34.202.146.220 Open in urlscan Pro
34.202.146.220 Public Scan

URL:
https://34.202.146.220/wellness
Submission: On July 13 via api (July 13th 2021, 7:51:10 am UTC) from DE

Summary HTTP 109 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 25 domains to perform 109 HTTP transactions. The main IP is 34.202.146.220, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 34.202.146.220.
TLS certificate: Issued by Amazon on May 28th 2021. Valid for: a year.

This is the only time 34.202.146.220 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	34.202.146.220 34.202.146.220	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:219... 2600:9000:2190:9e00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1 3	13.224.99.14 13.224.99.14	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:219... 2600:9000:2190:c00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2.16.186.72 2.16.186.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	13.224.99.79 13.224.99.79	16509 (AMAZON-02) (AMAZON-02)
1 5	2a02:26f0:6c0... 2a02:26f0:6c00:293::2c0c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::714 2a04:4e42:3::714	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	54.72.150.57 54.72.150.57	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:dc00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.99.9 13.224.99.9	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	54.158.243.4 54.158.243.4	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	54.171.251.161 54.171.251.161	16509 (AMAZON-02) (AMAZON-02)
1 1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
2	3.226.4.134 3.226.4.134	14618 (AMAZON-AES) (AMAZON-AES)
109	41

20 34.202.146.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-146-220.compute-1.amazonaws.com

34.202.146.220	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:9e00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.99.14 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-14.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2190:c00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.16.186.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-72.deploy.static.akamaitechnologies.com

abcnewsplayer-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.224.99.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-79.zrh50.r.cloudfront.net

s.abcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:293::2c0c (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.registerdisney.go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.unid.go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.150.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-150-57.eu-west-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:dc00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ka4w78h0iorfodefuf99lcadeez8t1626162652.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-9.zrh50.r.cloudfront.net

abcnews.go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

65c8accaa7fd35e07ae7723df2939a13.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

sw88.go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

amp.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.243.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-243-4.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.251.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-251-161.eu-west-1.compute.amazonaws.com

global.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.226.4.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-4-134.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	akamaihd.net abcnewsplayer-a.akamaihd.net	366 KB
8	go.com 2 redirects cdn.registerdisney.go.com tredir.go.com Failed abcnews.go.com sw88.go.com cdn.unid.go.com	449 KB
7	googlesyndication.com 65c8accaa7fd35e07ae7723df2939a13.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	49 KB
7	abcnews.com s.abcnews.com	282 KB
7	imrworldwide.com cdn-gl.imrworldwide.com secure-dcr.imrworldwide.com ka4w78h0iorfodefuf99lcadeez8t1626162652.nuid.imrworldwide.com global.imrworldwide.com	66 KB
6	google.com www.google.com adservice.google.com	21 KB
4	facebook.com 1 redirects www.facebook.com an.facebook.com Failed	699 B
4	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	117 KB
3	gstatic.com www.gstatic.com	291 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	33 KB
2	thrtle.com thrtle.com
2	exelator.com 1 redirects loadus.exelator.com load77.exelator.com	716 B
2	googleapis.com imasdk.googleapis.com	305 KB
2	akamaized.net amp.akamaized.net	638 B
2	google.de www.google.de adservice.google.de	273 B
2	facebook.net connect.facebook.net	99 KB
2	googletagmanager.com www.googletagmanager.com	69 KB
1	chartbeat.net ping.chartbeat.net	201 B
1	2mdn.net s0.2mdn.net	17 KB
1	bluekai.com stags.bluekai.com	338 B
1	bkrtx.com tags.bkrtx.com	16 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagservices.com www.googletagservices.com	24 KB
0	goodmorningamerica.com Failed www.goodmorningamerica.com Failed
109	25

	Domain	Requested by
13	abcnewsplayer-a.akamaihd.net	34.202.146.220 abcnewsplayer-a.akamaihd.net
7	s.abcnews.com	34.202.146.220
5	www.google.com	34.202.146.220 cdn.registerdisney.go.com www.gstatic.com tpc.googlesyndication.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net srcdoc tpc.googlesyndication.com
4	www.facebook.com	1 redirects 34.202.146.220
3	www.gstatic.com	www.google.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	cdn.registerdisney.go.com	34.202.146.220 cdn.registerdisney.go.com
3	cdn-gl.imrworldwide.com	34.202.146.220 cdn-gl.imrworldwide.com
3	sb.scorecardresearch.com	1 redirects 34.202.146.220
2	thrtle.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	imasdk.googleapis.com	abcnewsplayer-a.akamaihd.net imasdk.googleapis.com
2	amp.akamaized.net	abcnewsplayer-a.akamaihd.net
2	cdn.unid.go.com	1 redirects 34.202.146.220
2	sw88.go.com	1 redirects 34.202.146.220
2	secure-dcr.imrworldwide.com	34.202.146.220
2	connect.facebook.net	34.202.146.220 connect.facebook.net
2	static.chartbeat.com	34.202.146.220 abcnewsplayer-a.akamaihd.net
2	www.googletagmanager.com	34.202.146.220 www.googletagmanager.com
1	load77.exelator.com
1	loadus.exelator.com	1 redirects
1	global.imrworldwide.com
1	ping.chartbeat.net
1	s0.2mdn.net	imasdk.googleapis.com
1	stags.bluekai.com	tags.bkrtx.com
1	65c8accaa7fd35e07ae7723df2939a13.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	34.202.146.220
1	googleads.g.doubleclick.net	www.googleadservices.com
1	abcnews.go.com	34.202.146.220
1	tags.bkrtx.com	34.202.146.220
1	ka4w78h0iorfodefuf99lcadeez8t1626162652.nuid.imrworldwide.com	34.202.146.220
1	www.googleadservices.com	www.googletagmanager.com
1	mab.chartbeat.com	static.chartbeat.com
1	www.googletagservices.com	34.202.146.220
0	an.facebook.com Failed	s.abcnews.com
0	tredir.go.com Failed	34.202.146.220
0	www.goodmorningamerica.com Failed	34.202.146.220
109	40

This site contains links to these domains. Also see Links.

Domain
privacy.thewaltdisneycompany.com
preferences-mgr.truste.com
disneytermsofuse.com
abcnews.go.com
www.goodmorningamerica.com
disneyadsales.com
www.nielsen.com
abcnewspr.tumblr.com
abc.go.com

Subject Issuer	Validity	Valid
goodmorningamerica.com Amazon	`2021-05-28` - `2022-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
s.abcnews.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
cdn.registerdisney.go.com Entrust Certification Authority - L1K	`2021-02-15` - `2022-02-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
abcnews.go.com Amazon	`2021-01-23` - `2022-02-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
sw88.go.com DigiCert SHA2 High Assurance Server CA	`2020-10-28` - `2021-11-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
1605158521.rsc.cdn77.org R3	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2021-03-22` - `2022-04-23`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://34.202.146.220/wellness
Frame ID: 2FBF44CF138DDBF4ACC624DA60D0FAD6
Requests: 89 HTTP requests in this frame

Frame: https://cdn.registerdisney.go.com/v2/DATG-GOODMORNINGAMERICAWEB.WEB-PROD/en-US?include=config,l10n,js,html&?clientID=DATG-GOODMORNINGAMERICAWEB.WEBscheme=https&postMessageOrigin=https%3A%2F%2F34.202.146.220%2Fwellness&cookieDomain=34.202.146.220&config=PROD&logLevel=INFO&topHost=34.202.146.220&cssOverride=https%3A%2F%2F34.202.146.220%2Fstatic%2FgmaVue%2Fcss%2FoneId.css&debug=true&responderPage=https%3A%2F%2F34.202.146.220%2Fresponder&buildId=17a34f71434
Frame ID: 0E69B6E3E336A4CC2411959A9F8F139D
Requests: 3 HTTP requests in this frame

Frame: https://34.202.146.220/responder?clientId=DATG-GOODMORNINGAMERICAWEB.WEB-PROD&scheme=https&postMessageOrigin=https%3A%2F%2F34.202.146.220%2Fwellness&cookieDomain=34.202.146.220&config=PROD&logLevel=INFO&topHost=34.202.146.220&langPref=en-US&cssOverride=https%3A%2F%2F34.202.146.220%2Fstatic%2FgmaVue%2Fcss%2FoneId.css&debug=true&responderPage=https%3A%2F%2F34.202.146.220%2Fresponder&buildId=17a34f71434
Frame ID: 37676D1E98C04AE3C881511E8DBCBE18
Requests: 2 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 26F647D8FEE42544BDFD99D9D7291648
Requests: 6 HTTP requests in this frame

Frame: https://65c8accaa7fd35e07ae7723df2939a13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F1E4F460B87FAC403839762E6C823278
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcizusZAAAAACBo-w1Uk2QWn8sPnvz-FX-1mObe&co=aHR0cHM6Ly9jZG4ucmVnaXN0ZXJkaXNuZXkuZ28uY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=s6s9yrj67u6x
Frame ID: F5156CC76069D79AE2837FD05E09E8CB
Requests: 4 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/25193?ret=html&phint=prop4%3D&phint=prop5%3DIndex&phint=prop15%3DREDACTED&phint=eVar2%3Dfalse&phint=eVar20%3D&phint=channel%3D&phint=__bk_t%3DHealthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&phint=__bk_k%3DGMA&phint=__bk_l%3DREDACTED&phint=__bk_v%3D3.1.10&phint=__bk_rd%3D4&limit=10&r=66259040
Frame ID: 5D9D0EA2573AF57DFF4A679508DBB908
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.2_en.html
Frame ID: 57407C1CC9C9AE6C771646E64F591692
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8B4B281D07E9472FB0DA75129789631C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 96B517006AB7BA4CF16C28F34A8E206A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D4410FFC626D3CB534C49B9593C796B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

109
Requests

73 %
HTTPS

63 %
IPv6

25
Domains

40
Subdomains

41
IPs

4
Countries

2867 kB
Transfer

9119 kB
Size

12
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://privacy.thewaltdisneycompany.com/en/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy.thewaltdisneycompany.com/en/current-privacy-policy/your-california-privacy-rights/
Title: Your CA Privacy Rights

Search URL Search Domain Scan URL

URL: https://privacy.thewaltdisneycompany.com/en/for-parents/childrens-online-privacy-policy/
Title: Children's Online Privacy Policy

Search URL Search Domain Scan URL

URL: http://preferences-mgr.truste.com/?type=abcnews&affiliateid=11
Title: Interest-Based Ads

Search URL Search Domain Scan URL

URL: https://disneytermsofuse.com/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://privacy.thewaltdisneycompany.com/en/dnsmi/
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: http://abcnews.go.com/site/page?id=3068843
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.goodmorningamerica.com/news/story/check-latest-gma-contest-campaigns-54593523
Title: Contests

Search URL Search Domain Scan URL

URL: https://disneyadsales.com/our-brands/abc-news/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: http://preferences-mgr.truste.com/?type=abcnews&affiliateId=11
Title: Interest-Based Ads

Search URL Search Domain Scan URL

URL: https://www.nielsen.com/digitalprivacy
Title: About Nielsen Measurement

Search URL Search Domain Scan URL

URL: https://abcnewspr.tumblr.com/
Title: Press

Search URL Search Domain Scan URL

URL: http://abcnews.go.com/Site/page?id=3068843
Title: Feedback

Search URL Search Domain Scan URL

URL: http://abcnews.go.com/
Title: ABC News

Search URL Search Domain Scan URL

URL: http://abc.go.com/
Title: ABC

Search URL Search Domain Scan URL

URL: https://www.goodmorningamerica.com/sitemap.xml
Title: Sitemap

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://sb.scorecardresearch.com/b?c1=2&c2=15382676&ns__t=1626162652292&ns_c=UTF-8&cv=3.5&c8=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&c7=https%3A%2F%2F34.202.146.220%2Fwellness&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=15382676&ns__t=1626162652292&ns_c=UTF-8&cv=3.5&c8=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&c7=https%3A%2F%2F34.202.146.220%2Fwellness&c9=

Request Chain 43

https://www.facebook.com/tr/?id=628013377545201&ev=ViewContent&dl=https%3A%2F%2F34.202.146.220%2Fwellness&rl=&if=false&ts=1626162652474&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&it=1626162652282&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2F34.202.146.220%2Fwellness&ec=1&ev=ViewContent&id=628013377545201&if=false&it=1626162652282&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1626162652474&v=2.9.43

Request Chain 67

https://sw88.go.com/b/ss/wdgnewwdgnewgmaweb/1/JS-2.22.0/s02179196081247?AQB=1&ndh=1&pf=1&t=13%2F6%2F2021%209%3A50%3A52%202%20-120&fid=7DD89A5722DB463A-2C0363020372B704&ce=UTF-8&ns=gma&pageName=https%3A%2F%2F34.202.146.220%2Fwellness&g=https%3A%2F%2F34.202.146.220%2Fwellness&events=event2&c1=GMA&c2=Guest%20%7C%20&v2=Guest%20%7C%20&c3=WDGNEWWDGNEWGMAWEB&v3=WDGNEWWDGNEWGMAWEB&c5=Index&c6=ABC%20News%20%2F%20GMA&c12=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&v12=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&c15=https%3A%2F%2F34.202.146.220%2Fwellness&v15=https%3A%2F%2F34.202.146.220%2Fwellness&c16=https%3A%2F%2F34.202.146.220%2Fwellness&v16=https%3A%2F%2F34.202.146.220%2Fwellness&c18=New&c20=DESKTOP&c23=GMA&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://sw88.go.com/b/ss/wdgnewwdgnewgmaweb/1/JS-2.22.0/s02179196081247?AQB=1&pccr=true&vidn=3076A2EEF25DD5DF-60000A20750FB6E4&ndh=1&pf=1&t=13%2F6%2F2021%209%3A50%3A52%202%20-120&fid=7DD89A5722DB463A-2C0363020372B704&ce=UTF-8&ns=gma&pageName=https%3A%2F%2F34.202.146.220%2Fwellness&g=https%3A%2F%2F34.202.146.220%2Fwellness&events=event2&c1=GMA&c2=Guest%20%7C%20&v2=Guest%20%7C%20&c3=WDGNEWWDGNEWGMAWEB&v3=WDGNEWWDGNEWGMAWEB&c5=Index&c6=ABC%20News%20%2F%20GMA&c12=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&v12=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&c15=https%3A%2F%2F34.202.146.220%2Fwellness&v15=https%3A%2F%2F34.202.146.220%2Fwellness&c16=https%3A%2F%2F34.202.146.220%2Fwellness&v16=https%3A%2F%2F34.202.146.220%2Fwellness&c18=New&c20=DESKTOP&c23=GMA&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Request Chain 71

https://cdn.unid.go.com/js/unid.min.js HTTP 302
https://cdn.unid.go.com/denied/unid.denied.js

Request Chain 107

https://loadus.exelator.com/getid?p=1480&g=1&j=0&asid=PD6675FA3-CCCD-496D-AC9A-FC7EAAC714E3 HTTP 302
https://load77.exelator.com/pixel.gif

109 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wellness Show response
34.202.146.220/ 9 KB
3 KB 311ms
105ms Document
text/html 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: d1c816ee5b3a8e27baa22fce7518abe51af4108d2b95d5ff4e99244ad6c8656c

Request headers

:method: GET
:authority: 34.202.146.220
:scheme: https
:path: /wellness
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:51 GMT
content-type: text/html;charset=UTF-8
set-cookie: AWSALB=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/ AWSALBCORS=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/; SameSite=None; Secure
server: nginx/1.12.1
vary: Origin
cache-control: public, s-maxage=60, max-age=60
content-encoding: gzip

GET
H2 200 manifest.536fdcf12891db5ac3f4.js Show response
34.202.146.220/static/gmaVue/js/ 3 KB
2 KB 104ms
102ms Script
application/javascript 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/gmaVue/js/manifest.536fdcf12891db5ac3f4.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 7e25751afa236a0546e54720d5a1f39fb4e6ee383af2d0fb120e03421d67e389

Request headers

:path: /static/gmaVue/js/manifest.536fdcf12891db5ac3f4.js
pragma: no-cache
cookie: AWSALB=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn; AWSALBCORS=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:51 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: W/"60d45b04-c42"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=hOFuE43SddbsTETL9KSd1ZQOPRJbtdkxORJBPTXp5nR/LmUBhA7wwp8UqMeeh7khsvMl/yikS1qrCU3+PrRnLbWAxgGiaLjh7j9F59d6sJHQJOfV7nAzy0Thw2VT; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/ AWSALBCORS=hOFuE43SddbsTETL9KSd1ZQOPRJbtdkxORJBPTXp5nR/LmUBhA7wwp8UqMeeh7khsvMl/yikS1qrCU3+PrRnLbWAxgGiaLjh7j9F59d6sJHQJOfV7nAzy0Thw2VT; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/; SameSite=None; Secure
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js Show response
34.202.146.220/static/gmaVue/js/ 219 KB
82 KB 110ms
108ms Script
application/javascript 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 2b85155f16582fa8784c33fe907acb35a2d5e3b4aece94e6be2b5eca5081f901

Request headers

:path: /static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
pragma: no-cache
cookie: AWSALB=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn; AWSALBCORS=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:51 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: W/"60d45b04-36a2a"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=CbgQIfCwU9Li7RTTcuMOg7ypK0cz5QorXUXPug1s9eSUWE3GIqmSjBNFvYVBE9gimpJ4VJffKIKFJxE+tzwZkdyMVJIWZGABiRenYZYtetHSfN2TUk6YD3J+B22X; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/ AWSALBCORS=CbgQIfCwU9Li7RTTcuMOg7ypK0cz5QorXUXPug1s9eSUWE3GIqmSjBNFvYVBE9gimpJ4VJffKIKFJxE+tzwZkdyMVJIWZGABiRenYZYtetHSfN2TUk6YD3J+B22X; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/; SameSite=None; Secure
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors~app.6d7bb66528e3bbc9cfe1.js Show response
34.202.146.220/static/gmaVue/js/ 109 KB
33 KB 351ms
350ms Script
application/javascript 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/gmaVue/js/vendors~app.6d7bb66528e3bbc9cfe1.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a2461a68ef27e630942b976d6368fd7b60d50abad81285eacc4a383619674f02

Request headers

:path: /static/gmaVue/js/vendors~app.6d7bb66528e3bbc9cfe1.js
pragma: no-cache
cookie: AWSALB=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn; AWSALBCORS=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:51 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: W/"60d45b04-1b340"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=n6s2FX6nEzoVz+7jpkhRv7zYWrBTmoLbOF+0PWOjA470O/fK33R/+GstgTKQwZWnpEcbqRm9oiVBfmmzv3HPYjSZNbObBtK/sGqt6Q61MXfh2fCXO6ya+Q9D0qmU; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/ AWSALBCORS=n6s2FX6nEzoVz+7jpkhRv7zYWrBTmoLbOF+0PWOjA470O/fK33R/+GstgTKQwZWnpEcbqRm9oiVBfmmzv3HPYjSZNbObBtK/sGqt6Q61MXfh2fCXO6ya+Q9D0qmU; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/; SameSite=None; Secure
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.a5e717a2916304ebef81.js Show response
34.202.146.220/static/gmaVue/js/ 409 KB
104 KB 194ms
193ms Script
application/javascript 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/gmaVue/js/app.a5e717a2916304ebef81.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 21abdc6b09e132530557ccb094f848a42034c37fca1ddd080ee62f2c106ffeeb

Request headers

:path: /static/gmaVue/js/app.a5e717a2916304ebef81.js
pragma: no-cache
cookie: AWSALB=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn; AWSALBCORS=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:51 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: W/"60d45b04-66243"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=c7xci6v9JSzsJ/We1NuvIDboJBHFbOEgO8xesfCXIs33VaXbxxE7Mj3VsMks3olO4zQl5DxbA+3ICP0mtIjVItmYFO4Jc58vwCoTx+tDD1CVHMrbNP4hkaD2iwxl; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/ AWSALBCORS=c7xci6v9JSzsJ/We1NuvIDboJBHFbOEgO8xesfCXIs33VaXbxxE7Mj3VsMks3olO4zQl5DxbA+3ICP0mtIjVItmYFO4Jc58vwCoTx+tDD1CVHMrbNP4hkaD2iwxl; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/; SameSite=None; Secure
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET TheinhardtRegular-Regular.woff2
www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Regular/ 0
0

GET TheinhardtRegular-Regular.woff
www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Regular/ 0
0

GET TheinhardtBold-Regular.woff2
www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Bold/ 0
0

GET TheinhardtBold-Regular.woff
www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Bold/ 0
0

GET TheinhardtLight-Regular.woff2
www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Light/ 0
0

GET TheinhardtLight-Regular.woff
www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Light/ 0
0

GET
H2 200 app.09bb9e476813235e749e.css
34.202.146.220/static/gmaVue/css/ 407 KB
72 KB 350ms
349ms Stylesheet
text/css 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/gmaVue/css/app.09bb9e476813235e749e.css
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 702b04dc37284fd4e3884ca1e0a3b98674e048d32ad954d90486c26d334e76d2

Request headers

:path: /static/gmaVue/css/app.09bb9e476813235e749e.css
pragma: no-cache
cookie: AWSALB=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn; AWSALBCORS=AEZwrUhjify7kdWFKoQbxY1LeVVyxE38TGeUpEQBUL1IjlOCiae/CNVojvvpKQHH4D0/6uOyLl1lHXL2h7xEaCtOtIrzQlyFzW97Shf6RvGHRrtLlTqGL3AcJ9cn
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:51 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: W/"60d45b04-65af7"
content-type: text/css
cache-control: max-age=315360000 public
set-cookie: AWSALB=hg5hqQNssljku9wHkeuAk5tK15eyhWyPeylixGw/mpD++ioP4XvLZ/c+Q6JrM2dUB7Xh+RV8zSED//UGjJLTmztkUpb1RcaVnntMIwHKH7un0rMB+wJWEDe/LwYH; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/ AWSALBCORS=hg5hqQNssljku9wHkeuAk5tK15eyhWyPeylixGw/mpD++ioP4XvLZ/c+Q6JrM2dUB7Xh+RV8zSED//UGjJLTmztkUpb1RcaVnntMIwHKH7un0rMB+wJWEDe/LwYH; Expires=Tue, 20 Jul 2021 07:50:51 GMT; Path=/; SameSite=None; Secure
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 68 KB
24 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23d7246bd7c762d681724c43573e6ae21ac9d8373dc950573650cad1098739d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "928 / 107 of 1000 / last-modified: 1626127699"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24100
x-xss-protection: 0
expires: Tue, 13 Jul 2021 07:50:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-4139589

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

780dfc714eef67c4041fd6ff8b617abbd7111d0cb84b7ee419c2c4f2bdd6282f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34787
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Jul 2021 07:50:52 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 41ms
12ms Script
application/x-javascript 2600:9000:2190:9e00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:48:32 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 15:47:37 GMT
server: nginx
age: 140
etag: W/"60e71e19-5a0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: gDQzqbr09ixb6Z0C-oivG3XA8-FkDfKM7ruA4UaciSSGP9aY2uqlJQ==
expires: Tue, 13 Jul 2021 09:48:32 GMT

GET
H2 200 1.8b9f352a20b8c283b119.js
34.202.146.220/static/gmaVue/js/ 0
19 KB 105ms
104ms Other
application/javascript 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/gmaVue/js/1.8b9f352a20b8c283b119.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: AWSALB=hg5hqQNssljku9wHkeuAk5tK15eyhWyPeylixGw/mpD++ioP4XvLZ/c+Q6JrM2dUB7Xh+RV8zSED//UGjJLTmztkUpb1RcaVnntMIwHKH7un0rMB+wJWEDe/LwYH; AWSALBCORS=hg5hqQNssljku9wHkeuAk5tK15eyhWyPeylixGw/mpD++ioP4XvLZ/c+Q6JrM2dUB7Xh+RV8zSED//UGjJLTmztkUpb1RcaVnntMIwHKH7un0rMB+wJWEDe/LwYH
:path: /static/gmaVue/js/1.8b9f352a20b8c283b119.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: W/"60d45b04-eb9c"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=SnJ4rLT+kJo7+FvfX07nBZSKPqc4KDLrdQZ8WkDkp+5kgxsZguCeT6ClXhHJYSxJVXImPqalR77CwmUqsnLtbnO40pQNyhNee8Jgly2vZi3E+8y5Klz20ACFY8z6; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=SnJ4rLT+kJo7+FvfX07nBZSKPqc4KDLrdQZ8WkDkp+5kgxsZguCeT6ClXhHJYSxJVXImPqalR77CwmUqsnLtbnO40pQNyhNee8Jgly2vZi3E+8y5Klz20ACFY8z6; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 omniture.fefa1e13f993d6f0dfbf.js
34.202.146.220/static/gmaVue/js/ 0
38 KB 108ms
107ms Other
application/javascript 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/gmaVue/js/omniture.fefa1e13f993d6f0dfbf.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: AWSALB=hg5hqQNssljku9wHkeuAk5tK15eyhWyPeylixGw/mpD++ioP4XvLZ/c+Q6JrM2dUB7Xh+RV8zSED//UGjJLTmztkUpb1RcaVnntMIwHKH7un0rMB+wJWEDe/LwYH; AWSALBCORS=hg5hqQNssljku9wHkeuAk5tK15eyhWyPeylixGw/mpD++ioP4XvLZ/c+Q6JrM2dUB7Xh+RV8zSED//UGjJLTmztkUpb1RcaVnntMIwHKH7un0rMB+wJWEDe/LwYH
:path: /static/gmaVue/js/omniture.fefa1e13f993d6f0dfbf.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: W/"60d45b04-1aa4d"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 125ms
41ms Script
application/javascript 13.224.99.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-14.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:25:52 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: AY-n0mA2o6IvtRSgp1qhnIby2vVxxY3-bIxdjBCYuDHXr-fBygfTGw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
25 KB 30ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: +r4SgSTMfSiESdvjyil8vj+xc5TmN5s+u+5OWEk0Hxnl+WG1XGe1Aq3e/yMe30dqcmo3BiD81698Ew/BNE4i+w==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 13 Jul 2021 07:50:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 PD6675FA3-CCCD-496D-AC9A-FC7EAAC714E3.js Show response
cdn-gl.imrworldwide.com/conf/ 29 KB
7 KB 44ms
12ms Script
application/javascript 2600:9000:2190:c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PD6675FA3-CCCD-496D-AC9A-FC7EAAC714E3.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ece762b8ee18837f9e48b0d7ad709cedb475610c41ca0d8ed9d6a4f61a62af6c

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4Z5q1jVYY54IRZrw8XChi8J7PbS9vndz
content-encoding: gzip
etag: W/"dd71428180290f5ed6e3ad93d0d0ce47"
last-modified: Mon, 12 Jul 2021 15:18:14 GMT
server: AmazonS3
age: 643
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Tue, 13 Jul 2021 07:40:10 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: rUxNmNU0BP_U8WhbCYSYTPMYn1FcX811-NkIebGxBO8x-o5mtb2-NA==

GET
H/1.1 200
OK amp.premier.min.js Show response
abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/ 530 KB
117 KB 156ms
79ms Script
application/x-javascript 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1b1fb74a730d7d57f1b3728be92d2f87f3d4f6424292614352916875b1f4b18a

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:52 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "57e9fa92a12647bcd06c428e7976e4f7:1614892777.293705"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=59074
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding

GET
H2 200 FBAN_v2_4.js Show response
s.abcnews.com/assets/js/ 3 KB
1 KB 123ms
40ms Script
application/javascript 13.224.99.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.abcnews.com/assets/js/FBAN_v2_4.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-79.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b26cb850a6364a3149bb15761631a864776cc7f3b4b43ba0f7503467bb7160c5

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 24 Dec 2018 19:16:05 GMT
server: AmazonS3
age: 2051
etag: W/"86961ac869e2ca6cf6d1369018475718"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
date: Tue, 13 Jul 2021 07:45:34 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: vmWJ7WaPbDr8LqLVUCbN4slbRkUArZWpMbxFmqU6_01XNheVr-ehaA==
x-amz-meta-mtime: 1491852649

GET
H2 200 DisneyID.js Show response
cdn.registerdisney.go.com/v2/outer/ 266 KB
76 KB 24ms
6ms Script
application/javascript 2a02:26f0:6c00:293::2c0c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.registerdisney.go.com/v2/outer/DisneyID.js?clientID=DATG-GOODMORNINGAMERICAWEB.WEB
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:293::2c0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0bd792bd6a8737a6a9d48e5dec0e9e965c38952f466bc93e6fdd5311466e2a1e

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 18:24:28 GMT
etag: "31cc4582c2d7c39bb74a85311acf766f222957f9-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=900, must-revalidate, public
accept-ranges: bytes
content-length: 76989

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e17dfb533f166cb326da4032cb934cd694add5de7aa100f9aec6258051820105

Request headers

Origin: https://34.202.146.220
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 wellness Show response
34.202.146.220/v1/collection/index/ 737 KB
107 KB 169ms
168ms XHR
application/json 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/v1/collection/index/wellness
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: b43321f3a7184b4dce8f1b8a85d62bf6f61324520f6e1582e0d023fce742bb4f

Request headers

:path: /v1/collection/index/wellness
pragma: no-cache
cookie: AWSALB=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53; AWSALBCORS=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
server: nginx/1.12.1
etag: W/"gXDLpP0xs9MyUtB3yKmqsA=="
vary: Origin
content-type: application/json;charset=UTF-8
cache-control: public, s-maxage=60, max-age=60
set-cookie: AWSALB=k4Mv8R/nDc+yabzg8HNkXrSiUxnDw58k35jsmxMoT/IXB304mQo9fMJ1QiyAicJt75mogLyAGJkYNy2f8xYhuru9vcWu7yz4oxWr0Gi4az0g+mVmcNn8Fy4zS/xT; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=k4Mv8R/nDc+yabzg8HNkXrSiUxnDw58k35jsmxMoT/IXB304mQo9fMJ1QiyAicJt75mogLyAGJkYNy2f8xYhuru9vcWu7yz4oxWr0Gi4az0g+mVmcNn8Fy4zS/xT; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure

GET
H2 200 gma-global-navigation Show response
34.202.146.220/v1/vue/components/ 38 KB
9 KB 105ms
105ms XHR
application/json 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/v1/vue/components/gma-global-navigation
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e0aedaae70941a7d427a362d41e87cbfc760ea3cd8b129bc096b6e54b9f44b31

Request headers

:path: /v1/vue/components/gma-global-navigation
pragma: no-cache
cookie: AWSALB=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53; AWSALBCORS=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 07:50:52 GMT
server: nginx/1.12.1
vary: Origin
content-type: application/json;charset=UTF-8
cache-control: public, s-maxage=600, max-age=600
set-cookie: AWSALB=dtN3NluRRyoJ2nzjhUouvTfZYQvfI2iMExuq/rOxL34NbL+4y4LKEb6F4YEw4ZN4ohYdWiqFnoz9gJpG9Vir+5z2TCoQbfBXSpK/q/1bxNHGBL/gufi17uYD70gz; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=dtN3NluRRyoJ2nzjhUouvTfZYQvfI2iMExuq/rOxL34NbL+4y4LKEb6F4YEw4ZN4ohYdWiqFnoz9gJpG9Vir+5z2TCoQbfBXSpK/q/1bxNHGBL/gufi17uYD70gz; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure
expires: 600

GET
H2 200 gma-global-banner Show response
34.202.146.220/v1/vue/components/ 315 B
763 B 105ms
105ms XHR
application/json 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/v1/vue/components/gma-global-banner
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 6981cd7233abb47965d2f4676aa914a9ce425a48992aa7f40080e19f08b38edb

Request headers

:path: /v1/vue/components/gma-global-banner
pragma: no-cache
cookie: AWSALB=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53; AWSALBCORS=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 11:35:34 GMT
server: nginx/1.12.1
vary: Origin
content-type: application/json;charset=UTF-8
cache-control: public, s-maxage=600, max-age=600
set-cookie: AWSALB=jOgxwtQX7zBZuK65td+Mt70CudJv7ekoj3qm71urhZ5BVjy2M/XTIqtU3leX8p7aIgxzALqr+XLIhhMevgoN6oLJCdENpCpnCFwwqeAr8SluKhk4J45Hyf9HTvmC; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=jOgxwtQX7zBZuK65td+Mt70CudJv7ekoj3qm71urhZ5BVjy2M/XTIqtU3leX8p7aIgxzALqr+XLIhhMevgoN6oLJCdENpCpnCFwwqeAr8SluKhk4J45Hyf9HTvmC; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure

GET
H2 200 gma-global-footer Show response
34.202.146.220/v1/vue/components/ 2 KB
1 KB 105ms
105ms XHR
application/json 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/v1/vue/components/gma-global-footer
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: d3ccb9b4e53fff0d7d4e8c4886e8bde12c05e34da883ba1b009e8f110d0894e5

Request headers

:path: /v1/vue/components/gma-global-footer
pragma: no-cache
cookie: AWSALB=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53; AWSALBCORS=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 07:50:52 GMT
server: nginx/1.12.1
vary: Origin
content-type: application/json;charset=UTF-8
cache-control: public, s-maxage=600, max-age=600
set-cookie: AWSALB=u9+dG1gQ9007UY58YFundmNmsqZHaEKv1+28c+yD9tQQxWWaSmTyjXyjZWosPQkr+1G7+Gr6lH2egyswymLBy7RgG5SSDLlQl4CbllJqISxADMIEgzUO35c72abe; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=u9+dG1gQ9007UY58YFundmNmsqZHaEKv1+28c+yD9tQQxWWaSmTyjXyjZWosPQkr+1G7+Gr6lH2egyswymLBy7RgG5SSDLlQl4CbllJqISxADMIEgzUO35c72abe; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure
expires: 600

GET GetDE
tredir.go.com/capmon/ 0
0

GET
H2 200 TheinhardtBold-Regular.woff2
34.202.146.220/static/assets/fonts/Theinhardt_Bold/ 28 KB
29 KB 104ms
103ms Font
application/octet-stream 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/assets/fonts/Theinhardt_Bold/TheinhardtBold-Regular.woff2
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/css/app.09bb9e476813235e749e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 11a7e41f82de9046f0929cdfade98552d0d38bf0f290f4b5c94a7a5944661b25

Request headers

sec-fetch-mode: cors
origin: https://34.202.146.220
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: AWSALB=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53; AWSALBCORS=9F3Xa4VfdasEm3o1VBJoaILzdDLIUqHe9k6dFrz6WbPnF1YVN6IKLmKLF/GHj22015fR9ZCbYv5nRKwdAYE2KQDRCLNVps/ZGKPiuGAh9tNJoKyCl2W9chmlJn53
:path: /static/assets/fonts/Theinhardt_Bold/TheinhardtBold-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 34.202.146.220
referer: https://34.202.146.220/static/gmaVue/css/app.09bb9e476813235e749e.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://34.202.146.220
Referer: https://34.202.146.220/static/gmaVue/css/app.09bb9e476813235e749e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:52 GMT
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: "60d45b04-71fc"
content-type: application/octet-stream
cache-control: max-age=315360000 public
set-cookie: AWSALB=JXnObB+71IxWGnz+w6HHZ26S0TyGOixO8XnVCyMIOrY4rrG02VUqoG2Nr4aBWqnStPNKZzUdkJlp2Izvv/HjBCcRoHmjrCcFqhUVLlCGAZJIyRlRx0kH0MTyGzsN; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=JXnObB+71IxWGnz+w6HHZ26S0TyGOixO8XnVCyMIOrY4rrG02VUqoG2Nr4aBWqnStPNKZzUdkJlp2Izvv/HjBCcRoHmjrCcFqhUVLlCGAZJIyRlRx0kH0MTyGzsN; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 29180
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pubads_impl_2021070701.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 104ms
37ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

b63d3a021bc40338676b7587fc61214da3ab273779ffa0a97b1a94921f655734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Jul 2021 08:38:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117051
x-xss-protection: 0
expires: Tue, 13 Jul 2021 07:50:52 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
706 B 103ms
38ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=34.202.146.220

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

fdca261ee1cb374c70309800109c539fe5af6ca496eef062b5fd851abf8626d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49
x-xss-protection: 0
expires: Tue, 13 Jul 2021 07:50:52 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 192 KB
54 KB 15ms
14ms Script
application/javascript 2600:9000:2190:c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PD6675FA3-CCCD-496D-AC9A-FC7EAAC714E3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .6i.Bs5E9x1m.2d09i7OXpREHjKip94r
content-encoding: gzip
etag: W/"bd1ffd9a8dc416cfddcde665f3111e22"
last-modified: Tue, 06 Jul 2021 14:06:25 GMT
server: AmazonS3
age: 2659
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 13 Jul 2021 07:06:33 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: pxAfNHvN2512JrYs9sPTvgFKMwH9ZS9sZYZunD_UFtLeeLPoXuZtWg==

GET
H3-29 200 628013377545201 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/628013377545201?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5529cef0c1adda6f0aee55d1abdce3b7062ae03dbfce613c2b82829fc1dbbbb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76077
x-xss-protection: 0
pragma: public
x-fb-debug: 2ypZw1jTOqL0t5iZlnbHLd2xTInFeb27dbsWeVxg34TybIV3bwS3/Yzxr7RK/VcaiuIQq6+Ae83dBAlXdoZ7/A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-frame-options: DENY
date: Tue, 13 Jul 2021 07:50:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=15382676&ns__t=1626162652292&ns_c=UTF-8&cv=3.5&c8=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&c7=https%3A%2F%2F34.202.146.220%...
https://sb.scorecardresearch.com/b2?c1=2&c2=15382676&ns__t=1626162652292&ns_c=UTF-8&cv=3.5&c8=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&c7=https%3A%2F%2F34.202.146.220...

64 B
331 B

51ms
51ms

Image
image/gif

13.224.99.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=15382676&ns__t=1626162652292&ns_c=UTF-8&cv=3.5&c8=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&c7=https%3A%2F%2F34.202.146.220%2Fwellness&c9=
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-14.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: b3CKnl3NwR4kYOAFrEKQuk-VPdLyCJBUgGxrEQ-V8gaDxA1O7Jpd-g==

Redirect headers

date: Tue, 13 Jul 2021 07:50:52 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=15382676&ns__t=1626162652292&ns_c=UTF-8&cv=3.5&c8=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&c7=https%3A%2F%2F34.202.146.220%2Fwellness&c9=
content-length: 234
x-amz-cf-id: PzNobETXEHx8bxnfV0SmF5SNmD40P3Zd8dxGlJEJMMVEsz44XQ1kDQ==

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 175 B
501 B 121ms
105ms XHR
application/json 2a04:4e42:3::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=goodmorningamerica.com&domain=34.202.146.220&path=%2Fwellness
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9801373a6bbfc6a748fa392e749c70434962edd65913f068f302061cd8db9c84

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 148
x-served-by: cache-fra19180-FRA
access-control-allow-origin: *
x-timer: S1626162652.309642,VS0,VE99
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 11 Jul 2021 07:50:52 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 20ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1010108458&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4139589

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

482b1070ed8fee6e694d3100edbe25a077de63e0c1a9b3caad88158ad1b6a7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35918
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Jul 2021 07:50:52 GMT

GET
H2 200 78754188 Show response
34.202.146.220/v1/article/story/ 26 KB
5 KB 110ms
110ms XHR
application/json 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/v1/article/story/78754188
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 598781e4a053b14d9afaa888584a046bf907d17d194e2562333ece606f70ef85

Request headers

:path: /v1/article/story/78754188
pragma: no-cache
cookie: _cb_ls=1; _gcl_au=1.1.1706067711.1626162652; AWSALB=JXnObB+71IxWGnz+w6HHZ26S0TyGOixO8XnVCyMIOrY4rrG02VUqoG2Nr4aBWqnStPNKZzUdkJlp2Izvv/HjBCcRoHmjrCcFqhUVLlCGAZJIyRlRx0kH0MTyGzsN; AWSALBCORS=JXnObB+71IxWGnz+w6HHZ26S0TyGOixO8XnVCyMIOrY4rrG02VUqoG2Nr4aBWqnStPNKZzUdkJlp2Izvv/HjBCcRoHmjrCcFqhUVLlCGAZJIyRlRx0kH0MTyGzsN
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 09:19:07 GMT
server: nginx/1.12.1
vary: Origin
content-type: application/json;charset=UTF-8
cache-control: public, s-maxage=60, max-age=60
set-cookie: AWSALB=1wN6jNQDdmHyLjnMW9+ngXNMKHHvgD5al0J0/ieuRjhMd5ejLbULx4n6kYhp28QwJUDgsQ9Gj3gZpdn5K5xCnz7hFDKLKSSgbbhsgTL8a7rf+b/laOxyAFurL82O; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=1wN6jNQDdmHyLjnMW9+ngXNMKHHvgD5al0J0/ieuRjhMd5ejLbULx4n6kYhp28QwJUDgsQ9Gj3gZpdn5K5xCnz7hFDKLKSSgbbhsgTL8a7rf+b/laOxyAFurL82O; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure

GET
H2 200 en-US Show response
cdn.registerdisney.go.com/v2/DATG-GOODMORNINGAMERICAWEB.WEB-PROD/ Frame 0E69 1 MB
335 KB 7ms
6ms Document
text/html 2a02:26f0:6c00:293::2c0c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.registerdisney.go.com/v2/DATG-GOODMORNINGAMERICAWEB.WEB-PROD/en-US?include=config,l10n,js,html&?clientID=DATG-GOODMORNINGAMERICAWEB.WEBscheme=https&postMessageOrigin=https%3A%2F%2F34.202.146.220%2Fwellness&cookieDomain=34.202.146.220&config=PROD&logLevel=INFO&topHost=34.202.146.220&cssOverride=https%3A%2F%2F34.202.146.220%2Fstatic%2FgmaVue%2Fcss%2FoneId.css&debug=true&responderPage=https%3A%2F%2F34.202.146.220%2Fresponder&buildId=17a34f71434
Requested by: Host: cdn.registerdisney.go.com
URL: https://cdn.registerdisney.go.com/v2/outer/DisneyID.js?clientID=DATG-GOODMORNINGAMERICAWEB.WEB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:293::2c0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 337c049cdb13e83c45cb6a117c15232994586c7130f7547c73138346f50d03af

Request headers

:method: GET
:authority: cdn.registerdisney.go.com
:scheme: https
:path: /v2/DATG-GOODMORNINGAMERICAWEB.WEB-PROD/en-US?include=config,l10n,js,html&?clientID=DATG-GOODMORNINGAMERICAWEB.WEBscheme=https&postMessageOrigin=https%3A%2F%2F34.202.146.220%2Fwellness&cookieDomain=34.202.146.220&config=PROD&logLevel=INFO&topHost=34.202.146.220&cssOverride=https%3A%2F%2F34.202.146.220%2Fstatic%2FgmaVue%2Fcss%2FoneId.css&debug=true&responderPage=https%3A%2F%2F34.202.146.220%2Fresponder&buildId=17a34f71434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://34.202.146.220/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.202.146.220/

Response headers

content-type: text/html; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
etag: "15deed-nVSCAnKnhGSmqjcNCj8dx5iTlCc-gzip"
cache-control: max-age=900, must-revalidate, public
content-encoding: gzip
date: Tue, 13 Jul 2021 07:50:52 GMT
content-length: 342454
vary: Accept-Encoding
access-control-allow-origin: *

GET
H2 200 responder Show response
34.202.146.220/ Frame 3767 320 B
724 B 104ms
104ms Document
text/html 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/responder?clientId=DATG-GOODMORNINGAMERICAWEB.WEB-PROD&scheme=https&postMessageOrigin=https%3A%2F%2F34.202.146.220%2Fwellness&cookieDomain=34.202.146.220&config=PROD&logLevel=INFO&topHost=34.202.146.220&langPref=en-US&cssOverride=https%3A%2F%2F34.202.146.220%2Fstatic%2FgmaVue%2Fcss%2FoneId.css&debug=true&responderPage=https%3A%2F%2F34.202.146.220%2Fresponder&buildId=17a34f71434
Requested by: Host: cdn.registerdisney.go.com
URL: https://cdn.registerdisney.go.com/v2/outer/DisneyID.js?clientID=DATG-GOODMORNINGAMERICAWEB.WEB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 07594b76de34df28ee24e212b23b68ebcda41adae89672179c020191c4784a4a

Request headers

:method: GET
:authority: 34.202.146.220
:scheme: https
:path: /responder?clientId=DATG-GOODMORNINGAMERICAWEB.WEB-PROD&scheme=https&postMessageOrigin=https%3A%2F%2F34.202.146.220%2Fwellness&cookieDomain=34.202.146.220&config=PROD&logLevel=INFO&topHost=34.202.146.220&langPref=en-US&cssOverride=https%3A%2F%2F34.202.146.220%2Fstatic%2FgmaVue%2Fcss%2FoneId.css&debug=true&responderPage=https%3A%2F%2F34.202.146.220%2Fresponder&buildId=17a34f71434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://34.202.146.220/wellness
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cb_ls=1; _gcl_au=1.1.1706067711.1626162652; AWSALB=k4Mv8R/nDc+yabzg8HNkXrSiUxnDw58k35jsmxMoT/IXB304mQo9fMJ1QiyAicJt75mogLyAGJkYNy2f8xYhuru9vcWu7yz4oxWr0Gi4az0g+mVmcNn8Fy4zS/xT; AWSALBCORS=k4Mv8R/nDc+yabzg8HNkXrSiUxnDw58k35jsmxMoT/IXB304mQo9fMJ1QiyAicJt75mogLyAGJkYNy2f8xYhuru9vcWu7yz4oxWr0Gi4az0g+mVmcNn8Fy4zS/xT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.202.146.220/wellness

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-type: text/html;charset=UTF-8
set-cookie: AWSALB=RL/aN0zsiduMllUtJvnpN+zGDaWm2BTW2fUPVT7iFYbRtKS84QE3e3Ntd92d4qEUBktR48wcD8mpZBjWDnHLcxfOx+aPmyZwAZAzVSQQEH2Jpd9h0v6dMj+xjNWh; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=RL/aN0zsiduMllUtJvnpN+zGDaWm2BTW2fUPVT7iFYbRtKS84QE3e3Ntd92d4qEUBktR48wcD8mpZBjWDnHLcxfOx+aPmyZwAZAzVSQQEH2Jpd9h0v6dMj+xjNWh; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure
server: nginx/1.12.1
cache-control: public, s-maxage=180000, max-age=180000
content-encoding: gzip

GET
H2 200 TheinhardtLight-Regular.woff2
34.202.146.220/static/assets/fonts/Theinhardt_Light/ 29 KB
29 KB 104ms
103ms Font
application/octet-stream 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/assets/fonts/Theinhardt_Light/TheinhardtLight-Regular.woff2
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/css/app.09bb9e476813235e749e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a4ae9bb25df5d933d9a027ca44ff2dcb84a3543c90f5989967f1fd887e6c0280

Request headers

sec-fetch-mode: cors
origin: https://34.202.146.220
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _cb_ls=1; _gcl_au=1.1.1706067711.1626162652; AWSALB=k4Mv8R/nDc+yabzg8HNkXrSiUxnDw58k35jsmxMoT/IXB304mQo9fMJ1QiyAicJt75mogLyAGJkYNy2f8xYhuru9vcWu7yz4oxWr0Gi4az0g+mVmcNn8Fy4zS/xT; AWSALBCORS=k4Mv8R/nDc+yabzg8HNkXrSiUxnDw58k35jsmxMoT/IXB304mQo9fMJ1QiyAicJt75mogLyAGJkYNy2f8xYhuru9vcWu7yz4oxWr0Gi4az0g+mVmcNn8Fy4zS/xT
:path: /static/assets/fonts/Theinhardt_Light/TheinhardtLight-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 34.202.146.220
referer: https://34.202.146.220/static/gmaVue/css/app.09bb9e476813235e749e.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://34.202.146.220
Referer: https://34.202.146.220/static/gmaVue/css/app.09bb9e476813235e749e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:52 GMT
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: "60d45b04-72a4"
content-type: application/octet-stream
cache-control: max-age=315360000 public
set-cookie: AWSALB=E4fvS0VVWrooh48+SnZPpa/31Qb0qT3J9VT7nMpAi5RdXoe56+OOZESVlkMYR9iVjF1ceaOW9tqH+G4CYjFGbtuSYS2QBvS8ix7YooJRjwu83DLFieWxazcSS3xG; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=E4fvS0VVWrooh48+SnZPpa/31Qb0qT3J9VT7nMpAi5RdXoe56+OOZESVlkMYR9iVjF1ceaOW9tqH+G4CYjFGbtuSYS2QBvS8ix7YooJRjwu83DLFieWxazcSS3xG; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 29348
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TheinhardtRegular-Regular.woff2
34.202.146.220/static/assets/fonts/Theinhardt_Regular/ 29 KB
29 KB 106ms
105ms Font
application/octet-stream 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/assets/fonts/Theinhardt_Regular/TheinhardtRegular-Regular.woff2
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/css/app.09bb9e476813235e749e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 5ba10a03fd15efa1a2e59b472c721091b8eb2f5101d66381bac7c87e2cc862df

Request headers

sec-fetch-mode: cors
origin: https://34.202.146.220
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _cb_ls=1; _gcl_au=1.1.1706067711.1626162652; AWSALB=k4Mv8R/nDc+yabzg8HNkXrSiUxnDw58k35jsmxMoT/IXB304mQo9fMJ1QiyAicJt75mogLyAGJkYNy2f8xYhuru9vcWu7yz4oxWr0Gi4az0g+mVmcNn8Fy4zS/xT; AWSALBCORS=k4Mv8R/nDc+yabzg8HNkXrSiUxnDw58k35jsmxMoT/IXB304mQo9fMJ1QiyAicJt75mogLyAGJkYNy2f8xYhuru9vcWu7yz4oxWr0Gi4az0g+mVmcNn8Fy4zS/xT
:path: /static/assets/fonts/Theinhardt_Regular/TheinhardtRegular-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 34.202.146.220
referer: https://34.202.146.220/static/gmaVue/css/app.09bb9e476813235e749e.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://34.202.146.220
Referer: https://34.202.146.220/static/gmaVue/css/app.09bb9e476813235e749e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:52 GMT
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: "60d45b04-72cc"
content-type: application/octet-stream
cache-control: max-age=315360000 public
set-cookie: AWSALB=gVTFtkzgCZg0s1h0DQGP7YAjlStqb2+IeLFhxRUQMjwEzQ87hKO5FjI2diAdJFrOzjcrnO+0yhRtihVb5KhtDlLrOeoKnR9TUYMa78Cv62+qYh7qvtEGXqqD5YoT; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=gVTFtkzgCZg0s1h0DQGP7YAjlStqb2+IeLFhxRUQMjwEzQ87hKO5FjI2diAdJFrOzjcrnO+0yhRtihVb5KhtDlLrOeoKnR9TUYMa78Cv62+qYh7qvtEGXqqD5YoT; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 29388
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 26F6 12 KB
4 KB 12ms
11ms Document
text/html 2600:9000:2190:c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://34.202.146.220/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.202.146.220/

Response headers

content-type: text/html
last-modified: Tue, 06 Jul 2021 14:06:24 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: TxpWXQUHATxp36qO.r6EdzVZ2u47hdPM
server: AmazonS3
content-encoding: gzip
date: Tue, 13 Jul 2021 07:20:57 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: APhJT63sfW5srolpkTDyAlJA9dCJe_ScXWrXIdsUb4TVRPJCooApMA==
age: 5394

GET
H2 200 /
www.facebook.com/tr/ 44 B
159 B 21ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=628013377545201&ev=PageView&dl=https%3A%2F%2F34.202.146.220%2Fwellness&rl=&if=false&ts=1626162652470&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&it=1626162652282&coo=false&rqm=GET

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 13 Jul 2021 07:50:52 GMT

GET
H3-29

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=628013377545201&ev=ViewContent&dl=https%3A%2F%2F34.202.146.220%2Fwellness&rl=&if=false&ts=1626162652474&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&it=1626162652282&...
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2F34.202.146.220%2Fwellness&ec=1&ev=ViewContent&id=628013377545201&if=false&it=1626162652282&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=16...

44 B
88 B

8ms
6ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2F34.202.146.220%2Fwellness&ec=1&ev=ViewContent&id=628013377545201&if=false&it=1626162652282&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1626162652474&v=2.9.43

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 13 Jul 2021 07:50:52 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Jul 2021 07:50:52 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
location: /tr/?coo=false&dl=https%3A%2F%2F34.202.146.220%2Fwellness&ec=1&ev=ViewContent&id=628013377545201&if=false&it=1626162652282&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1626162652474&v=2.9.43
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

POST prebid.json
an.facebook.com/v1/ 0
0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 39ms
39ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1010108458&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
server: cafe
etag: 8394079078796230488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 07:50:52 GMT

GET
H2 200 responder.js Show response
cdn.registerdisney.go.com/v2/responder/ Frame 3767 98 KB
32 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:293::2c0c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.registerdisney.go.com/v2/responder/responder.js?clientID=DATG-GOODMORNINGAMERICAWEB.WEB
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/responder?clientId=DATG-GOODMORNINGAMERICAWEB.WEB-PROD&scheme=https&postMessageOrigin=https%3A%2F%2F34.202.146.220%2Fwellness&cookieDomain=34.202.146.220&config=PROD&logLevel=INFO&topHost=34.202.146.220&langPref=en-US&cssOverride=https%3A%2F%2F34.202.146.220%2Fstatic%2FgmaVue%2Fcss%2FoneId.css&debug=true&responderPage=https%3A%2F%2F34.202.146.220%2Fresponder&buildId=17a34f71434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:293::2c0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6818ee7b403430075ab6bba5d55a66a7b831766d1a58c67dc2a2514ef97f71a5

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 18:22:58 GMT
etag: "c4a0e50360cc13e99c21dacef4ea890a18060b1b-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=900, must-revalidate, public
accept-ranges: bytes
content-length: 32347

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 26F6 44 B
530 B 168ms
53ms Image
image/gif 54.72.150.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PD6675FA3-CCCD-496D-AC9A-FC7EAAC714E3&sessionId=ka4w78h0iorfodefuf99lcadeez8t1626162652&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.602&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.150.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-150-57.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jul 2021 07:50:52 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
ka4w78h0iorfodefuf99lcadeez8t1626162652.nuid.imrworldwide.com/ Frame 26F6 35 B
351 B 30ms
6ms Image
image/gif 2600:9000:21f3:dc00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka4w78h0iorfodefuf99lcadeez8t1626162652.nuid.imrworldwide.com/
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:dc00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 04:29:27 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 12086
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 35
x-amz-cf-id: QNvijNEjVUXZIenGWNNADzcYCXvFM4yRvQKx_xOirOJ_QOJ1ZPBgnw==

GET
H2 200 omniture.fefa1e13f993d6f0dfbf.js Show response
34.202.146.220/static/gmaVue/js/ 107 KB
38 KB 106ms
105ms Script
application/javascript 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/gmaVue/js/omniture.fefa1e13f993d6f0dfbf.js
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/manifest.536fdcf12891db5ac3f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 559add1036ca95f1255c28af0ce2af54b1f16339f1c9621980d7755d2745df6c

Request headers

:path: /static/gmaVue/js/omniture.fefa1e13f993d6f0dfbf.js
pragma: no-cache
cookie: _cb_ls=1; _gcl_au=1.1.1706067711.1626162652; AWSALB=RL/aN0zsiduMllUtJvnpN+zGDaWm2BTW2fUPVT7iFYbRtKS84QE3e3Ntd92d4qEUBktR48wcD8mpZBjWDnHLcxfOx+aPmyZwAZAzVSQQEH2Jpd9h0v6dMj+xjNWh; AWSALBCORS=RL/aN0zsiduMllUtJvnpN+zGDaWm2BTW2fUPVT7iFYbRtKS84QE3e3Ntd92d4qEUBktR48wcD8mpZBjWDnHLcxfOx+aPmyZwAZAzVSQQEH2Jpd9h0v6dMj+xjNWh
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: W/"60d45b04-1aa4d"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=ie4FaoxsS8dw3MNDq5Aj377Qucgno6ajb7B033DQ6/lsyIiFa7xycuqBRNQPffSfVsVACvdzvjrF5gBoEV/VsYf3QO4q4+hKnK1pXIT6xuiAOIh8lbwT+KWjmWHn; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/ AWSALBCORS=ie4FaoxsS8dw3MNDq5Aj377Qucgno6ajb7B033DQ6/lsyIiFa7xycuqBRNQPffSfVsVACvdzvjrF5gBoEV/VsYf3QO4q4+hKnK1pXIT6xuiAOIh8lbwT+KWjmWHn; Expires=Tue, 20 Jul 2021 07:50:52 GMT; Path=/; SameSite=None; Secure
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 151ms
66ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Tue, 13 Jul 2021 07:50:52 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Tue, 20 Jul 2021 07:50:52 GMT

GET
H2 200 wellness Show response
abcnews.go.com/gma/api/search/subsections/ 16 KB
3 KB 244ms
159ms XHR
application/json 13.224.99.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnews.go.com/gma/api/search/subsections/wellness?limit=10
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/static/gmaVue/js/vendors~app~standaloneVideoPlayer.5f6d28f6012cd9baa7f6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-9.zrh50.r.cloudfront.net
Software: /
Resource Hash: 3c9c7780f89f0a064ec99c08d603308c4a4da5ae87f506053a1dc2b73cceacfc

Request headers

Accept: application/json, text/plain, */*
Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://34.202.146.220
cache-control: max-age=120
accept-ranges: bytes
x-amz-cf-id: rNrgetv236ZaX3YvR7tmVH4RGjRYIbJJPU-4k_CbnvcGFKLrggpqLg==
via: 1.1 varnish-v4, 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1010108458/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1010108458/?random=1626162652606&cv=9&fst=1626162652606&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa770&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F34.202.146.220%2Fwellness&tiba=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bba70d77bd6607a7dcb871c1c633f86ad14db76150329b7737e409077aeff14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1010108458/ 42 B
109 B 19ms
18ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1010108458/?random=1626162652606&cv=9&fst=1626159600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa770&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F34.202.146.220%2Fwellness&tiba=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&async=1&fmt=3&is_vtc=1&random=2470796630&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jul 2021 07:50:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1010108458/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1010108458/?random=1626162652606&cv=9&fst=1626159600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa770&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F34.202.146.220%2Fwellness&tiba=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&async=1&fmt=3&is_vtc=1&random=2470796630&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jul 2021 07:50:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 enterprise.js Show response
www.google.com/recaptcha/ Frame 0E69 974 B
642 B 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LcizusZAAAAACBo-w1Uk2QWn8sPnvz-FX-1mObe&hl=en

Requested by

Host: cdn.registerdisney.go.com
URL: https://cdn.registerdisney.go.com/v2/DATG-GOODMORNINGAMERICAWEB.WEB-PROD/en-US?include=config,l10n,js,html&?clientID=DATG-GOODMORNINGAMERICAWEB.WEBscheme=https&postMessageOrigin=https%3A%2F%2F34.202.146.220%2Fwellness&cookieDomain=34.202.146.220&config=PROD&logLevel=INFO&topHost=34.202.146.220&cssOverride=https%3A%2F%2F34.202.146.220%2Fstatic%2FgmaVue%2Fcss%2FoneId.css&debug=true&responderPage=https%3A%2F%2F34.202.146.220%2Fresponder&buildId=17a34f71434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

80e01638703c31f94debc8a866e262de07515826626e09deed963b50630b484e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.registerdisney.go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 621
x-xss-protection: 1; mode=block
expires: Tue, 13 Jul 2021 07:50:52 GMT

GET
DATA 200
OK truncated
/ 200 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd441efc6f1c1b6d9bf99ba2a163c8a6e6c178989c8d792da47fed8207178c13

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=34.202.146.220

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=34.202.146.220

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 439 B
259 B 78ms
74ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=209379171717355&correlator=2369775612687568&output=ldjh&impl=fifs&eid=31061180%2C31061218&vrg=2021070701&ptt=17&sc=1&sfv=1-0-38&ecs=20210713&iu_parts=21783347309%2Cgma%2Cgma.com%2Cweb%2Cwellness&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&prev_scp=pgn%3Dwellness%26pos%3Dbanner-wellness-1&eri=1&cust_params=bundleId%3Dcom.abcnews%26devOs%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36%26isDnt%3Dfalse%26lang%3Den%26sp%3Dgoodmorningamerica%26devType%3Ddesktop%26tag%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1626162652&dt=1626162652933&dlt=1626162651620&idt=900&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3988053876&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2F34.202.146.220%2Fwellness&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1404x0&msz=728x0&ga_vid=1178753434.1626162653&ga_sid=1626162653&ga_hid=134116104&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3e0675549099e7d26854bd19f627a4bcee3be9cf5d3cd61e4c5ffc1a784698a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://34.202.146.220
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
65c8accaa7fd35e07ae7723df2939a13.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F1E4 6 KB
3 KB 48ms
13ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://65c8accaa7fd35e07ae7723df2939a13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 65c8accaa7fd35e07ae7723df2939a13.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://34.202.146.220/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.202.146.220/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 13 Jul 2021 07:50:52 GMT
expires: Wed, 13 Jul 2022 07:50:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 BDD_Main_16x9_v02_ag_1624902703223_hpMain_v16x9_1x1_608.jpg
s.abcnews.com/images/GMA/ 63 KB
64 KB 55ms
55ms Image
image/jpeg 13.224.99.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/GMA/BDD_Main_16x9_v02_ag_1624902703223_hpMain_v16x9_1x1_608.jpg
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-79.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5d9ac7543701ed92ed186acb0ac30cf8af4129e88d40275da46a180fedf7bf

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: X5PyXjPlz8uUNzRC4XEZ3aWYbKId7ay9
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 17:54:13 GMT
server: AmazonS3
age: 1442
etag: "cb2225ae7d93410998e191ede327590d"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Tue, 13 Jul 2021 07:26:51 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 64858
x-amz-cf-id: Y104EabrVTn1cfvmxU8gILHkwNsFHW4mKWyVQf5ereF7wEsymPtRoA==

GET
H2 200 pinterest-01-gty-iwb-210705_1625495770767_hpMain_1x1_608.jpg
s.abcnews.com/images/GMA/ 30 KB
31 KB 81ms
80ms Image
image/jpeg 13.224.99.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/GMA/pinterest-01-gty-iwb-210705_1625495770767_hpMain_1x1_608.jpg
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-79.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52f5056ea238387c2605ab0d02f7069c6aa05f11cf4ba9508cf30a5d224df11a

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EVDwSpf5aHppy8EAvM3j9aLVLDEbuUTI
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
etag: "d5e689851fda3331cc601a2385abeb55"
last-modified: Mon, 05 Jul 2021 14:40:54 GMT
server: AmazonS3
age: 1442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Tue, 13 Jul 2021 07:26:51 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 31005
x-amz-cf-id: BQHHn0Zi_UOdGKpYrdNQ7_cFGJTcje9Y_EAW7CGWRh1-13hog5ZU1A==

GET
H2 200 baby-boom-main-ht-jt-2210708_1625778213771_hpMain_1x1_608.jpg
s.abcnews.com/images/GMA/ 56 KB
57 KB 95ms
94ms Image
image/jpeg 13.224.99.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/GMA/baby-boom-main-ht-jt-2210708_1625778213771_hpMain_1x1_608.jpg
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-79.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 803a24cfe218a46a580c775b9fe99c3115f46fa49fc99c476b6ba21337f1c0dd

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HQ4p0QhHsw5Ut44w8hLraQs5gWDCkMDH
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
etag: "bc3dae60226869722585a527f1f6b3ea"
last-modified: Thu, 08 Jul 2021 21:21:31 GMT
server: AmazonS3
age: 1442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Tue, 13 Jul 2021 07:26:51 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 57514
x-amz-cf-id: cp-KTmtCpvfSbRAeRt-NEM_0_m3P7SlXTcdPj2NKNeGP0GC6Y9cKLA==

GET
H2 200 reese-hamsmith-01-ht-jef-210711_1626029732404_hpMain_1x1_608.jpg
s.abcnews.com/images/GMA/ 53 KB
53 KB 102ms
101ms Image
image/jpeg 13.224.99.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/GMA/reese-hamsmith-01-ht-jef-210711_1626029732404_hpMain_1x1_608.jpg
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-79.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11fa527ce101745cfaa7dad0ebe27baf4fca2102b0b6afffdb931df18b1099b1

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Fi_xV3Mq0K3GyfsoJnGGR_pMaYukgCvR
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
etag: "bf8c6ab6d5aa8e0c6c84d73727801602"
last-modified: Sun, 11 Jul 2021 19:05:15 GMT
server: AmazonS3
age: 1442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Tue, 13 Jul 2021 07:26:51 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 53985
x-amz-cf-id: uHafWXeNMX4p06Vi0BBykxnwUBQOjkvJkJgPysLrfsxrOJACcnGZPQ==

GET
H2 200 Postpartum-gty-hb-180528_hpMain_1x1_608.jpg
s.abcnews.com/images/Health/ 28 KB
29 KB 110ms
110ms Image
image/jpeg 13.224.99.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/Health/Postpartum-gty-hb-180528_hpMain_1x1_608.jpg
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-79.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0283fca5dd9b91c5782ecf86e03c4f2b353e56793d82fca18b2e5c0521734dfc

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
last-modified: Mon, 28 May 2018 19:51:42 GMT
server: AmazonS3
age: 1442
etag: "ec71e359622ec804e1ab8a8b8e6fbc7b"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Tue, 13 Jul 2021 07:26:51 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 29179
x-amz-cf-id: 0_km-Ue_7vIw5jJtg7SknDiPwmule3NXepF3N0jVuup1vA5ta5e4JA==

GET
H2 200 naomi-osaka-ss-jt-210521_1622467239101_hpMain_1x1_608.jpg
s.abcnews.com/images/Business/ 47 KB
48 KB 114ms
114ms Image
image/jpeg 13.224.99.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/Business/naomi-osaka-ss-jt-210521_1622467239101_hpMain_1x1_608.jpg
Requested by: Host: 34.202.146.220
URL: https://34.202.146.220/wellness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-79.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c3d402e7f697eb7975fe943d63fe8273e3b419933ee2b674e2cc1f68791c7ce

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Jd0cixQMr4KXe3Ht3wS0VCSpmBTSWmjY
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
last-modified: Mon, 31 May 2021 13:23:37 GMT
server: AmazonS3
age: 1442
etag: "d228900fa063a5d6a42b9cced022d058"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Tue, 13 Jul 2021 07:26:51 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 48383
x-amz-cf-id: 8j9weRmkeT4Vvt3S1-4Qjarr_riYbFQzVL59S1lqW9A8QkQTFfMSMA==

GET
H2

200

s02179196081247
sw88.go.com/b/ss/wdgnewwdgnewgmaweb/1/JS-2.22.0/
Redirect Chain

https://sw88.go.com/b/ss/wdgnewwdgnewgmaweb/1/JS-2.22.0/s02179196081247?AQB=1&ndh=1&pf=1&t=13%2F6%2F2021%209%3A50%3A52%202%20-120&fid=7DD89A5722DB463A-2C0363020372B704&ce=UTF-8&ns=gma&pageName=http...
https://sw88.go.com/b/ss/wdgnewwdgnewgmaweb/1/JS-2.22.0/s02179196081247?AQB=1&pccr=true&vidn=3076A2EEF25DD5DF-60000A20750FB6E4&ndh=1&pf=1&t=13%2F6%2F2021%209%3A50%3A52%202%20-120&fid=7DD89A5722DB46...

43 B
266 B

44ms
43ms

Image
image/gif

13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sw88.go.com/b/ss/wdgnewwdgnewgmaweb/1/JS-2.22.0/s02179196081247?AQB=1&pccr=true&vidn=3076A2EEF25DD5DF-60000A20750FB6E4&ndh=1&pf=1&t=13%2F6%2F2021%209%3A50%3A52%202%20-120&fid=7DD89A5722DB463A-2C0363020372B704&ce=UTF-8&ns=gma&pageName=https%3A%2F%2F34.202.146.220%2Fwellness&g=https%3A%2F%2F34.202.146.220%2Fwellness&events=event2&c1=GMA&c2=Guest%20%7C%20&v2=Guest%20%7C%20&c3=WDGNEWWDGNEWGMAWEB&v3=WDGNEWWDGNEWGMAWEB&c5=Index&c6=ABC%20News%20%2F%20GMA&c12=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&v12=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&c15=https%3A%2F%2F34.202.146.220%2Fwellness&v15=https%3A%2F%2F34.202.146.220%2Fwellness&c16=https%3A%2F%2F34.202.146.220%2Fwellness&v16=https%3A%2F%2F34.202.146.220%2Fwellness&c18=New&c20=DESKTOP&c23=GMA&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:53 GMT
x-content-type-options: nosniff
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 14 Jul 2021 07:50:53 GMT
server: jag
xserver: anedge-58944c9887-f7mtz
etag: 3492157708285542400-4619626323575845338
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 12 Jul 2021 07:50:53 GMT

Redirect headers

date: Tue, 13 Jul 2021 07:50:53 GMT
x-content-type-options: nosniff
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
location: https://sw88.go.com/b/ss/wdgnewwdgnewgmaweb/1/JS-2.22.0/s02179196081247?AQB=1&pccr=true&vidn=3076A2EEF25DD5DF-60000A20750FB6E4&ndh=1&pf=1&t=13%2F6%2F2021%209%3A50%3A52%202%20-120&fid=7DD89A5722DB463A-2C0363020372B704&ce=UTF-8&ns=gma&pageName=https%3A%2F%2F34.202.146.220%2Fwellness&g=https%3A%2F%2F34.202.146.220%2Fwellness&events=event2&c1=GMA&c2=Guest%20%7C%20&v2=Guest%20%7C%20&c3=WDGNEWWDGNEWGMAWEB&v3=WDGNEWWDGNEWGMAWEB&c5=Index&c6=ABC%20News%20%2F%20GMA&c12=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&v12=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&c15=https%3A%2F%2F34.202.146.220%2Fwellness&v15=https%3A%2F%2F34.202.146.220%2Fwellness&c16=https%3A%2F%2F34.202.146.220%2Fwellness&v16=https%3A%2F%2F34.202.146.220%2Fwellness&c18=New&c20=DESKTOP&c23=GMA&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
last-modified: Wed, 14 Jul 2021 07:50:53 GMT
server: jag
xserver: anedge-58944c9887-ks9lw
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 12 Jul 2021 07:50:53 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 0E69 341 KB
133 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcizusZAAAAACBo-w1Uk2QWn8sPnvz-FX-1mObe&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cdn.registerdisney.go.com
Referer: https://cdn.registerdisney.go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 06:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 06:42:53 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=628013377545201&ev=Microdata&dl=https%3A%2F%2F34.202.146.220%2Fwellness&rl=&if=false&ts=1626162652997&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA%22%2C%22meta%3Akeywords%22%3A%22GMA%22%2C%22meta%3Adescription%22%3A%22GMA%20is%20your%20source%20for%20healthy%20living%2C%20diet%2C%20inspiring%20fitness%20transformations%20and%20exercise%20tips%20to%20support%20your%20wellness%20journey.%20Because%20You%20Rock!%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.goodmorningamerica.com%2Fwellness%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Good%20Morning%20America%22%2C%22og%3Atitle%22%3A%22Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA%22%2C%22og%3Adescription%22%3A%22GMA%20is%20your%20source%20for%20healthy%20living%2C%20diet%2C%20inspiring%20fitness%20transformations%20and%20exercise%20tips%20to%20support%20your%20wellness%20journey.%20Because%20You%20Rock!%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs.abcnews.com%2Fimages%2FGMA%2Fdefault_image_1600_16x9_992.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Good%20Morning%20America%22%2C%22url%22%3A%22https%3A%2F%2Fwww.goodmorningamerica.com%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2FGoodMorningAmerica%2F%22%2C%22https%3A%2F%2Ftwitter.com%2FGMA%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fgoodmorningamerica%2F%22%2C%22https%3A%2F%2Fwww.pinterest.com%2Fgma%2F%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCH1oRy1dINbMVp3UFWrKP0w%22%5D%2C%22logo%22%3A%22https%3A%2F%2Fs.abcnews.com%2Fimages%2FGMA%2Fdefault_image_1600_16x9_608.jpg%22%7D%5D%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=2&o=30&it=1626162652282&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 13 Jul 2021 07:50:52 GMT

GET
H/1.1 200
OK amp.premier.default.json Show response
abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/ 21 KB
6 KB 116ms
40ms XHR
application/json 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.default.json?stonewood=0&sec=1&site=gma
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f58de7b184865867f806060ce778b56d96db5c9886eba86bfad2068b43ff162f

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "b332c1e1dd3ec4f50e0daf08d2bea30e:1614892768.956299"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=53774
Connection: keep-alive
Content-Length: 5343

GET
H2

200

unid.denied.js Show response
cdn.unid.go.com/denied/
Redirect Chain

https://cdn.unid.go.com/js/unid.min.js
https://cdn.unid.go.com/denied/unid.denied.js

570 B
976 B

120ms
120ms

Script
application/javascript

2a02:26f0:6c00:293::2c0c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.unid.go.com/denied/unid.denied.js

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:293::2c0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3c3be1db106c82efea9262d2af447315d414cf058d98a6b81388eb05908f28d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .unid.com: .go.com:; script-src 'unsafe-inline'
X-Xss-Protection	1

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.unid.com:* *.go.com:*; script-src 'unsafe-inline'
content-security-policy-report-only: default-src 'self' *.unid.com:* *.go.com:*; script-src 'unsafe-inline'; report-uri https://unid.go.com/csp
last-modified: Tue, 16 Feb 2021 20:36:17 GMT
etag: W/"23a-177ac8ed1e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, must-revalidate, max-age=86400
date: Tue, 13 Jul 2021 07:50:53 GMT
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 570
x-xss-protection: 1

Redirect headers

location: https://cdn.unid.go.com/denied/unid.denied.js
date: Tue, 13 Jul 2021 07:50:53 GMT
server: AkamaiGHost
content-length: 0

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame F515 38 KB
19 KB 31ms
30ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcizusZAAAAACBo-w1Uk2QWn8sPnvz-FX-1mObe&co=aHR0cHM6Ly9jZG4ucmVnaXN0ZXJkaXNuZXkuZ28uY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=s6s9yrj67u6x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

04f1e444c798d57c61a460e2e42d2b7a916d82e731aa309a7fbb87e8c2d452c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cpo3L7g8Vaq7gPXufr+qGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/anchor?ar=1&k=6LcizusZAAAAACBo-w1Uk2QWn8sPnvz-FX-1mObe&co=aHR0cHM6Ly9jZG4ucmVnaXN0ZXJkaXNuZXkuZ28uY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=s6s9yrj67u6x
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.registerdisney.go.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.registerdisney.go.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 13 Jul 2021 07:50:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-Cpo3L7g8Vaq7gPXufr+qGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19791
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame F515 52 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcizusZAAAAACBo-w1Uk2QWn8sPnvz-FX-1mObe&co=aHR0cHM6Ly9jZG4ucmVnaXN0ZXJkaXNuZXkuZ28uY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=s6s9yrj67u6x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 07:26:11 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame F515 341 KB
133 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 05:47:38 GMT

GET
H/1.1 200
OK amp.premier.min.css
abcnewsplayer-a.akamaihd.net/player/test/2.106.5/amp.premier/ 54 KB
9 KB 43ms
41ms Stylesheet
text/css 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/test/2.106.5/amp.premier/amp.premier.min.css
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fb3024753f8e14a78de1d300894661f4b1256b00493dadbcb3abb96137dff4e5

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "e4de8c7d1258f962365fe42abbf31c36:1624409201.006618"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=530
Connection: keep-alive
Content-Length: 8363

GET
H/1.1 200
OK amp.gif Show response
amp.akamaized.net/ 0
319 B 35ms
8ms XHR
image/gif 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/amp.gif?os=Windows&osver=10&browser=Chrome&browserver=89.0&prod=%20Premier%20-%20ABC%20News&prodver=2.106.5&platform=web&url=https%3A%2F%2F34.202.146.220%2Fwellness&event=create
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Jul 2021 07:50:53 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK skin-customization-gma.css
abcnewsplayer-a.akamaihd.net/player/test/2.106.5/amp.premier/ 10 KB
3 KB 83ms
39ms Stylesheet
text/css 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/test/2.106.5/amp.premier/skin-customization-gma.css
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 98554fc698979fdd5f48678558536655f6d2e3aaad8c190d0b4da238c3ad281f

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "3c388ed74e83c7e6f3019f535e807c2f:1624409194.655755"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=54
Connection: keep-alive
Content-Length: 2371

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 339 KB
117 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637ddea341484e7a10cbf236109d751e940954fe905e1da470698fc9a771f421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Tue, 13 Jul 2021 07:50:53 GMT

GET
H/1.1 200
OK moat_sdk.js Show response
abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/moat/libs/ 1 KB
1 KB 97ms
36ms Script
application/x-javascript 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/moat/libs/moat_sdk.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 396e84575706e8c0a059418374b87efba1e73f55001ed026a3a2babed00f2d3b

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "8d35fcca34be1b92275d7313b766a784:1614892954.945168"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=53844
Connection: keep-alive
Content-Length: 780

GET
H/1.1 200
OK Moat.js Show response
abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/moat/ 4 KB
2 KB 114ms
40ms Script
application/x-javascript 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/moat/Moat.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9dcfe263671b03e7975fdebe82329adae068dfe790008211786650fc28231468

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "0e29499d4e50f429c5fa99acc3e8eb62:1614892928.332379"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=53774
Connection: keep-alive
Content-Length: 1190

GET
H2 200 VisitorAPI.js Show response
34.202.146.220/static/assets/scripts/omniture/ 59 KB
20 KB 106ms
104ms Script
application/javascript 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/assets/scripts/omniture/VisitorAPI.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 57ecc41460fa1fd86d50e4179caf345f970bc203757b13758b338b3bd6d1b3d4

Request headers

:path: /static/assets/scripts/omniture/VisitorAPI.js
pragma: no-cache
cookie: _cb_ls=1; _gcl_au=1.1.1706067711.1626162652; AWSALB=ie4FaoxsS8dw3MNDq5Aj377Qucgno6ajb7B033DQ6/lsyIiFa7xycuqBRNQPffSfVsVACvdzvjrF5gBoEV/VsYf3QO4q4+hKnK1pXIT6xuiAOIh8lbwT+KWjmWHn; AWSALBCORS=ie4FaoxsS8dw3MNDq5Aj377Qucgno6ajb7B033DQ6/lsyIiFa7xycuqBRNQPffSfVsVACvdzvjrF5gBoEV/VsYf3QO4q4+hKnK1pXIT6xuiAOIh8lbwT+KWjmWHn; s_fid=7DD89A5722DB463A-2C0363020372B704; s_nr=1626162652970-New; s_cc=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:53 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: W/"60d45b04-eacb"
content-type: application/javascript
cache-control: max-age=86400 public
set-cookie: AWSALB=bXcglZD1xKV/DdBPBqhcpGEgGgwdwQc6aaTKuZdB6VtsIdovQK2Bg9eFx/OzYqFe4WAVcOOPCwt3DaKNWF63SU/S5T1Pz/4/WEA9HaGRtZabltQj+GhUP3lL7Q9r; Expires=Tue, 20 Jul 2021 07:50:53 GMT; Path=/ AWSALBCORS=bXcglZD1xKV/DdBPBqhcpGEgGgwdwQc6aaTKuZdB6VtsIdovQK2Bg9eFx/OzYqFe4WAVcOOPCwt3DaKNWF63SU/S5T1Pz/4/WEA9HaGRtZabltQj+GhUP3lL7Q9r; Expires=Tue, 20 Jul 2021 07:50:53 GMT; Path=/; SameSite=None; Secure
expires: Wed, 14 Jul 2021 07:50:53 GMT

GET
H/1.1 200
OK streamsense.4.1412.05.min.js Show response
abcnewsplayer-a.akamaihd.net/player/test/2.106.5/resources/js/ 28 KB
9 KB 105ms
42ms Script
application/x-javascript 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/test/2.106.5/resources/js/streamsense.4.1412.05.min.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 765044d2d15f6bf3844ad08b8c721717294f89559b9b1ad4f062925ae5056cad

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "3209f761273241edcea6a702c5baa647:1624409324.296042"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=573
Connection: keep-alive
Content-Length: 8961

GET
H/1.1 200
OK hls.js Show response
abcnewsplayer-a.akamaihd.net/player/test/2.106.5/resources/js/ 601 KB
138 KB 125ms
59ms Script
application/x-javascript 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/test/2.106.5/resources/js/hls.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c6e10ba519d65a038df50cc68496da2dc48f9a91fb94e2158f07ceab0298f0a

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "74e581ca9dcaa235edae09495f688f14:1624409317.88138"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=573
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding

GET
H/1.1 200
OK react.min.js Show response
abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/react/libs/ 152 KB
47 KB 146ms
97ms Script
application/x-javascript 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/react/libs/react.min.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7d103d276cd86e871a42584fcdc905d0f2305b90bac6f6f49c0220eb9b40e0b4

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "036aab38787b909870da75b408214d99:1614892956.483931"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=63956
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding

GET
H/1.1 200
OK Chartbeatanalytics.js Show response
abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/chartbeatanalytics/ 6 KB
2 KB 47ms
39ms Script
application/x-javascript 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/chartbeatanalytics/Chartbeatanalytics.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76018a8b7e80b5bc8d82776e718782edd2f8598b7e4d01b94435a76265b745a9

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "aa3484e777ff077ddbfa29436c539ce8:1614892929.135142"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=75039
Connection: keep-alive
Content-Length: 1470

GET
H3-29 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame F515 102 B
132 B 15ms
14ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI

Requested by

Host: 34.202.146.220
URL: https://34.202.146.220/wellness

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcizusZAAAAACBo-w1Uk2QWn8sPnvz-FX-1mObe&co=aHR0cHM6Ly9jZG4ucmVnaXN0ZXJkaXNuZXkuZ28uY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=s6s9yrj67u6x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 13 Jul 2021 07:50:53 GMT

GET
H/1.1 200
OK Ima.min.js Show response
abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/ima/ 35 KB
8 KB 40ms
40ms Script
application/x-javascript 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/ima/Ima.min.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e409554d417d3fc1c28720ec9b095262c60634bf90be6b7418f09aead7055711

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "7a6a62457723d8c0def6b8a7d6544076:1614892929.567901"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=64170
Connection: keep-alive
Content-Length: 7771

GET
H2 200 AppMeasurement.prod.js Show response
34.202.146.220/static/assets/scripts/omniture/ 47 KB
18 KB 104ms
104ms Script
application/javascript 34.202.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://34.202.146.220/static/assets/scripts/omniture/AppMeasurement.prod.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-146-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 3dd5dd37deb34bcfe40be7adb83177f8a391609c92b38a9eaeca8e25e1923043

Request headers

:path: /static/assets/scripts/omniture/AppMeasurement.prod.js
pragma: no-cache
cookie: _cb_ls=1; _gcl_au=1.1.1706067711.1626162652; s_fid=7DD89A5722DB463A-2C0363020372B704; s_nr=1626162652970-New; s_cc=true; AWSALB=bXcglZD1xKV/DdBPBqhcpGEgGgwdwQc6aaTKuZdB6VtsIdovQK2Bg9eFx/OzYqFe4WAVcOOPCwt3DaKNWF63SU/S5T1Pz/4/WEA9HaGRtZabltQj+GhUP3lL7Q9r; AWSALBCORS=bXcglZD1xKV/DdBPBqhcpGEgGgwdwQc6aaTKuZdB6VtsIdovQK2Bg9eFx/OzYqFe4WAVcOOPCwt3DaKNWF63SU/S5T1Pz/4/WEA9HaGRtZabltQj+GhUP3lL7Q9r
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 34.202.146.220
referer: https://34.202.146.220/wellness
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://34.202.146.220/wellness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Jul 2021 07:50:53 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 10:14:28 GMT
server: nginx/1.12.1
etag: W/"60d45b04-bbe7"
content-type: application/javascript
cache-control: max-age=86400 public
set-cookie: AWSALB=hJdWo+7IdeCQYyzg7Lk61KRsadY71yt29k87VAl0eKXe3np3IIwVb8SDS6muyix7PlaDUDTQN45FxGZP2VF2PzFbLqnDWlbC5s4ZtezBW/FqhrhZJzLZK8LIyIlh; Expires=Tue, 20 Jul 2021 07:50:53 GMT; Path=/ AWSALBCORS=hJdWo+7IdeCQYyzg7Lk61KRsadY71yt29k87VAl0eKXe3np3IIwVb8SDS6muyix7PlaDUDTQN45FxGZP2VF2PzFbLqnDWlbC5s4ZtezBW/FqhrhZJzLZK8LIyIlh; Expires=Tue, 20 Jul 2021 07:50:53 GMT; Path=/; SameSite=None; Secure
expires: Wed, 14 Jul 2021 07:50:53 GMT

GET
H/1.1 200
OK React.css
abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/react/ 25 KB
5 KB 40ms
40ms Stylesheet
text/css 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/react/React.css
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a474e6da7f9ad49560097b889ccb8b4e591c4631935341e934c8a433d5a0a55d

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "1d6dfc2388c83a9cdde23fcb3e1897a7:1614892935.726507"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=53859
Connection: keep-alive
Content-Length: 5036

GET
H/1.1 200
OK React.js Show response
abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/react/ 136 KB
21 KB 63ms
62ms Script
application/x-javascript 2.16.186.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/akamai/amp/react/React.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 67b97fc54dca892dccc3085af9b1de1ee423ca82552e9dae298002f6a910a267

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:50:53 GMT
Content-Encoding: gzip
Server: AkamaiNetStorage
ETag: "03780e83a5f49b85d98bc66dfb886b76:1614892933.644239"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=53806
Connection: keep-alive
Content-Length: 20980

GET
H/1.1 200
OK amp.gif Show response
amp.akamaized.net/ 0
319 B 6ms
6ms XHR
image/gif 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/amp.gif?os=Windows&osver=10&browser=Chrome&browserver=89.0&prod=%20Premier%20-%20ABC%20News&prodver=2.106.5&platform=web&url=https%3A%2F%2F34.202.146.220%2Fwellness&event=ready&data=340
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Jul 2021 07:50:53 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK 25193 Show response
stags.bluekai.com/site/ Frame 5D9D 71 B
338 B 231ms
172ms Document
text/html 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/25193?ret=html&phint=prop4%3D&phint=prop5%3DIndex&phint=prop15%3DREDACTED&phint=eVar2%3Dfalse&phint=eVar20%3D&phint=channel%3D&phint=__bk_t%3DHealthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&phint=__bk_k%3DGMA&phint=__bk_l%3DREDACTED&phint=__bk_v%3D3.1.10&phint=__bk_rd%3D4&limit=10&r=66259040
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://34.202.146.220/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.202.146.220/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 2a3d
Date: Tue, 13 Jul 2021 07:50:53 GMT
Connection: keep-alive
X-N: S

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 40ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021070701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

723605ec6273ddecd90c26f327ad78a5a01971e2aac929db8a6ea27ad3f59b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Jul 2021 07:50:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8393
x-xss-protection: 0

GET GetDE
tredir.go.com/capmon/ 0
0

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 13ms
13ms Script
application/x-javascript 2600:9000:2190:9e00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: abcnewsplayer-a.akamaihd.net
URL: https://abcnewsplayer-a.akamaihd.net/player/2.106.5/amp.premier/amp.premier.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 06:17:15 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:14:48 GMT
server: nginx
age: 5618
etag: W/"60e794f8-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 3c3BAL278C4kIFFCZv_H2Y3Tk1qO3BrQbwmF_BBX8jlFfDPsI_c49g==
expires: Tue, 13 Jul 2021 08:17:15 GMT

GET
H3-29 200 bridge3.470.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5740 576 KB
189 KB 20ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22c031e19cdefab2a4bf106a8e10ece1649009a2ba5c59696d31548e80b26a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.2_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://34.202.146.220/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.202.146.220/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193308
date: Sat, 10 Jul 2021 02:37:16 GMT
expires: Sun, 10 Jul 2022 02:37:16 GMT
last-modified: Sat, 10 Jul 2021 02:30:41 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 278017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Jul 2021 07:50:53 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8B4B 36 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 13 Jul 2021 08:47:58 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 307ms
102ms Image
image/gif 54.158.243.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=goodmorningamerica.com&p=%2Fwellness&u=48q_ByoTxyCAfx8U&d=34.202.146.220&g=12240&g0=wellness&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4413&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2154&t=DWLq2KB9Hu8ZDFgel5BKwhZPBau4Vi&V=128&i=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&tz=-120&sn=1&sv=C5DX6dDhDuKTBF-QEgDr3ZgdjNoSU&sd=1&im=067b2fd2&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.243.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-243-4.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jul 2021 07:50:53 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 07:50:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 13 Jul 2021 07:50:53 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 96B5 12 KB
5 KB 16ms
13ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://34.202.146.220/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.202.146.220/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 13 Jul 2021 07:43:31 GMT
expires: Wed, 13 Jul 2022 07:43:31 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D44 783 B
530 B 16ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7766f880873158c3896387d01e4f336ac996aa4b8fb8709286ad1be55fbe9dbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DyfQsJEaDAMJLYB8+hzleg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://34.202.146.220/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://34.202.146.220/

Response headers

expires: Tue, 13 Jul 2021 07:50:53 GMT
date: Tue, 13 Jul 2021 07:50:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DyfQsJEaDAMJLYB8+hzleg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame 96B5 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 16:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 402535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 16:01:58 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021070701&jk=209379171717355&bg=!ZmWlZSHNAAZjFomlYxY7ACkAdvg8Wqn8hK_cQbo4KMs8yK2edpazSJKmDHag0mF20-CGAhWNfzzr1wIAAABzUgAAAA1oAQeZAn6sjvao0n2CyKp9vDl3_qKBwvhP4uPRG-7v2_Qn5jTjgdD4XAiA1F5hpAJlrfc3mircOAzaYvyBDFp4vDRZRBtFK8DM7BqTwrNnu12INMNkYSkB06VmOd6-gpZgOUkZdZ2YCEbMqm-apZ2FsOJnAv7YJAZdjU10_BQiA3Kg7rhAFlxqj0wcCQLdgV8Qjd_LVXvlSJTdfoUkfmcthOo1JG8wTcFTG0oYmT7jPNfFoxutXa6axvuN2syO0FucaKxyJLAVyBVJzQ1djPn8pBVLzigVDj5b5SdBZ_OqDShIgZJsPkeqdkOArgWw3rNFn2MoTsfKaomLuLVR2EeWTAk8tVx8emA1-hknjApbkVQ5b3x-X5e9BbQHopBqv65GFqtLvU_M5ee_vg9DkQU-mZrb4kJJfIVv1z2lPg7Jo9nbff8emGRfdrGoDzKDELT5xQYHuKoYZI6pH4NzTjyL9iqGiWcAbpXL87j_T10D7d5HO_anSjdEpEOSM5HfmhAFlLUmIe3tS3w_aZplC6VOlSzzyTss4nhoCkXwJUGuMDHJwdp2x5JN_xDq3sAgmBM9_6vTti7PKxvrKZWsdRLIdiBSsHuWuFG_DJuZfSjWi3eaByFBpCRhC0VlDEOrG_ETWdfV46pWmFkCmUWGBGN6dA_evd28PyNEimAGaJkrcV418adKVcdlR3S9R9Uke3bsMQM0g0nm9xqf2eGLKuRWUKsY_BSDopYQj6vgHBF5iXxpHypppjGa72vcviptQhJJVU6wAxwy9sVdMDnIpHNYYvRXJnlLErgQXfMq3ytSev8eQQ-DeLEi85D43QgkaGlNANTe0otkNQ7hnWJaLHhyebrEJQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jul 2021 07:50:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
336 B 52ms
51ms Image
image/gif 54.72.150.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=us-300437&ch=us-300437_c12_Wellness_P&asn=Wellness&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=ka4w78h0iorfodefuf99lcadeez8t1626162652&prv=1&c6=vc,c12&ca=NA&c13=asid,PD6675FA3-CCCD-496D-AC9A-FC7EAAC714E3&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16261626524229944&c30=bldv,6.0.0.602&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=Wellness&c3=st,c&c64=starttm,1626162653&adid=Wellness&c58=isLive,false&c59=sesid,&c61=createtm,1626162653&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2F34.202.146.220%2Fwellness&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1626162653&rnd=669714
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.150.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-150-57.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jul 2021 07:50:54 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 gn
global.imrworldwide.com/cgi-bin/ 35 B
213 B 153ms
50ms Image
image/gif 54.171.251.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.imrworldwide.com/cgi-bin/gn?prd=metadata&c9=devid,&c13=asid,PD6675FA3-CCCD-496D-AC9A-FC7EAAC714E3&sessionId=ka4w78h0iorfodefuf99lcadeez8t1626162652&c30=bldv,6.0.0.602&pgUrl=https%3A%2F%2F34.202.146.220%2Fwellness&pgTitle=Healthy%20Living%2C%20Exercise%20Tips%2C%20Fitness%20Trends%20%7C%20GMA&uoo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.251.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-251-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://34.202.146.220/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jul 2021 07:50:54 GMT
max-age: 0
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 35
expires: 0

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 26F6
Redirect Chain

https://loadus.exelator.com/getid?p=1480&g=1&j=0&asid=PD6675FA3-CCCD-496D-AC9A-FC7EAAC714E3
https://load77.exelator.com/pixel.gif

43 B
335 B

20ms
6ms

Image
image/gif

2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rywQrCzvRzEOAA==
x-accel-expires: @1626269338
date: Tue, 13 Jul 2021 07:50:57 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: C4ZxJdjBIsE=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 930119
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Tue, 13 Jul 2021 07:50:57 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 403 insync
thrtle.com/ Frame 26F6 0
0 303ms
101ms Image
text/html 3.226.4.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10071&vxii_pdid=0c1c3810-e3af-11eb-9826-edb37397446e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.4.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-4-134.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 403 insync
thrtle.com/ Frame 26F6 0
0 101ms
101ms Image
text/html 3.226.4.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10071&vxii_pdid=0c1c3810-e3af-11eb-9826-edb37397446e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.4.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-4-134.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.goodmorningamerica.com
URL: https://www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Regular/TheinhardtRegular-Regular.woff2

Domain: www.goodmorningamerica.com
URL: https://www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Regular/TheinhardtRegular-Regular.woff

Domain: www.goodmorningamerica.com
URL: https://www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Bold/TheinhardtBold-Regular.woff2

Domain: www.goodmorningamerica.com
URL: https://www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Bold/TheinhardtBold-Regular.woff

Domain: www.goodmorningamerica.com
URL: https://www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Light/TheinhardtLight-Regular.woff2

Domain: www.goodmorningamerica.com
URL: https://www.goodmorningamerica.com/static/assets/fonts/Theinhardt_Light/TheinhardtLight-Regular.woff

Domain: tredir.go.com
URL: https://tredir.go.com/capmon/GetDE

Domain: an.facebook.com
URL: https://an.facebook.com/v1/prebid.json

Domain: tredir.go.com
URL: https://tredir.go.com/capmon/GetDE

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imrworldwide.com/	1970-01-20 05:04:18	Name: IMRID Value: 0c1c3810-e3af-11eb-9826-edb37397446e
.imrworldwide.com/	1970-01-20 05:04:18	Name: SSCVER Value: v1
34.202.146.220/	1970-01-19 19:42:44	Name: _cb_svref Value: null
34.202.146.220/	1970-01-20 05:11:30	Name: _chartbeat2 Value: .1626162653490.1626162653490.1.C5DX6dDhDuKTBF-QEgDr3ZgdjNoSU.1
34.202.146.220/	1970-01-19 19:52:47	Name: AWSALB Value: hJdWo+7IdeCQYyzg7Lk61KRsadY71yt29k87VAl0eKXe3np3IIwVb8SDS6muyix7PlaDUDTQN45FxGZP2VF2PzFbLqnDWlbC5s4ZtezBW/FqhrhZJzLZK8LIyIlh
34.202.146.220/	1970-01-20 05:11:30	Name: _cb_ls Value: 1
34.202.146.220/	1969-12-31 23:59:59	Name: s_cc Value: true
34.202.146.220/	1970-01-19 19:52:47	Name: AWSALBCORS Value: hJdWo+7IdeCQYyzg7Lk61KRsadY71yt29k87VAl0eKXe3np3IIwVb8SDS6muyix7PlaDUDTQN45FxGZP2VF2PzFbLqnDWlbC5s4ZtezBW/FqhrhZJzLZK8LIyIlh
34.202.146.220/	1970-01-20 13:13:54	Name: s_fid Value: 7DD89A5722DB463A-2C0363020372B704
34.202.146.220/	1970-01-19 20:25:54	Name: s_nr Value: 1626162652970-New
34.202.146.220/	1970-01-20 05:11:30	Name: _cb Value: 48q_ByoTxyCAfx8U
34.202.146.220/	1970-01-19 21:52:18	Name: _gcl_au Value: 1.1.1706067711.1626162652

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://34.202.146.220/static/gmaVue/js/app.a5e717a2916304ebef81.js(Line 1) Message: Error fetching item from storage
console-api	log	URL: https://34.202.146.220/static/gmaVue/js/app.a5e717a2916304ebef81.js(Line 1) Message: Chartbeat not ready...
console-api	log	URL: https://34.202.146.220/static/gmaVue/js/app.a5e717a2916304ebef81.js(Line 1) Message: player.react is defined [object Object]
console-api	log	URL: https://34.202.146.220/static/gmaVue/js/app.a5e717a2916304ebef81.js(Line 1) Message: controlElems -> [object HTMLDivElement]
console-api	log	URL: https://34.202.146.220/static/gmaVue/js/app.a5e717a2916304ebef81.js(Line 1) Message: vol_components Exist -> [object NodeList]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

65c8accaa7fd35e07ae7723df2939a13.safeframe.googlesyndication.com
abcnews.go.com
abcnewsplayer-a.akamaihd.net
adservice.google.com
adservice.google.de
amp.akamaized.net
an.facebook.com
cdn-gl.imrworldwide.com
cdn.registerdisney.go.com
cdn.unid.go.com
connect.facebook.net
global.imrworldwide.com
googleads.g.doubleclick.net
imasdk.googleapis.com
ka4w78h0iorfodefuf99lcadeez8t1626162652.nuid.imrworldwide.com
load77.exelator.com
loadus.exelator.com
mab.chartbeat.com
pagead2.googlesyndication.com
ping.chartbeat.net
s.abcnews.com
s0.2mdn.net
sb.scorecardresearch.com
secure-dcr.imrworldwide.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.chartbeat.com
sw88.go.com
tags.bkrtx.com
thrtle.com
tpc.googlesyndication.com
tredir.go.com
www.facebook.com
www.goodmorningamerica.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
an.facebook.com
tredir.go.com
www.goodmorningamerica.com
104.111.228.137
13.224.99.14
13.224.99.79
13.224.99.9
13.36.218.177
142.250.186.34
18.198.69.109
2.16.186.72
216.58.212.162
23.45.99.241
2600:9000:2190:9e00:18:1fcd:34f:cdc1
2600:9000:2190:c00:2:42d9:3100:93a1
2600:9000:21f3:dc00:1d:667e:2a40:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:801::2004
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2004
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:26f0:6c00:293::2c0c
2a02:26f0:6c00::210:ba2a
2a02:6ea0:c700::1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::714
3.226.4.134
34.202.146.220
54.158.243.4
54.171.251.161
54.72.150.57
0283fca5dd9b91c5782ecf86e03c4f2b353e56793d82fca18b2e5c0521734dfc
04f1e444c798d57c61a460e2e42d2b7a916d82e731aa309a7fbb87e8c2d452c7
07594b76de34df28ee24e212b23b68ebcda41adae89672179c020191c4784a4a
0bd792bd6a8737a6a9d48e5dec0e9e965c38952f466bc93e6fdd5311466e2a1e
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11a7e41f82de9046f0929cdfade98552d0d38bf0f290f4b5c94a7a5944661b25
11fa527ce101745cfaa7dad0ebe27baf4fca2102b0b6afffdb931df18b1099b1
1b1fb74a730d7d57f1b3728be92d2f87f3d4f6424292614352916875b1f4b18a
21abdc6b09e132530557ccb094f848a42034c37fca1ddd080ee62f2c106ffeeb
22c031e19cdefab2a4bf106a8e10ece1649009a2ba5c59696d31548e80b26a76
23d7246bd7c762d681724c43573e6ae21ac9d8373dc950573650cad1098739d0
2b85155f16582fa8784c33fe907acb35a2d5e3b4aece94e6be2b5eca5081f901
2c6e10ba519d65a038df50cc68496da2dc48f9a91fb94e2158f07ceab0298f0a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
337c049cdb13e83c45cb6a117c15232994586c7130f7547c73138346f50d03af
3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35
396e84575706e8c0a059418374b87efba1e73f55001ed026a3a2babed00f2d3b
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7
3c3be1db106c82efea9262d2af447315d414cf058d98a6b81388eb05908f28d9
3c9c7780f89f0a064ec99c08d603308c4a4da5ae87f506053a1dc2b73cceacfc
3dd5dd37deb34bcfe40be7adb83177f8a391609c92b38a9eaeca8e25e1923043
3e0675549099e7d26854bd19f627a4bcee3be9cf5d3cd61e4c5ffc1a784698a0
482b1070ed8fee6e694d3100edbe25a077de63e0c1a9b3caad88158ad1b6a7bb
4c3d402e7f697eb7975fe943d63fe8273e3b419933ee2b674e2cc1f68791c7ce
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52f5056ea238387c2605ab0d02f7069c6aa05f11cf4ba9508cf30a5d224df11a
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
5529cef0c1adda6f0aee55d1abdce3b7062ae03dbfce613c2b82829fc1dbbbb3
559add1036ca95f1255c28af0ce2af54b1f16339f1c9621980d7755d2745df6c
57ecc41460fa1fd86d50e4179caf345f970bc203757b13758b338b3bd6d1b3d4
598781e4a053b14d9afaa888584a046bf907d17d194e2562333ece606f70ef85
5ba10a03fd15efa1a2e59b472c721091b8eb2f5101d66381bac7c87e2cc862df
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
637ddea341484e7a10cbf236109d751e940954fe905e1da470698fc9a771f421
67b97fc54dca892dccc3085af9b1de1ee423ca82552e9dae298002f6a910a267
6818ee7b403430075ab6bba5d55a66a7b831766d1a58c67dc2a2514ef97f71a5
6981cd7233abb47965d2f4676aa914a9ce425a48992aa7f40080e19f08b38edb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
702b04dc37284fd4e3884ca1e0a3b98674e048d32ad954d90486c26d334e76d2
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c
723605ec6273ddecd90c26f327ad78a5a01971e2aac929db8a6ea27ad3f59b46
76018a8b7e80b5bc8d82776e718782edd2f8598b7e4d01b94435a76265b745a9
765044d2d15f6bf3844ad08b8c721717294f89559b9b1ad4f062925ae5056cad
7766f880873158c3896387d01e4f336ac996aa4b8fb8709286ad1be55fbe9dbc
780dfc714eef67c4041fd6ff8b617abbd7111d0cb84b7ee419c2c4f2bdd6282f
7d103d276cd86e871a42584fcdc905d0f2305b90bac6f6f49c0220eb9b40e0b4
7e25751afa236a0546e54720d5a1f39fb4e6ee383af2d0fb120e03421d67e389
803a24cfe218a46a580c775b9fe99c3115f46fa49fc99c476b6ba21337f1c0dd
80e01638703c31f94debc8a866e262de07515826626e09deed963b50630b484e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
9801373a6bbfc6a748fa392e749c70434962edd65913f068f302061cd8db9c84
98554fc698979fdd5f48678558536655f6d2e3aaad8c190d0b4da238c3ad281f
9bba70d77bd6607a7dcb871c1c633f86ad14db76150329b7737e409077aeff14
9dcfe263671b03e7975fdebe82329adae068dfe790008211786650fc28231468
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2461a68ef27e630942b976d6368fd7b60d50abad81285eacc4a383619674f02
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a474e6da7f9ad49560097b889ccb8b4e591c4631935341e934c8a433d5a0a55d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ae9bb25df5d933d9a027ca44ff2dcb84a3543c90f5989967f1fd887e6c0280
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b26cb850a6364a3149bb15761631a864776cc7f3b4b43ba0f7503467bb7160c5
b43321f3a7184b4dce8f1b8a85d62bf6f61324520f6e1582e0d023fce742bb4f
b63d3a021bc40338676b7587fc61214da3ab273779ffa0a97b1a94921f655734
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
cd441efc6f1c1b6d9bf99ba2a163c8a6e6c178989c8d792da47fed8207178c13
cd5d9ac7543701ed92ed186acb0ac30cf8af4129e88d40275da46a180fedf7bf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1c816ee5b3a8e27baa22fce7518abe51af4108d2b95d5ff4e99244ad6c8656c
d3ccb9b4e53fff0d7d4e8c4886e8bde12c05e34da883ba1b009e8f110d0894e5
e0aedaae70941a7d427a362d41e87cbfc760ea3cd8b129bc096b6e54b9f44b31
e17dfb533f166cb326da4032cb934cd694add5de7aa100f9aec6258051820105
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409554d417d3fc1c28720ec9b095262c60634bf90be6b7418f09aead7055711
e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf
ece762b8ee18837f9e48b0d7ad709cedb475610c41ca0d8ed9d6a4f61a62af6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f58de7b184865867f806060ce778b56d96db5c9886eba86bfad2068b43ff162f
fb3024753f8e14a78de1d300894661f4b1256b00493dadbcb3abb96137dff4e5
fdca261ee1cb374c70309800109c539fe5af6ca496eef062b5fd851abf8626d9

34.202.146.220 Open in urlscan Pro 34.202.146.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

109 Requests

73 %HTTPS

63 %IPv6

25 Domains

40 Subdomains

41 IPs

4 Countries

2867 kBTransfer

9119 kBSize

12 Cookies

16 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

34.202.146.220 Open in urlscan Pro
34.202.146.220 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

73 %
HTTPS

63 %
IPv6

25
Domains

40
Subdomains

41
IPs

4
Countries

2867 kB
Transfer

9119 kB
Size

12
Cookies

109 HTTP transactions
2 data transactions