc4-43f1-a454-5eeba85fd198.js Show response
www.rumiview.com/containers/ 217 KB
59 KB 237ms
67ms Script
application/javascript 212.69.158.198
DATABANK-DFW

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rumiview.com/containers/b8b3dc6d-bcc4-43f1-a454-5eeba85fd198.js
Requested by: Host: signin.aws.org
URL: https://signin.aws.org/oauth2/default/v1/authorize?client_id=0oa9owvgzafo3rhRb696&redirect_uri=https%3A%2F%2Fmy.aws.org%2Fservice&response_type=code&scope=openid%20profile%20email&code_challenge=su43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw&response_mode=form_post&nonce=638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1&x-client-SKU=ID_NET461&x-client-ver=6.16.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.69.158.198 , United States, ASN13767 (DATABANK-DFW, US),
Reverse DNS: 212-69-158-198.databank.com
Software: /
Resource Hash: 41227c35bec0272164dbd984ea645a659efd5f89b3c165795b74359b998b1fee

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:23 GMT
cache-control: public, must-revalidate, max-age=360
content-encoding: gzip
x-robots-tag: none
transfer-encoding: chunked
vary: Accept-Encoding, Accept-Encoding, Cookie
content-type: application/javascript; charset=utf-8

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/12671/ 38 KB
11 KB 118ms
38ms Script
application/json 13.32.151.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/12671/cc.js?ns=_cc12671
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/175f7caa2b90/91cd0aa8db80/launch-1d46b1fdc4ab.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.151.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-151-124.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fef8577b566c5bd797c4c905e0a52db4d2f81628460c868c97f9ce3b85f0b44

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:19:01 GMT
content-encoding: gzip
via: 1.1 2af881fc3dba7aadc69b3ca00dd6e9e6.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 00:25:23 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
age: 4403
etag: W/"e26dc14e3772420eb25f71c12f0da49b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=86400
x-amz-cf-id: pB87jj7IZk_FNYg62hX4YbsfVy6SDkbFqnTFeoBHnnlBJkjAG3rfww==

GET
H2

200

seg=AWS
bcp.crwdcntrl.net/5/ct=y/c=12671/seg=22.7.27/seg=22.10.1/seg=22.10.2/seg=22.10.3/seg=22.10.5/seg=22.10.8/seg=22.10.9/seg=22.10.11/seg=22.10.12/seg=22.10.15/seg=22.10.16/seg=22.10.17/seg=22.10.18/se...
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12671/seg=22.7.27/seg=22.10.1/seg=22.10.2/seg=22.10.3/seg=22.10.5/seg=22.10.8/seg=22.10.9/seg=22.10.11/seg=22.10.12/seg=22.10.15/seg=22.10.16/seg=22.10.17/seg=22.10.18...
https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=22.7.27/seg=22.10.1/seg=22.10.2/seg=22.10.3/seg=22.10.5/seg=22.10.8/seg=22.10.9/seg=22.10.11/seg=22.10.12/seg=22.10.15/seg=22.10.16/seg=22.10.17/seg=22....

49 B
918 B

56ms
56ms

Image
image/gif

34.225.253.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=22.7.27/seg=22.10.1/seg=22.10.2/seg=22.10.3/seg=22.10.5/seg=22.10.8/seg=22.10.9/seg=22.10.11/seg=22.10.12/seg=22.10.15/seg=22.10.16/seg=22.10.17/seg=22.10.18/seg=22.10.19/seg=22.10.20/seg=22.10.21/seg=22.10.22/seg=22.10.23/seg=22.10.24/seg=22.16.6/seg=AWS
Requested by: Host: signin.aws.org
URL: https://signin.aws.org/oauth2/default/v1/authorize?client_id=0oa9owvgzafo3rhRb696&redirect_uri=https%3A%2F%2Fmy.aws.org%2Fservice&response_type=code&scope=openid%20profile%20email&code_challenge=su43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw&response_mode=form_post&nonce=638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1&x-client-SKU=ID_NET461&x-client-ver=6.16.0.0
Protocol: H2
Server: 34.225.253.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-253-223.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.54.183
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=22.7.27/seg=22.10.1/seg=22.10.2/seg=22.10.3/seg=22.10.5/seg=22.10.8/seg=22.10.9/seg=22.10.11/seg=22.10.12/seg=22.10.15/seg=22.10.16/seg=22.10.17/seg=22.10.18/seg=22.10.19/seg=22.10.20/seg=22.10.21/seg=22.10.22/seg=22.10.23/seg=22.10.24/seg=22.16.6/seg=AWS
cache-control: no-cache
x-server: 10.40.62.117
content-length: 0
expires: 0

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 180ms
100ms Preflight
application/octet-stream 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://signin.aws.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://signin.aws.org
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 8921f78439524bc9-BUF
content-length: 0
content-type: application/octet-stream
date: Tue, 11 Jun 2024 13:32:23 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-9fld2
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: c0802688-9035-44ab-8928-545a7bf78000
x-request-id: c0802688-9035-44ab-8928-545a7bf78000

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
175 B 116ms
115ms XHR
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/cookie-banner-public/v1/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/7723471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Jun 2024 13:32:23 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6990f113-da45-4fc7-834f-a53484dee56a
x-envoy-upstream-service-time: 17
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6990f113-da45-4fc7-834f-a53484dee56a
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://signin.aws.org
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8921f784e9ad4bc9-BUF

GET
H2 200 survey-v2.6c9fcb0b9d2b67946cdf.js Show response
script.hotjar.com/ 301 KB
69 KB 40ms
39ms Script
application/javascript 99.84.191.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/survey-v2.6c9fcb0b9d2b67946cdf.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.87505d7070188439ce69.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c5888a64161e80f03a68b945665b54914c0521261aa3cb65512603ec56cc859c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 03c6bb07a0ba5f6bce71fe21ae4e3d78.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 8296
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69662
last-modified: Tue, 11 Jun 2024 11:13:17 GMT
etag: "469818fa29c63c556712c4f7923889b4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UYLqQMlVpNjFFvKoMwzk5ZnUD96AJIqhztfgtBm1ZwoC6v3Ki7E6Zw==

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 108 B
1 KB 118ms
114ms Fetch
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7723471&currentUrl=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 65382150-df88-4633-9cf0-03590e67238f
content-encoding: br
x-envoy-upstream-service-time: 42
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 65382150-df88-4633-9cf0-03590e67238f
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://signin.aws.org
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qR%2FPUWY7YDkwThNavUkN7k04ozXtvPs5uGLVOwSWTfQYVkf390ZjxCOVYPf8CoYXFJtHUqSJ6J91upnWSZwRKKaN%2FZg2HsjUR9%2BF5KQoUWumiMm90TTqIZhf0BJPymxZ%2Fye%2BngBuiC7ghmrdkIDQPNFrdb1ecjUdypg%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8921f7841d3f4bd3-BUF
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-md7fl

GET
H3 200 /
www.google.com/pagead/1p-user-list/939217791/ 42 B
64 B 53ms
52ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/939217791/?random=1718112742530&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL-Keqky1zzUeGd7EyDYjK54C0vH5sLg&random=1045203427&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698917351/ 42 B
64 B 52ms
52ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698917351/?random=1718112742597&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650v9181659370z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLErbuvEFvGS4rP5KQJtVysKkV_E52XQ&random=325982530&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/823951548/ 42 B
64 B 59ms
59ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/823951548/?random=1718112742575&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650v9179854494z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLd1WyhYHNXfoKZqbgQEve96-RvBLYJg&random=1538953751&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698851026/ 42 B
64 B 54ms
53ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698851026/?random=1718112742639&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be46a0h2z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLWPfXXD1EB8e-AJlaIgz3Q9HR_jSPHg&random=3924274399&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698852211/ 42 B
64 B 52ms
52ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698852211/?random=1718112742616&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLG9LWtT9MLFcxVK6YFlGtJXLFzOUncQ&random=164196583&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698899790/ 42 B
64 B 59ms
59ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698899790/?random=1718112742550&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be46a0h2z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL9E9j2vlvuVKNjoo1hQjN1CeaNLWKnQ&random=313298225&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 364715685088516 Show response
connect.facebook.net/signals/config/ 30 KB
4 KB 37ms
37ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/364715685088516?v=2.9.157&r=stable&domain=signin.aws.org&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C119%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d110d76a2e3026a8519fb2f8ab36c668368c5e6a1b6a3dc539b3747325e04320

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 11 Jun 2024 13:32:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3875
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=23, mss=1232, tbw=4309, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: h40OVVUq2W7CoRH/Er0/B6OadWyOQ5utjRjZcQhWKc6KXQkk0FCrB7LhnTikfncHgKtjnG0ME9uxWXLw9/wdww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 163ms
85ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=491910421947139&ev=PageView&dl=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2Bprofile%2Bemail%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D_removed_&rl=&if=false&ts=1718112743068&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718112743066.604805794682992600&cs_est=true&ler=empty&cdl=API_unavailable&it=1718112742693&coo=false&up_url=x-client-ver&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=2792, tp=-1, tpl=-1, uplat=50, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 11 Jun 2024 13:32:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 276ms
198ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=491910421947139&ev=PageView&dl=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2Bprofile%2Bemail%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D_removed_&rl=&if=false&ts=1718112743068&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718112743066.604805794682992600&cs_est=true&ler=empty&cdl=API_unavailable&it=1718112742693&coo=false&up_url=x-client-ver&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3dafc97ff8e95bf2","source_keys":["1","2"]},{"key_piece":"0x5d9540bb74b257d5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 11 Jun 2024 13:32:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=3306, tp=-1, tpl=-1, uplat=160, ullat=0
pragma: no-cache
x-fb-debug: a97tw616eMAkJb+nMQIiUwS82y1U/mD3/ue4IIc/qbK/Y1wI7yEc3pslopTVHpVoz8Ivnf99TCtTkDYUYC0YFg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698852250/ 42 B
64 B 50ms
50ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698852250/?random=1718112742706&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLyqvsFn3fM4Clc-uZOIqzXayPty3W7KacMUIqEuS-nyCeLL_4&random=2988435549&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698900063/ 42 B
64 B 52ms
50ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698900063/?random=1718112742767&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLH4soWCZj9scEfTOZT_oX-wa-0GyVkhjR99TSQC0wR5SPgWiQ&random=2906196648&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 63ms
62ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26033049
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:23 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240611T133223Z-15d9dbcbcc4z2pc9qb610xb3cs000000082g00000000agxr
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 35eee430-101e-0028-3d64-ba4f73000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 / Show response
pips.taboola.com/ 64 B
239 B 104ms
29ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: b0d82fc99d52022a98cf8b02b0c5fc90638a5c289a731ba650bab37edfacc6c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-lga21923-LGA
date: Tue, 11 Jun 2024 13:32:23 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://signin.aws.org
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/698852454/ 42 B
64 B 50ms
50ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698852454/?random=1718112742790&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLCkLAADKLbbIbS5RKOtbEREfTKOeADuzb2yaun_izxbHVkkc9&random=2648970597&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698852031/ 42 B
64 B 48ms
48ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698852031/?random=1718112742816&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLyAyHH2w85dRCRPpbOm1Yuzy327hXTT6_OXAyticRwr9yKPDN&random=3325692314&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698900441/ 42 B
64 B 49ms
49ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698900441/?random=1718112742834&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL8ueW9TqsmbvTcC9WaKVCobX9jpvOPE6di-axan6nhwPH4-M5&random=3153111456&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698916847/ 42 B
64 B 49ms
49ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698916847/?random=1718112742855&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLeyA7ZMc11xVcTbGzbkJy8QR22A9kbteQmKP0R_2bZY7NW67q&random=3167603343&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698900474/ 42 B
64 B 49ms
49ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698900474/?random=1718112742882&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be46a0h2v9181659645z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLe0Rrnvs8hBYfR4doxfHSgKvbycFfO8FGZQ0YgUhC3o8hFZWj&random=2499776898&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698917243/ 42 B
64 B 47ms
47ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698917243/?random=1718112742900&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLxGqpekHN_UB97f5Gh80VjB5q1ulw-siByXXGxdvvC_7OAJjv&random=2600450818&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698917033/ 42 B
64 B 48ms
48ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698917033/?random=1718112742922&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLglWu1swtnb7NSy4dP90ESFSuipoHPhMMB9a8WMAuqDk_IQNq&random=941024766&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698899985/ 42 B
64 B 49ms
49ms Image
image/gif 172.253.122.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698899985/?random=1718112742942&cv=11&fst=1718110800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z877958976za201zb77958976&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5&hn=www.googleadservices.com&frm=0&tiba=Member%20Log%20in&npa=0&pscdl=noapi&auid=1709659985.1718112742&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLfnZJNWE1DQAaIvAFDLE_cGT9n7PdMhKYFtYRLD8wnfQtpymM&random=4003014017&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-99-84-191-41.iad89.r.cloudfront.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hit Show response
surveystats.hotjar.io/ 0
483 B 152ms
36ms XHR
binary/octet-stream 13.32.208.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://surveystats.hotjar.io/hit?id=1009484&device=desktop
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.87505d7070188439ce69.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-32.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 20:24:47 GMT
x-amz-version-id: null
via: 1.1 aabff76d9515c67bc2758117b3e68446.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C1
age: 1271257
x-cache: Hit from cloudfront
content-length: 0
last-modified: Wed, 27 Jan 2021 15:23:17 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public,max-age=0
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: tMoVJEsiGQFduK2BylLG77lAjr646UYMkcf4k0ojZoR_sQMM43YFcQ==

GET
H2 200 Roboto-Regular.422781.woff2
script.hotjar.com/ 49 KB
50 KB 112ms
40ms Font
font/woff2 99.84.191.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/Roboto-Regular.422781.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://signin.aws.org/
Origin: https://signin.aws.org
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 00:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 427271f19372c1be0d143a1d4c76a128.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1257916
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Mon, 27 May 2024 07:53:38 GMT
etag: "184a2a669cf798f8d80bcfba041c3ecf"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: none
x-amz-cf-id: pFd8BP4uywbn64ZwagvKryVK1xwSDpN-XpurcCrK29SumLfaS0S17Q==

GET
H2

200

activityi;dc_pre=CL3cgt7U04YDFe0VdgYdW9gD8g;src=10176109;type=assoc0;cat=aws-a0;ord=7123803034151;npa=0;auiddc=1709659985.1718112742;ps=1;pcor=414151139;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125...
10176109.fls.doubleclick.net/ Frame 9D14
Redirect Chain

https://10176109.fls.doubleclick.net/activityi;src=10176109;type=assoc0;cat=aws-a0;ord=7123803034151;npa=0;auiddc=1709659985.1718112742;ps=1;pcor=414151139;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B...
https://10176109.fls.doubleclick.net/activityi;dc_pre=CL3cgt7U04YDFe0VdgYdW9gD8g;src=10176109;type=assoc0;cat=aws-a0;ord=7123803034151;npa=0;auiddc=1709659985.1718112742;ps=1;pcor=414151139;uaa=x86...

0
0

104ms
101ms

Document
text/html

142.251.111.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10176109.fls.doubleclick.net/activityi;dc_pre=CL3cgt7U04YDFe0VdgYdW9gD8g;src=10176109;type=assoc0;cat=aws-a0;ord=7123803034151;npa=0;auiddc=1709659985.1718112742;ps=1;pcor=414151139;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4650v9181793797za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10176109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.148 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 959
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jun 2024 13:32:23 GMT
expires: Tue, 11 Jun 2024 13:32:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jun 2024 13:32:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10176109.fls.doubleclick.net/activityi;dc_pre=CL3cgt7U04YDFe0VdgYdW9gD8g;src=10176109;type=assoc0;cat=aws-a0;ord=7123803034151;npa=0;auiddc=1709659985.1718112742;ps=1;pcor=414151139;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4650v9181793797za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10176109;type=assoc0;cat=aws-a0;ord=7123803034151;npa=0;auiddc=1709659985.1718112742;ps=1;pcor=414151139;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.141%7...
ad.doubleclick.net/ 0
22 B 184ms
108ms Image
image/png 172.253.122.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10176109;type=assoc0;cat=aws-a0;ord=7123803034151;npa=0;auiddc=1709659985.1718112742;ps=1;pcor=414151139;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4650v9181793797za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f148.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"16138770765558908200"}],"aggregatable_trigger_data":[{"filters":[{"14":["12928752"]}],"key_piece":"0x1588c302ac2c282a","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x2a4686bd586a3260","not_filters":{"14":["12928752"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"4749907813774255613","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"16138770765558908200","filters":[{"14":["12928752"],"source_type":["event"]},{"14":["12928752"],"24":["12928752"],"source_type":["navigation"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"16138770765558908200","filters":[{"14":["12928752"],"23":["12928752"],"source_type":["navigation"]}],"priority":"10","trigger_data":"0"},{"deduplication_key":"16138770765558908200","filters":[{"14":["12928752"],"25":["12928752"],"source_type":["navigation"]}],"priority":"10","trigger_data":"2"},{"deduplication_key":"16138770765558908200","filters":[{"14":["12928752"],"26":["12928752"],"source_type":["navigation"]}],"priority":"10","trigger_data":"3"},{"deduplication_key":"16138770765558908200","filters":[{"14":["12928752"],"27":["12928752"],"source_type":["navigation"]}],"priority":"10","trigger_data":"4"},{"deduplication_key":"16138770765558908200","filters":[{"14":["12928752"],"28":["12928752"],"source_type":["navigation"]}],"priority":"10","trigger_data":"5"},{"deduplication_key":"16138770765558908200","filters":[{"14":["12928752"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"16138770765558908200","filters":[{"source_type":["event"]},{"23":["12928752"],"source_type":["navigation"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"16138770765558908200","filters":[{"24":["12928752"],"source_type":["navigation"]}],"priority":"0","trigger_data":"1"},{"deduplication_key":"16138770765558908200","filters":[{"25":["12928752"],"source_type":["navigation"]}],"priority":"0","trigger_data":"2"},{"deduplication_key":"16138770765558908200","filters":[{"26":["12928752"],"source_type":["navigation"]}],"priority":"0","trigger_data":"3"},{"deduplication_key":"16138770765558908200","filters":[{"27":["12928752"],"source_type":["navigation"]}],"priority":"0","trigger_data":"4"},{"deduplication_key":"16138770765558908200","filters":[{"28":["12928752"],"source_type":["navigation"]}],"priority":"0","trigger_data":"5"},{"deduplication_key":"16138770765558908200","filters":[{"29":["12928752"],"source_type":["navigation"]}],"priority":"0","trigger_data":"6"},{"deduplication_key":"16138770765558908200","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10176109"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 124ms
30ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=7494d13e-1f9a-4319-834e-908eefd8d82b-tuctd61d766&uad=792265435f5b7d9e83199b47b5dfa76b86860479a24cda6edbf0aef5dcc23d3e&ptf=V2luMzI=&ptfv=MTAuMC4w&ufv=MTI1LjAuNjQyMi4xNDE=&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTI1&bnd=Tm90OkEtQnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTI1&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 11 Jun 2024 13:32:23 GMT
cache-control: no-store
server: nginx

GET
H3 200 879690196786657 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 37ms
37ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/879690196786657?v=2.9.157&r=stable&domain=signin.aws.org&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C119%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

1342fc7dae5cbd579997ff5a2b6d61f310b358f9be92e412a245d6dcac778f93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 11 Jun 2024 13:32:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2846
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=28, mss=1232, tbw=10805, tp=17, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: DorZ58GG2um12lDRnJzErhAvKxP1WMAivBw71iVBEPzq6z+wCjZStuL5JtJrB9qjvEc5XhryrOLqScgFCWGGIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 38ms
37ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=364715685088516&ev=PageView&dl=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0&rl=&if=false&ts=1718112743250&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1718112743066.604805794682992600&cs_est=true&ler=empty&cdl=API_unavailable&it=1718112742693&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=3159, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 11 Jun 2024 13:32:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
477 B 108ms
107ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=364715685088516&ev=PageView&dl=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0&rl=&if=false&ts=1718112743250&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1718112743066.604805794682992600&cs_est=true&ler=empty&cdl=API_unavailable&it=1718112742693&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xcd77cbecfd30aa2f","source_keys":["1","2"]},{"key_piece":"0xbbd24e976c403fac","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 11 Jun 2024 13:32:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=7168, tp=-1, tpl=-1, uplat=72, ullat=0
pragma: no-cache
x-fb-debug: tmxYUqvXdGbTNJNHt3S6yF28jOAHCyO+27bw7fw+hZO+ZjeevGJ3yTSvjRuwQlj60ueEtn6yHrh5yn1JX2b2uA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
926 B 98ms
64ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4b6edf37-7734-477d-bbbe-01f0da81bba1
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4b6edf37-7734-477d-bbbe-01f0da81bba1
last-modified: Tue, 11 Jun 2024 13:32:23 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-mtbpb
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8921f785ac2dac28-YYZ

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 36ms
36ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=879690196786657&ev=PageView&dl=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2Bprofile%2Bemail%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D_removed_&rl=&if=false&ts=1718112743293&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718112743066.604805794682992600&ler=empty&cdl=API_unavailable&it=1718112742693&coo=false&up_url=x-client-ver&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4361, tp=10, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 11 Jun 2024 13:32:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 119ms
119ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=879690196786657&ev=PageView&dl=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2Bprofile%2Bemail%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D_removed_&rl=&if=false&ts=1718112743293&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718112743066.604805794682992600&ler=empty&cdl=API_unavailable&it=1718112742693&coo=false&up_url=x-client-ver&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x31334694c93d364d","source_keys":["1","2"]},{"key_piece":"0x215d1ba2e41c03ba","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 11 Jun 2024 13:32:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=23, mss=1232, tbw=4729, tp=13, tpl=0, uplat=82, ullat=0
pragma: no-cache
x-fb-debug: 2BtMeVCeF9D26TUsITBVFFx7KiGp2gFFmVdCYdvq19Uj08mw2m5UDZVm9MFsOGy4E4FnfBG8u6POPmX2ImjUew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ppms.js Show response
www.rumiview.com/ 72 KB
24 KB 57ms
57ms Script
application/javascript 212.69.158.198
DATABANK-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rumiview.com/ppms.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.69.158.198 , United States, ASN13767 (DATABANK-DFW, US),

Reverse DNS

212-69-158-198.databank.com

Software

Resource Hash

559e729c20a906611c1cc59ed46bb970176f0f4fd7ac153700baaef221c076cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Apr 2022 08:51:54 GMT
etag: W/"6253ec2a-11e9b"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
expires: Tue, 11 Jun 2024 19:32:23 GMT

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
278 B 205ms
91ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://signin.aws.org
Date: Tue, 11 Jun 2024 13:32:23 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK ppms.php
www.rumiview.com/ 43 B
168 B 84ms
83ms Image
image/gif 212.69.158.198
DATABANK-DFW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rumiview.com/ppms.php?action_name=Member%20Log%20in&idsite=b8b3dc6d-bcc4-43f1-a454-5eeba85fd198&rec=1&r=358258&h=3&m=32&s=23&url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%20profile%20email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0&_id=f649f47cc0135e16&_idts=1718112743&_idvc=1&_idn=0&_viewts=1718112743&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=213&pv_id=GGs9Ff
Requested by: Host: signin.aws.org
URL: https://signin.aws.org/oauth2/default/v1/authorize?client_id=0oa9owvgzafo3rhRb696&redirect_uri=https%3A%2F%2Fmy.aws.org%2Fservice&response_type=code&scope=openid%20profile%20email&code_challenge=su43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw&response_mode=form_post&nonce=638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1&x-client-SKU=ID_NET461&x-client-ver=6.16.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.69.158.198 , United States, ASN13767 (DATABANK-DFW, US),
Reverse DNS: 212-69-158-198.databank.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:23 GMT
content-encoding: none
content-length: 43
content-type: image/gif

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 144ms
72ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3488273811&v=1.1&a=7723471&pu=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0&t=Member+Log+in&cts=1718112743717&vi=5109a62a62ac5226320c14617239dd2f&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:32:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3f83ab1f-e5de-46e5-ad70-ce362a7f5199
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3f83ab1f-e5de-46e5-ad70-ce362a7f5199
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CiCDckYzLwWhK%2BVr9eugtBmEl4NZbA%2FcgNuveNgXPsF4twDKzRL9fyO94V8mq112JSl1wOf97wyn01kwAfeVBG16GG8zJHvWbpy2J0%2FaRGQ67JSpsCUe9MePMr%2BTK5CxjtMTSQdXiqHUeCHSCumT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-wmbn8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8921f788cf8e4bd3-BUF
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=73D1CDDB37DE414FA1887FF0CEAD61FF&RedC=c.clarity.ms&MXFR=0CBD2E0FF7BB6971251D3A94F3BB676D
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=73D1CDDB37DE414FA1887FF0CEAD61FF&MUID=18DCA89166A062C21B37BC0A67746308

42 B
442 B

40ms
40ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=73D1CDDB37DE414FA1887FF0CEAD61FF&MUID=18DCA89166A062C21B37BC0A67746308
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
last-modified: Fri, 01 Mar 2024 22:53:54 GMT
server: Microsoft-IIS/10.0
etag: "32434d562b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 11 Jun 2024 13:32:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DB1575C97AB6438193FFCAA0F13645FE Ref B: NYCEDGE1315 Ref C: 2024-06-11T13:32:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=73D1CDDB37DE414FA1887FF0CEAD61FF&MUID=18DCA89166A062C21B37BC0A67746308
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 rt=ifr
bcp.crwdcntrl.net/5/c=12671/rand=477916191/pv=y/seg=22.7.27/seg=22.10.1/seg=22.10.2/seg=22.10.3/seg=22.10.5/seg=22.10.8/seg=22.10.9/seg=22.10.11/seg=22.10.12/seg=22.10.15/seg=22.10.16/seg=22.10.17/... Frame 3951 0
0 128ms
54ms Document
text/html 52.206.197.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=12671/rand=477916191/pv=y/seg=22.7.27/seg=22.10.1/seg=22.10.2/seg=22.10.3/seg=22.10.5/seg=22.10.8/seg=22.10.9/seg=22.10.11/seg=22.10.12/seg=22.10.15/seg=22.10.16/seg=22.10.17/seg=22.10.18/seg=22.10.19/seg=22.10.20/seg=22.10.21/seg=22.10.22/seg=22.10.23/seg=22.10.24/seg=22.16.6/seg=AWS/int=%23OpR%2382957%23signin.aws.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23signin.aws.org%20%3A%20Site%20Section%20%3A%20oauth2/int=%23OpR%2382959%23signin.aws.org%20%3A%20Site%20Section%20%3A%20oauth2%20%3A%20default/int=%23OpR%2382960%23signin.aws.org%20%3A%20Site%20Section%20%3A%20oauth2%20%3A%20default%20%3A%20v/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12671/cc.js?ns=_cc12671
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.197.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-197-203.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 1368
content-type: text/html;charset=utf-8
date: Tue, 11 Jun 2024 13:32:23 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.1.83

OPTIONS
H2 200 unip
trc-events.taboola.com/1609343/log/3/ Frame 0
0 106ms
29ms Preflight 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1609343/log/3/unip?en=pre_d_eng_tb&tos=1562&scd=0&ssd=1&est=1718112742353&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1718112743916&vi=1718112742350&ri=4c87f92ff0ee51bb39068a237390915a&sd=v2_ac867c15d1a5f857d802d50eefbd56b8_7494d13e-1f9a-4319-834e-908eefd8d82b-tuctd61d766_1718112742_1718112742_CNawjgYQ_5xiGM7X_7uAMiABKAEw4QE4kaQOQPzYD0iX3dsDUMUFWABgAGimm8nt3fu7tQNwAQ&ui=7494d13e-1f9a-4319-834e-908eefd8d82b-tuctd61d766&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://signin.aws.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://signin.aws.org
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Tue, 11 Jun 2024 13:32:24 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 204 unip Show response
trc-events.taboola.com/1609343/log/3/ 0
631 B 88ms
29ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1609343/log/3/unip?en=pre_d_eng_tb&tos=1562&scd=0&ssd=1&est=1718112742353&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1718112743916&vi=1718112742350&ri=4c87f92ff0ee51bb39068a237390915a&sd=v2_ac867c15d1a5f857d802d50eefbd56b8_7494d13e-1f9a-4319-834e-908eefd8d82b-tuctd61d766_1718112742_1718112742_CNawjgYQ_5xiGM7X_7uAMiABKAEw4QE4kaQOQPzYD0iX3dsDUMUFWABgAGimm8nt3fu7tQNwAQ&ui=7494d13e-1f9a-4319-834e-908eefd8d82b-tuctd61d766&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fsignin.aws.org%2Foauth2%2Fdefault%2Fv1%2Fauthorize%3Fclient_id%3D0oa9owvgzafo3rhRb696%26redirect_uri%3Dhttps%253A%252F%252Fmy.aws.org%252Fservice%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26code_challenge%3Dsu43QC6KqOfiK5rwvIxICRKBGgY2dQ1yeVA-LXmx0n0%26code_challenge_method%3DS256%26state%3DOpenIdConnect.AuthenticationProperties%253DzqHKDf69_C6EZBjd1ZhkrroCRxABDHbauhaOre_eRDOc2J51TB6_3FH56tj15PuObcuoiZzMHtg5r9vkNMEzXddlbrKwHjDfOHJutKXTZdWcHgC2hmehwZr5sRNhmrtRZlzk-lck67hlpE8bxI_NvGJxqWgKUHlgbgrtEeAE0y6_XZxSG1gRmHBNdMca4F5MaF1Zyu5TJThWJ71YrusEYl3a-xOz__kuP2heLYv4hB9kKXCZZ-9gEHVTouhgqhBw7yuepoBmtEVksoSFktedyw%26response_mode%3Dform_post%26nonce%3D638537095413535114.NGFhZDZjMDUtYWZhZC00ODE4LTgzMzYtMDVkODA2ZjNiMTllNDcxYzJhOGMtNGY3MC00M2NhLWFkOWEtYmVjZTgzZGJmZjg1%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.16.0.0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1609343/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Attribution-Reporting-Eligible: trigger
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://signin.aws.org
pragma: no-cache
date: Tue, 11 Jun 2024 13:32:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 fileStoreRecord
ok14static.oktacdn.com/bc/image/ 11 KB
13 KB 41ms
41ms Other
image/png 18.67.76.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/bc/image/fileStoreRecord?id=fs08tjdhptKUTiaPO697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS