www.stripes.com Open in urlscan Pro
3.33.168.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html#.ya1xdqc-mdo.twitter
Effective URL:
https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Submission: On December 06 via api (December 6th 2021, 6:11:43 am UTC) from GB — Scanned from GB

Summary HTTP 349 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 80 IPs in 7 countries across 46 domains to perform 349 HTTP transactions. The main IP is 3.33.168.159, located in United States and belongs to AMAZON-02, US. The main domain is www.stripes.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 14th 2021. Valid for: a year.

This is the only time www.stripes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	3.33.168.159 3.33.168.159	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:231... 2600:9000:2315:6400:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
8	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 15	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
7 14	202.212.180.67 202.212.180.67	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:220... 2606:2800:220:131d:1d30:1f1d:238b:1e56	15133 (EDGECAST) (EDGECAST)
11	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
3	54.161.145.16 54.161.145.16	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
5	2600:9000:215... 2600:9000:2156:600:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:8c00:c:b42a:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
7	143.204.98.7 143.204.98.7	16509 (AMAZON-02) (AMAZON-02)
8	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	35.190.64.11 35.190.64.11	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::714	54113 (FASTLY) (FASTLY)
9	3.132.182.4 3.132.182.4	16509 (AMAZON-02) (AMAZON-02)
7	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.45.110.243 23.45.110.243	16625 (AKAMAI-AS) (AKAMAI-AS)
31	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
5	35.153.224.87 35.153.224.87	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:215... 2600:9000:2156:9800:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.45.61.27 52.45.61.27	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:215... 2600:9000:2156:9000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
6	35.158.176.54 35.158.176.54	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
10	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:858	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:fb:... 2a02:26f0:fb:199::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:215... 2600:9000:2156:2e00:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
6	52.31.239.78 52.31.239.78	16509 (AMAZON-02) (AMAZON-02)
1	158.101.26.148 158.101.26.148	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.21.142.98 2.21.142.98	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	143.204.98.58 143.204.98.58	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
5	52.88.197.51 52.88.197.51	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
3	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.215.102.174 52.215.102.174	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:d000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	3.229.193.232 3.229.193.232	14618 (AMAZON-AES) (AMAZON-AES)
1	3.217.20.60 3.217.20.60	14618 (AMAZON-AES) (AMAZON-AES)
1	52.38.158.138 52.38.158.138	16509 (AMAZON-02) (AMAZON-02)
25	2600:9000:215... 2600:9000:2156:6c00:1e:efeb:b400:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.208.85.173 18.208.85.173	14618 (AMAZON-AES) (AMAZON-AES)
2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.96.122.219 34.96.122.219	15169 (GOOGLE) (GOOGLE)
349	80

36 3.33.168.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1c0ff5298814abde.awsglobalaccelerator.com

www.stripes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2315:6400:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 202.212.180.67 (Nagoya, Japan) 7 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

epub.stripes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.161.145.16 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-145-16.compute-1.amazonaws.com

trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:600:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:8c00:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.98.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-7.fra50.r.cloudfront.net

downloads.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.64.11 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 11.64.190.35.bc.googleusercontent.com

unwieldyhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.132.182.4 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-182-4.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

vd.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
delivery.trinityaudio.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

cdn.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.110.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-110-243.deploy.static.akamaitechnologies.com

mc.us2.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.153.224.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-224-87.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:9800:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.61.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-61-27.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.158.176.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com

depart.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:858 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:199::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:2e00:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.31.239.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.101.26.148 (Phoenix, United States)

ASN31898 (ORACLE-BMC-31898, US)

o.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.142.98 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-98.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-58.fra50.r.cloudfront.net

api-location-prd.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.88.197.51 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-197-51.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.102.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:d000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.229.193.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-193-232.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.20.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-20-60.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.38.158.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-158-138.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:2156:6c00:1e:efeb:b400:93a1 (United States)

ASN16509 (AMAZON-02, US)

content1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.100 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.85.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-85-173.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.122.219 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 219.122.96.34.bc.googleusercontent.com

gallery.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	stripes.com 7 redirects www.stripes.com epub.stripes.com	907 KB
42	googlesyndication.com tpc.googlesyndication.com e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com pagead2.googlesyndication.com	851 KB
41	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com cdn1.avantisvideo.com avm.avantisvideo.com events1.avantisvideo.com content1.avantisvideo.com	2 MB
34	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	344 KB
22	doubleclick.net pubads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	222 KB
17	revcontent.com assets.revcontent.com trends.revcontent.com cdn.revcontent.com images.revcontent.com	165 KB
15	trinitymedia.ai trinitymedia.ai vd.trinitymedia.ai depart.trinitymedia.ai	726 KB
10	googletagservices.com www.googletagservices.com	252 KB
9	typekit.net use.typekit.net p.typekit.net	139 KB
8	aniview.com play.aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	106 KB
8	addthis.com s7.addthis.com m.addthis.com o.addthis.com api-public.addthis.com	218 KB
8	mailchimp.com downloads.mailchimp.com gallery.mailchimp.com	1 MB
7	stripe.com js.stripe.com q.stripe.com m.stripe.com	67 KB
7	googleapis.com ajax.googleapis.com fonts.googleapis.com imasdk.googleapis.com	739 KB
6	google.com adservice.google.com www.google.com	1 KB
6	google-analytics.com www.google-analytics.com	40 KB
5	postrelease.com jadserve.postrelease.com	3 KB
5	teads.tv cdn.teads.tv s8t.teads.tv t.teads.tv a.teads.tv	169 KB
5	pelcro.com js.pelcro.com www.pelcro.com api-location-prd.pelcro.com	201 KB
5	googletagmanager.com www.googletagmanager.com	247 KB
4	adnxs.com 2 redirects secure.adnxs.com ib.adnxs.com	4 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
3	2mdn.net s0.2mdn.net	70 KB
3	gstatic.com fonts.gstatic.com	143 KB
3	unwieldyhealth.com unwieldyhealth.com	31 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	24 KB
2	stripe.network m.stripe.network	18 KB
2	pinterest.com widgets.pinterest.com	611 B
2	reddit.com www.reddit.com	954 B
2	google.co.uk adservice.google.co.uk www.google.co.uk	1 KB
2	bugsnag.com sessions.bugsnag.com	140 B
2	chartbeat.net ping.chartbeat.net	401 B
1	adsrvr.org match.adsrvr.org	543 B
1	crwdcntrl.net id.crwdcntrl.net	338 B
1	rlcdn.com api.rlcdn.com	328 B
1	avplayer.com player.avplayer.com	71 KB
1	trinityaudio.ai delivery.trinityaudio.ai	8 KB
1	adsafeprotected.com static.adsafeprotected.com	482 B
1	addthisedge.com v1.addthisedge.com	2 KB
1	pubmatic.com ads.pubmatic.com	53 KB
1	moatads.com z.moatads.com	1 KB
1	list-manage.com mc.us2.list-manage.com	3 KB
1	simpli.fi tag.simpli.fi	789 B
1	ntv.io s.ntv.io	114 KB
1	cloudflare.com cdnjs.cloudflare.com	19 KB
349	46

	Domain	Requested by
36	www.stripes.com	www.stripes.com
25	content1.avantisvideo.com	player.avplayer.com
23	tpc.googlesyndication.com	www.stripes.com securepubads.g.doubleclick.net e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com
16	pagead2.googlesyndication.com	srcdoc ad.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
14	securepubads.g.doubleclick.net	www.googletagservices.com cd.connatix.com securepubads.g.doubleclick.net www.stripes.com e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
14	epub.stripes.com	7 redirects www.stripes.com
12	img.connatix.com	www.stripes.com
10	vid.connatix.com	cd.connatix.com
10	www.googletagservices.com	www.stripes.com securepubads.g.doubleclick.net e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com www.googletagservices.com
9	capi.connatix.com	www.stripes.com cd.connatix.com
8	use.typekit.net	www.stripes.com use.typekit.net
7	downloads.mailchimp.com	www.stripes.com downloads.mailchimp.com
6	images.revcontent.com	www.stripes.com
6	trends.revcontent.com	js.pelcro.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com js.pelcro.com
6	depart.trinitymedia.ai	vd.trinitymedia.ai js.pelcro.com
6	vd.trinitymedia.ai	trinitymedia.ai www.stripes.com
5	events1.avantisvideo.com	js.pelcro.com
5	www.google.com	securepubads.g.doubleclick.net www.stripes.com tpc.googlesyndication.com
5	jadserve.postrelease.com	s.ntv.io www.stripes.com
5	www.googletagmanager.com	www.stripes.com www.googletagmanager.com
4	track1.aniview.com	player.aniview.com
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	cdn.avantisvideo.com	www.stripes.com cdn.avantisvideo.com
4	assets.revcontent.com	www.stripes.com assets.revcontent.com
3	q.stripe.com	www.stripes.com
3	js.stripe.com	js.pelcro.com js.stripe.com
3	api-public.addthis.com	s7.addthis.com
3	s0.2mdn.net	imasdk.googleapis.com e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
3	e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	unwieldyhealth.com	www.stripes.com js.pelcro.com
3	s7.addthis.com	www.stripes.com s7.addthis.com
3	trinitymedia.ai	www.stripes.com vd.trinitymedia.ai
2	ib.adnxs.com	player.aniview.com
2	secure.adnxs.com	2 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	ad.doubleclick.net	www.googletagservices.com
2	api-location-prd.pelcro.com	js.pelcro.com
2	widgets.pinterest.com	s7.addthis.com
2	www.reddit.com	s7.addthis.com
2	t.teads.tv	www.stripes.com
2	mug.criteo.com	www.stripes.com
2	gum.criteo.com	1 redirects
2	fonts.googleapis.com	vd.trinitymedia.ai
2	sessions.bugsnag.com	js.pelcro.com
2	ping.chartbeat.net	www.stripes.com
2	static.avantisvideo.com	cdn.avantisvideo.com
2	js.pelcro.com	www.stripes.com js.pelcro.com
2	platform.twitter.com	www.stripes.com platform.twitter.com
2	cds.connatix.com	www.stripes.com cd.connatix.com
2	static.chartbeat.com	www.stripes.com
1	gallery.mailchimp.com
1	sync.aniview.com	player.aniview.com
1	m.stripe.com	m.stripe.network
1	go1.aniview.com	player.aniview.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	player.aniview.com	cdn.avantisvideo.com
1	player.avplayer.com	cdn.avantisvideo.com
1	play.aniview.com	cdn.avantisvideo.com
1	cdn.revcontent.com	www.stripes.com
1	www.google.co.uk	www.stripes.com
1	a.teads.tv	s8t.teads.tv
1	stats.g.doubleclick.net	www.google-analytics.com
1	syndication.twitter.com	platform.twitter.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	o.addthis.com	www.stripes.com
1	s8t.teads.tv	cdn.teads.tv
1	www.pelcro.com	js.pelcro.com
1	delivery.trinityaudio.ai	vd.trinitymedia.ai
1	static.adsafeprotected.com	www.stripes.com
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	ads.pubmatic.com	assets.revcontent.com
1	z.moatads.com	s7.addthis.com
1	pubads.g.doubleclick.net	www.stripes.com
1	mc.us2.list-manage.com	downloads.mailchimp.com
1	cdn.teads.tv	www.stripes.com
1	mab.chartbeat.com	static.chartbeat.com
1	p.typekit.net	use.typekit.net
1	tag.simpli.fi	www.stripes.com
1	s.ntv.io	www.stripes.com
1	cdnjs.cloudflare.com	www.stripes.com
1	cd.connatix.com	1 redirects
1	ajax.googleapis.com	www.stripes.com
349	91

This site contains links to these domains. Also see Links.

Domain
ww2.stripes.com
veteranjobs.stripes.com
europe.stripes.com
guam.stripes.com
japan.stripes.com
korea.stripes.com
okinawa.stripes.com
obituaries.stripes.com
militarychild.stripes.com
bestofgermany.stripes.com
bestofpacific.stripes.com
letterstosanta.stripes.com
penpal.stripes.com
printshop.stripes.com
www.stripesstore.com
twitter.com
www.facebook.com
trends.revcontent.com
help.revcontent.com
www.revcontent.com
epub.stripes.com
dodcio.defense.gov
adclick.g.doubleclick.net
www.addthis.com

Subject Issuer	Validity	Valid
*.stripes.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-09-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
assets.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
trinitymedia.ai Sectigo ECC Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.avantisvideo.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
*.pelcro.com Amazon	`2021-01-13` - `2022-02-10`	a year	crt.sh
downloads.mailchimp.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
unwieldyhealth.com R3	`2021-11-16` - `2022-02-14`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
vd.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
wildcardsan.list-manage.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-09-27`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
depart.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-28` - `2021-12-28`	a year	crt.sh
delivery.trinityaudio.ai Sectigo RSA Domain Validation Secure Server CA	`2021-08-30` - `2022-08-30`	a year	crt.sh
pelcro.com Sectigo RSA Extended Validation Secure Server CA	`2020-02-25` - `2022-02-18`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.addthis.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-01` - `2022-02-09`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
www.google.co.uk GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
cdn.revcontent.com R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
images.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-02-02`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
outstreamedia.com R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
gallery.mailchimp.com GTS CA 1D4	`2021-10-23` - `2022-01-21`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Frame ID: B6328F77F720B1739FFCE199903EDA8D
Requests: 205 HTTP requests in this frame

Frame: https://cds.connatix.com/p/140482/connatix.player.dc.js
Frame ID: F7BF8C5EF9A1B35BF635DDD87ADFC13F
Requests: 21 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/pulse/2900005504/?playlist=//delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Frame ID: 6F0A39F8A2856DE19536578C3EB1CFFB
Requests: 7 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C6D59F6356C0AEEEBD266D5A869C90DE
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 75842A8F9C8B2A0A36E79AC6CD671A94
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 86AE38F30D9A6965F2ECB82F6EAD17CE
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.stripes.com
Frame ID: 03302D6E0A2AC36A088C76DDEF4D47C1
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap
Frame ID: 867DCFAA1D3BAE694EDE3A6EF6AAF686
Requests: 2 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=f9ef387f-945a-43ee-b14c-0c7ccb2c19ab&isLegacyBrowser=false&version=20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8&useCFCDN=0&themeId=267
Frame ID: 6A88D1BED1B463F8DFD4C0C837BF4F91
Requests: 9 HTTP requests in this frame

Frame: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7ADC54E53AD65D8647DF3B20AAFED944
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: C3666BEE8EE5EB68859C70EB7838B060
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: A68C741A3BA04B2B4E5F83ADCB3E4D7B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: CF1C53AAA639B2CAE8DC6FA79D091A2F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvz6A-lS_t7XACLeEgZl4S3j5D6Qy-Nlo-t_ChE3XiZRZX9Z4uRoRMeBOpOKWA1ruIkGBzmKo_X1xeql26HJ2qcBQ9xPVNV5NyoP3Hej_tYCfclKL8y0RZO3fuDlgjhaAshGywA0jvRFCm00nUy7wB8VtF4oeww9hUXr8dhXAupG9qVzRd9hzQhfR4Y2CDWKWSW793z8zx1DEsep87InhyiWQoDDV-qUooBbe4xvkjHfN6ASboyGXIobOiM4-fLzaqRI0Q9aBNm3x4Wjnowxp0gl-95FPfgGv5RHkyEdhdDTB43x0zqkU-XbS1MAxvKlDqj2w&sig=Cg0ArKJSzBs_zAB6WIc1EAE&uach_m=[UACH]&adurl=
Frame ID: 1293E63322B506AD03E3A11B4B92ECBF
Requests: 9 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: 091B2BDEBAF423C83E52962A1D34CAED
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: A770571834B47DA9BD3E7D196AFB9FD8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D7991357B079F5902635940FF2C9249C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E036DA6413C7517DF23CBE876EFDF808
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F745C9E5140593AB209CB10C35960518
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1qn3tE6pyLtq4-F66ov3aYNj6ZCuoCyPgc-iZKq6EYtM0yFDeoo7GYwyfkyEZ8WrFqWRkj-Nir3ugaF15gOVhIBc9iMIhbcOYtD3u2Ywhp4DhAHxhtYWAKwvG3VBNdY4lGqfIitc7tGSCvfWEMbThi_Q3sjbG2m0gIjSKh2RY8ns2lrSMZkc-ZQQ7y4I0gUs-EjrcEx_w8DqfrE8wv8nzaMaWTJi_lG6GDv9VT8MXZlTE7ZTswNtv_vjjWO2CbwroUf16zWqgF4D4RCM5fQVHtq-QgR9Cmnfxg4KPKcHuyR5OGMFQLjUCskdvxV4nIDLM&sig=Cg0ArKJSzNEGgqwgCpxFEAE&uach_m=[UACH]&adurl=
Frame ID: F47F4100A76D8C83271A6995358AE302
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkq4OV4PEo3ykeR3bi6a0Q9YpFU49Jwhyh7u8MmwtMNxfj7lohf3hZtKgXKpYvNTM-O-pQIBKoAclY82Ho_Dk1-sNcxFgle58AmOCLU2fW0J_9WHapdTeFiLJQesncNJeyVBmKoZjkCGNM_F0sAUBlf9NY0-xVz8hZ3_F5hfow9FbRwWi-5B6fc-YIvu-HQ3JCw8xpPVqrYLFcdV5DX73drnbQABNezyM3qoaHtqJvR3FtkavrrTUbxH_DP5KOGzYAvLT4IlieBcv8Bo32h8KKDncxbbVGE132eW7WLrbbwgTfUSS3v-zqLvHMEMVgFv6diQ&sig=Cg0ArKJSzONIW7vtXI1IEAE&uach_m=[UACH]&adurl=
Frame ID: 18FC6E7C9FCE42583CAE13476979E85C
Requests: 8 HTTP requests in this frame

Frame: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9592AB9B1F1FEC1D950A0D99F1289092
Requests: 16 HTTP requests in this frame

Frame: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C79B366498D0FAD9D908AFAAC2397335
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB7C65D7640AD579AB941C3872773FB3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E21EF02CAB0B99079716DB77E809070E
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 20DFFCD6B5C76BC92F07F38FCA179D77
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Frame ID: 70C6E62DE94E7B10543A95A10E77D79D
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4B7B34C2A7FC1D870C02E4C519691E6D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8EA75D04CAD87822C1B7B4AD1E5169B3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9DAA782D2D40A9944D5B4A265C970348
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1638771088543-956670011783-005724-004-004919&biddername=55&key=1745699476523475939
Frame ID: 581F7296A46993F363ACA8C47B6CAAB5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pegasus spyware used to hack US diplomats working abroad | Stars and StripesEmailPrintRedditTwitterFacebookPinterestAddThis

Page Statistics

349
Requests

97 %
HTTPS

44 %
IPv6

46
Domains

91
Subdomains

80
IPs

7
Countries

9219 kB
Transfer

19308 kB
Size

55
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://ww2.stripes.com/subscribe/support-our-mission
Title: Support our mission

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/communities
Title: Communities

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/veterans/valoans
Title: VA Loans

Search URL Search Domain Scan URL

URL: https://veteranjobs.stripes.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/rewards-for-readers
Title: Rewards for readers

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/epaper
Title: ePaper

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/archives-faq
Title: Archives/Library

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/epaper/special-publications
Title: Special Publications

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/apps
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/newsletters
Title: Email Newsletters

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/digital-access
Title: Digital Access

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/home-delivery
Title: Home Delivery

Search URL Search Domain Scan URL

URL: https://europe.stripes.com/
Title: Stripes Europe

Search URL Search Domain Scan URL

URL: https://guam.stripes.com/
Title: Stripes Guam

Search URL Search Domain Scan URL

URL: https://japan.stripes.com/
Title: Stripes Japan

Search URL Search Domain Scan URL

URL: https://korea.stripes.com/
Title: Stripes Korea

Search URL Search Domain Scan URL

URL: https://okinawa.stripes.com/
Title: Stripes Okinawa

Search URL Search Domain Scan URL

URL: https://obituaries.stripes.com/
Title: In Memoriam

Search URL Search Domain Scan URL

URL: https://militarychild.stripes.com/
Title: Month of the Military Child

Search URL Search Domain Scan URL

URL: https://bestofgermany.stripes.com/
Title: Best of Germany

Search URL Search Domain Scan URL

URL: https://bestofpacific.stripes.com/
Title: Best of the Pacific

Search URL Search Domain Scan URL

URL: https://letterstosanta.stripes.com/
Title: Letters to Santa

Search URL Search Domain Scan URL

URL: https://penpal.stripes.com/
Title: Pen Pal

Search URL Search Domain Scan URL

URL: https://printshop.stripes.com/
Title: Printshop

Search URL Search Domain Scan URL

URL: https://www.stripesstore.com/
Title: eStore

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help
Title: customer help

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact
Title: contact us

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/miscellaneous-faq
Title: faq

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/advertise
Title: advertise with us

Search URL Search Domain Scan URL

URL: https://twitter.com/starsandstripes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/stripesmedia/

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=iYovCo3thPFvI8Htt%2BNUUvZ6mKLhEiNjQ9ZfO2vih2V7fbzJqvFY5a2HXG6vvrV0wwlbTW%2F5eeBxZJaDUXyuws8OP%2B65JqzwAExbSP4BJoodjH9bRna62bI8KHLxqIXGftew1%2BehWh7DqKhQXjQSUAW6HWlSUQddP27cWLAVe7x9hdo3ndTgddQZzOERrMW1jC9DPi%2F6Ohw3%2F7g2bDWpNEeaBfrjzlQPRMWRRu%2FQmUDQZfflS%2BrfxyBRjtk%2BgcB74IbuEseQCSCgRidwWzWUaoXZ5qwrb1k5%2BLmUC0P4O9MuG%2Bx5wWXCw9XYRkFb1iXgVrcC22azhOvohmwRuS2jAuwJLY7elhh2XPti1d2hDTvkZPx4ovmwQ4kvgbIkQVuMZV4W6dZF0D62amVXyi2frQiXNzkp7t6%2FadB3te6YwV0SgVwqalc%2FNtzUSNqsQ09XKkNoio097CecAY2Lre0KHjG3HtoRpjQ8UvmtrKsdqORKHaaeSb8siaLVqK7FgjniIt5NfpXzlgyzZhZHWVWH1LTccA9GOk6up5BXMqyBVZaILayoAqNByUl4bOH1ElKbenVXGf%2Flxd8LTgYEY9670EpU18NE%2BJsRr%2FvhkT78rrizUkiTpNyoN3gUb6XTpjof9N8ys5uBLG7M92QzaT%2FstOfe0ruHpnAs3bBVlQYY3D1TVnvqwDIIpqxrUIYBm95roTjAEFOfepR8gmEZG9fXysO6D5I8YDx2%2BMXfTpMFKdcttg%2BuJgXvQjJSmNLbN2RB954My8b53pg4ZGSvMqHcLaFLdyS5X%2Fli%2B8fzQWm%2Bm%2FeDBerbdsbp4ALWqYXeyhb5ZQJ3VdEy15YHMkdasnZ6uCUFpuSCN41lim8PlUCKcL6Ubb%2B1ecPa27cPZ90PHbDyMNIQXEqufaR86jap0%2BM9nHu5vIZBoU9WI8EUOM%2B8mLrratPxrbQWaEiPN8s98Qrv48MJlCE6mYwaTBUH0DFGurbhy1YRMO2Az1Qe3uw26uevI46WDPm6q7W2DxLtr0HMCCvPMVXKyjY6igttsqKkOPzO1hn9WyeGfGpi9lkwNVrrUsjvDVCHnSYhnybKwJJKe61%2FV56vdE8KI6kI8X9zuzDvvPkNk%2FsOFUZAvsnghcATWqRS0O2avXiX4aM6rYYfsL6ycWMIYVc0o0J1qD8t9uBeilYSs40UviPMjTvau1ZwAXe4G43mJoLKwOdgfA0i%2BqUHrzOYErk0TiFIxlKOMWI13eMxgbFiJbIPzHVQrM8muxr96LYWZH5GoK9I76F0TL7xag2Gu3rk5Dl9rEHDYFHLckyQkRf9B3vTCuoE2UK1wnRU5E4gm33ral0nChCLa9EgiMr%2FN6T2dJQ0UtcGHGCp4E8Tg6amlZxj4hxst%2BUxR%2BkaHPwtyBjazM7mv457Jv5VfAuIf3gDT4v4PlSb4%2BUCccG5HghN1ziAEJJz%2BhF410Jz%2B19I2CRUodwex2itDhWFfKDIqMiKlp48YNOpPw0Gp3aHmn1Pt5LV3z7NYGYdisPMFvkOGDEDrEeBq7s4%2BjPsFtHTN26j0uk8QgGdW3QrJ2ApTZOB2aWJ%2BsqDsikfr10npvOlYJgndReAaml0iFDiNp4BojP%2BPP0SEEO2MwXXJRVnaf%2BBCYMRjou3KSKXWEf%2BaQyIcrS7AixCJxrLwdT4lCLdIegbeH2xEyT%2BIA%3D%3D&s2s=1
Title: Here Are 23 of the Coolest Gifts for 2021Best Trend Gifts

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=oU1CxWo7Yzx1FXAEooj%2FQOXvbmeutkIHOlBKaosSq9lKZsIWe0nA8v5x9uAy%2BHhCGD1ZUUuq5gn2Z4s2wC8p3Ms3d1DWN143dXPCyI6PDXeN6o1O5jpJ46Bae4drfAYicN%2BDC%2FXzj2fjkodJuHts6ei7KNPCiIe0GY5Gxj8NEr8w%2BJI1m6r4ZHumCq0uznFOwBSvBvwyvCo6JSPFcKzuaW7YfcurKuL59wmOXkJne%2Fx4OUneg6Em%2BFpvSe8%2BvmTjtERY%2BnZaGJ5WAnUs%2FeKTfbQERW5M%2F7du%2Bzthp%2BfNLUN6C9ea7bvD12m8rJ2Zabyz2td0u8O0NJVucVmPn%2FzxvDnpiOo%2FOlErcQw8rDTX9HsAuRzcQUPrJuHwRPnGRKqrF4Fn8LyKbwGslHFOhrZFzP6SaFiGQXVEEmoLmpDHoBW6jHoeUY4Tv%2BMHGj3FDmm7Q7NWTUUcDBXnzNLBp4AAqRi3Lo%2FHezafQpDkRLeCBDwKS4KCWnpGiW6%2FKCWbt1QL%2BW8x3mxlzJF3BivI61%2BQb6qzlIwlV3DWVNFFzouMS%2FHWdZEGbtwcw0cw08mluLk7iP4NmgCkpuAhzct5oZiyyZTsucAiJSRKfkhG%2BaIE36kAUvCwsAs%2BTdX29ClK4pCqyiH6R3uzWMPYTQvAVKBe8sV4YP%2B0HEZo%2FJZyOYMbB6FbaydCBD4Jzu9hKxbXooYX4png0ixQcbEXKxYHoW9ljZIPzNedzwu5Xi5aJVZR1c4DJBuXY31Imp%2BOMTjwV8OBIBS9dDYhctBw3PExyXIpZpRcxk%2FeeQ1SSOmVimTqhZFGPjwwrinyX6Hf3ZDhAfz4xqf7m4adKFt%2FIv49%2FE7GlGXDRkJfWNXhDaeNly8Bm2gaqFBJDUIs2A0zef1TDEIQE67YWEMTyUEOZEg0yfw7eXGzLvyTf%2FTl5StHcNMavGyMMlOZtdbnhk9qwCxiTvUDJhJGc6Ut7djowXPgkQpbEVLrZD5sppRxdU6J3PUo0jTUzRg2AB90OI0K%2F6UtkaBpYcDiukGGzB7OiMiDtGys702YCEirNAxV5mK1HR7tA3yJ6YYLa%2FHIYg4aotRIbPlFVX1Wx3ggKSBQ4RUSVewWeTKwTDtmknzeVu%2FTy9boE6OHLJfLdSuvI8lr5M2PMj1Rb%2B3SxSL901TaYO6eiPliu59DjpbaGvaHXjm62xEf2xskGbhzOBIdRB%2Fe%2B5zn3GR87hwKCa4cdGQtptFYynJAezjJ4u8NRKB51xs5nqOGmk%2B9Gxn2vcxRjF2ywgtw%2Fu%2B2Ztis3eHXc7Md4DUbv7sAlHlZtR8nLlkEIFdjNGnDpM7xgSZo8YquqZhJqwP7Sjzquh3WQPNF%2BAdBj1DLbme%2FI8yqEe1fRh2ZG07PrpuJuize00FENxyrSMtD2hH%2BGtf3%2FT17MSKelR929z8OgyGXG%2FEtPNfB6f1yFH2TFCOCrY6KfTH%2BihfBC6u3zD45vditt5oJNjiLRVbuzWGtXGtOM6pSCZP7gB0ZjrCt6Z0eSl3Dhvt4mzbTOdZv9BKYZTiTu99ut3L6gDHbRCpqsJD2hVpObAMxXZP%2BpGFzjKXCrrZ%2Fs40DmTTcKF1X%2BtTVPw%2FcxsgjVY3rt%2FkPSFJY3dvGew%3D%3D&s2s=1
Title: Remember Her? Try Not to Gasp when You See Her Nowviralsharks.net

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=tqGn25nH6Fqz3BdrYMyJ%2FDsZMXLsEZDuEjjENiJNnVXg68qqE8at2tq96S4PNqNruy9r5ANZ4IZqmVEITLFhBJHjvdlzdAtZmierLLtNDx8gk%2B6z7dU772kE2Ab9fZ7ZFSW9B7%2FShAkEZMbjP9sVu1RndlD52O2CSI9J9Vt8L%2FIE8bMC25alyEbsKE31ARrMzmWVZbgoSHfLG%2FdwY%2FkoQ%2BrkwxWPsGmLJk4jkDMDWzxqIgJv7IlfpmlMDeDN3OjiQCZ8R9bKTiVYPW5fauDhPfmp6PpP6Jag0cCn8QlrTWdUC%2FOHzzSAu0C82BiNGt7Wq8HR1vvIhpcIu7yLSfDVE9t50TECCqQg%2BdEkWSLAh8pto%2BC4m7kQXpRaVXSqcwYFSszAulRAWuvpI5F2%2BqiOjWZi4atMH3kGFUcd6MN%2Frit0MkgSWu9S9hmomZ1QifiNg90YAbom0oIu%2FDhVBM44LmbJDbXyBs5WNW8rp6jv8EH%2F094w8KcCLzdbLwuKvQtqFW6wLVTgoZRk%2B0T%2FSK0Oupy2%2FQgWbyMO8UOTdrkuPpuT1Geuo0HUuvU0aVw3146KHbaGO6yJ0cCWz7dgwxLoSnl9U%2BZgzGUAjapQ9wjRA8TFZoTXkpOvgduWJlp3mmKZ3%2F%2BsbUR5wPsCCWP6mWmoVc12N5SfCZtliTQfUinrvdGKN%2BDTwVlUk3RCrijS8BXm1uyBSFQ4AhzXIrpTJhQKnUI6kEaIVF1RL6RDlrGtn87KcFVNvdsKU6XXI2HcbkRAmXC8hbO7NxK4NAs5VEuhjJN3rfLTzvp3FWgotusleI9wRbDy%2Bp9dEzLI4%2Bh68Z3UZ67NQ7nCYugDD5%2F54x4Qr2qGe%2BVI1YyrvO4K62IOF66Eshn2x%2FzgpOklAatjDN8Wl3xwNBq%2FFEKLn9%2BZPBmNmfIJhgZDAolQy1eXYhX8bSs8BQryX6STPP3gA5L72BKNKClGZRrhJPyAZu33c6BNYVPMdoZ6YEFd9PppWtP4MmhGZMAfy9hRy7MaV%2BH1yNvuptUNkSCYzx7oQDlPvpA080QAUsFqu0Nrs3Mz%2BHlDuGcmy0ZeXAIXYvBBvyc4Q3fphLqyimTQH0DqIuYmCBLUcLKkS4wNM8YV4Ku8TiBLWOrMiFmG%2B9F2joC9Y78h8IR0DS4msEcrkvpiJQYEfggzbTPiNtEiyL9JKEP8hHiOMNz3kEaKmeKEstHMLN7l8O1y8q3RYZKZOoD7F1N72QTzO5Aw3k%2FRgrkEI6m2pPTwvqxfnd38ZCCWeRD1NvkDOWvjfNAyR6dA5J8AsAuPd0qCgq3cuZz1rUXW3h3DNd4qVpNs8NQ%2Bh2kO9sebcr2UJJZUQTZ%2FvfmTXs7DD98hbpN0UvOgiQt3zDxLOJn017PbXdwLE4QPQDtUuBWbOhM%2B%2FK4sFS9C1DU%2F2g47MCjsvoQ48A%3D%3D&s2s=1
Title: London: Why Are People Snapping Up This £55 Heater?TrendingGifts

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=31p%2Bbx65oCQhprYtVzSMR7hEPXX9N8ll3XenXew1AuATL8eQ7ZOvGZbYgWAJaVAxTTqUuqPS7UKSVTl0H9KtJDa8PA7zRdNHMxSRsdx8exIUoH%2F7d7%2FqTBaBzviNxejprNiIaOH2eF7XsCLc7QTp7ml5r3rTSuNvl7VYslTssPNUrLB8Jg0Ft6kg1rpoLmDfLfN0DGu4zF%2BiGTcEOhdP8BNqPGvQ48G3neQQWWD58KCBxfK2aXrVuLDm5T9wCQDo47DUEGKC0lKi%2B3aW7pP82%2FD9CqQNg0XlHLH9Z%2B9%2BdkUhMHM8p0IjzYhqidAKeebmY7hhis41%2FFfUsxpKu7u73YWuqFT6heY4q6uJ%2FQ3wlHwPfwAb7pwcl08zQMOB%2B4L5fFOyx3B4mwpojL%2FIQkg9daFYwaZ5x5rnCB2Pvc0vxUqwS2uvXW63B80LKRKpORyC%2Fq%2FNZ15pFb8irZ6b959%2BxT8mNA2PBPLbXEeH%2FfGk2iG4HEbGcmJQ48B7Jgzbu01bdvJ8BVzjuVXEB9UcIeFS%2FVbVSHASCWhsSU6vPdiJO8ZrHNRsikurqTLzdxMaQ1%2BclItQs6hglF50ytIcpzdWJfuKAjnvwO2Nkzd4YwXfjWoFyzaUzNUQ2DrytGn22WwCdMLmObeK3vapMqOwrBlsGZ9Y%2FWIw%2FBOqbMDH2aSAbSxlBaYSEh01snccEfzZQZAiqMriQbxLNka8J0%2BQk8B6yjyMbg%2FOBeP0JeDno%2BiUxF4hjrSAxBlhHKf8UIMOkyBPznfWd0I7pBto4uXEDViiTy7Tnn7nuO3ZR8lKQ6W6fC3WDRv1RTEtaZYCVCfa2r%2BxpimyzTvgj6eXMEnpZAhkcmkQTSX%2FGL5fDogVnOh2G63OW33ToNdF98KZO7opav%2FxElSIcfnkMm1kSgKuWwSR8ugJ3Zd5%2FCDHzKngJP%2FK%2FUqwlr%2BBVrhmqcJ6JtUsesEjOoYuGB0qB%2FebAI5D208%2FE8hHsW9MUA53vrKEMKDpvx7wZnZxqbm29SzJe2%2Bxkcu7oJizoc47f3t1lGhXvi3JDSUjYxwPLGTbzbvqF7l%2BuL%2BLZ9m%2FEsQn3Zz1sI%2FTPi2pdbjQi6%2BpA7AwysH1o11bWANF3Na%2Ff9H7LNXAbc8bVIvFYf5H7CdcPHC7JwlgDXW36z%2FQYJt2S8psvL7doCo22U5Eu%2FmoxB3A5e7H5ETNEc4cSZGYgo2PcFpeZlMZiEOzLcpKzkYtu9ZdU3d5NPAfXiVtCF%2By82HVal7OFBEfxV3Z373UGEkONwMqp8MtHqPbV1DdHKQU9pN643QqDndkwJ26zP9OiKqfbC1Uf9Z56TQqj9Lg9cHnyHuLLTv3hfaTOKdOoFTIf44SetQfpckVb48G%2BDMzd%2BoJ0CoL%2FYijLjGrsBwZV5Ix4dgw8JOp%2F20O&s2s=1
Title: 32-second Stretch Ends Back Pain & Sciatica (Watch)Patriot Health Zone

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=9kLelhy0um3rf5ghvawp5u4S5sB%2Bx55JxI3%2BABx7rg8jeC7k7fyo36e4y465LwXmucqRfqyKULlzfJr%2BbxBwzYiblIdDkWQjonHJytDzZv%2Byi57kQRGq1veQf%2F3Jpqe%2BfFRW6YA6JsqNs3Boyw2LeHlBfNKDsnIN6BIbYCLREIx4RSKbJAGVPy0y%2FLfyYY%2FxJW1qPjKfFUZNYn3EvBV6QIAVAKY7HnLbVp0MtH8Qx0kgHQABk7herjQhBi3JnzN0RGy0jNmJjINlIddYXp0TzJsykiJQJPCbOZJYyD0IZkKD%2FirnjLzpiR1U2U1e2AkNeWIZr6RPvRkIMKQejLOOEBVu8j8AaMxriRxrL%2FOVJ%2BlYWk4z1GA9Z8%2FXAKa%2BUAMZDyUq9zpbd%2FJtUXXBTisPRCD%2BmybwAQFb5fNdfcgCFvqU%2FmA94LD0OjAGb4guWnF6gFLp2WEMSMvbgSZbRPEGFkOprmp%2BCS7rOUsX5n2kDfs2ZNPJI8H7DbsLF9Gugxa3JgMZlbHHJrsHAnDP1o6U4O0x6tD9mxqpx86A%2FXAwOWpe61NmYq%2Bge9RlRLXcm673n%2B8vt1nAZtQplLAFKFjpNPvhouz09mfj5Zy6vgP%2BraqLMPoeeK618GERpV1u%2Fo3xUqG1H8K7m1InZRtgD6%2FWE5houeWtyA1qAZhZLiQxkxIwPwN9yeGfAvMddHRyHErXZePBxinW8JytMxEPbEo6SlByNN7rxFDaiz5O9afko8HKgA50ihOklclp5U5yr6gywlN7Ex%2FGgohHi1g6TNDKfpQFBeDza2quZQQVaNmiyH0kreUcHcVihrlZl%2Bz93ZjIzPTPNdS0xBml7ZX1FEDdNAQe6UEqHSzrVKgzi9dpZhz59EK892f6svRbU8pkRydXipMqfOt23rPoTHfYJXD8ebCMxp%2BNtzn2AzIxQalnBaHh2bhYdVEzm3JJcrjI87ABGPsXZfNgFQr3OPwOcFb8lW2F6%2B00tfbqjkm0wFmxnQTFVgHJznCW3AqP5mZHoObKMSIjYg7E8ZI2eZZhBjhIKT1PGLhtGUP02QtvPubPHQ97bSsAyuGppxZetxZEuJEeE5dZQ4PImijGtixZ%2BjfQlfM3S2B36b%2FDznqSzqorZj10x9ZjAFWcgAbdgNohkq%2BkVb%2FlxBQhB0nwO%2BIu7G4udGIPYs2WXf%2FcSXRixL3GvLTke5IhoXhS6ocjK8dsJ4LvT74pqIAQp5tGXEfqaYIZUkpM7qhr7uY6jQ6cmMdyMj86nHviGGJyT1uLZhh656tEAkgmmivZ8alvacnQyCRw7cBLKDsnznBFBhiYfHBsUB6i6ZSSE9vgD2bzVcmMv5x0Z6PTn6dWI%2F1DzYiUeDWcPpwfvDNw2C%2BHXwpzHJZYV0e3cMjZKQB7u4uW39DXj0T28pcfF2JqchR5vmU1I4LSKBJhdD58J3uNgxbIsxaTtt4mbmx7PXbHwiET%2FFG8DlLUghhCqsgf0X86N3qpMy9eYRFFh4BnRVLhAzlNAu4J91rrE86UFcMtL4eGZDA%2F9xavidHFykArw0YLOWyV49OmQm0y1AhVy9%2F7eYGMuTooNsDOyMQRCe%2BygORlWjc813WYWo8O%2BSr2nKKE2ufsnR2vRsvwYtY4FCnntGqIItqKcq0%3D&s2s=1
Title: Urologist Warns Men: Start Doing This Tonight to Shrink Your Prostate (Watch)Healthier Living

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=ZbWppHmsMxA%2Fj34QnyKvswdzNX04voARsLkqTkZAEkfoLScuEbtvYn0Hr28b2Ao5zS%2BT%2Fh9%2BNMC5Cg3xuikQyLIbTFXB8LovQMFvFzqfySPnX%2F%2FbXy6Q%2FH99LmuxZlR%2FBdODeXQlaoPGpCNlKVd%2FcxxMO3WxiazRdNX8viubpuxUOIM%2FaONbFJ9MZIcl4YHHz%2BD3Icqo2VvnVFuExTyHB9DKJGWfUaKZqjVkcJTDjVHRpBbDEuqGdalnKrtD290j56zHII5kVySLoMX57qrFmEgFMzmQwFT4AExHZxW3PHqLziUPoOTmVq9KTat45YOybGhwNmn%2BYp9KgY3pN61V%2B03Gi8piKB4tmbqvCPZzozmkWab3a9FJgk2%2Bwbqv7Y1T%2FJ3bQ%2F9FvJgeoNBB00yGz8JsZX%2FptD2vuOJIJZ0paDVf6M1Y2a5zo0cSOS3iv%2B2cvzHzj2YqD1Zu29Mhw87FZ9KQsI5DeMkJoA1ZfVJjYaOOYC5yarLO5jfGrxxysirVYRNK1wx9ycnSzxBfwRvpZVNawvF9n2Iub5DB4%2FWlr3c7l3J%2FgvE9ktDDO7CmCBpETP4fhL4GwSxkRStky5IkiLAsY6ZNvJloSF6zwxBHsTnVjM5L3NGIELYyEzPhe4hHrSfs2Wi71fEut%2BC7g9bKfyoMGbZXdrej%2FAa%2BtjuxMhBufujewI3NdXBIRC0nm9qwNCoCXDL80lQ%2B15%2B6AKn53wTdd%2FBtQ6Yy%2B8roAf1B5jjPmryKCQ9d9S3C56Js1tgiOWgaMCoeGAZsGaHm7w3FmeuUI3QwrE6sHAyYrJ67SwuuuW1s6Mb8hsRNl4aWdveqPHy4xfWI3tNf53jUj1mvT9SFjmj03YX%2BvcbXXpMoj1jHNeAxxF7%2FHUGa%2BKPxx4eSlOaQvkWOhabzZFEXKVWC07PEIWGhWtD9rLDaIq8QvcM4HX4QsToVJrn%2FpUqVm%2B%2BKncwU8g7fTH115GzIhshndQEjVTIAB3HVZNDG5Gk0FRD4j1GY3gA5p28UTqwETdsVPBCUS8%2FKgUrkh3%2BiSWJALDMpd8akawifw7NykdgjfBNKkdlMk3IPHrsbOd%2BCk5A8NmuFinAEUreOHBW1wAYIJlcqKBXA91OSA4LCztR9Jl5f%2FCbk5EbFtohDIBLcseAMgYyRxBMbWHx1lUPDRrVqGn1W9Pz7MbStULv52Caa7J%2BUVkAtIx2iCNo8KQ668YnlQbZv6tPMKwQbUgGF1yRdd5PYqtVkKVYwfYFFWv5rRYIXDJ7lENDz6MHOzRRuJ3L%2BRg0yeQiCZSAA0LdR0ENCR2bZL8JfvEME2uLlSzF5OcsncrGUdWXL9TIAkJK8hlm%2BC0LYguGDizaFg7321TQ0HXnnobI3L7xZlo9ZeRHZ9Kz8zp08FOhyo60YMGDKSymVlzCqfEtUqyVwbik12utkOw%3D%3D&s2s=1
Title: 35 Reality Shows That Are Totally Fake (#3 is Indisputable)popcornews

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=GSS_GSS_latest
Title: Today's ePaper

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=MID_MID_latest
Title: Contingency Edition

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=SCOM_EUR_latest
Title: Weekly Comics

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Stripes-Europe_latest1
Title: Stripes Europe

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Best-of-Pacific_latest1
Title: Best of the Pacific

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_latest1
Title: Welcome to the Pacific

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Best-of-Germany_latest1
Title: Best of Germany

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Transition-Guide_latest1
Title: Transition Guide

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Whats-Up-RHMN_latest1
Title: What's Up

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/about-us#about/
Title: Our Mission

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/about-us#history/
Title: Our History

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/member-services
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/directory
Title: Staff Directory

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/archives
Title: Archive Services

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/reprint-permissions
Title: Reprint Permissions

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/web-notice
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/stripeslite
Title: Stripes Lite

Search URL Search Domain Scan URL

URL: https://dodcio.defense.gov/DoDSection508/Std_Stmt.aspx
Title: Accessibility ⁄ Section 508

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvUPz5b50PZu2bN4p85e8J9c5bUs4mHxvozuKftZPeLccvnp5agVn2-lKjVgxv9H-E64cxWA0C9D_FDUy8vyAWCmHTrSqY21bCVi49VhIaknrZZufckL47lkAV1ZSK9lxZ0k02uwUp1P2zs1vKcWUYi1vmIgcOT8pjdqZlNU6Fp3B1WgrxO5_FEnWRtZALD-yaaVuTJ9Yq5fI5APLEZWcFd8bcgO_92VhCD4wkRYCcKuhczAV97TC6AVfixGHnKmmEVJCzu_iztceT3RFaAhh2-po1ND05IFbvctOzECRWG4lut0dGYwIZK6ns&sig=Cg0ArKJSzJOIykSxOVBxEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://commissaries.com/come-home-to-holiday-savings

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/140482/connatix.player.dc.js

Request Chain 31

https://epub.stripes.com/?issue=Stripes-Europe_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Stripes-Europe_170921&page=small.jpg

Request Chain 32

https://epub.stripes.com/?issue=Best-of-Pacific_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Best-of-Pacific_160721&page=small.jpg

Request Chain 33

https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_140521&page=small.jpg

Request Chain 34

https://epub.stripes.com/?issue=Best-of-Germany_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Best-of-Germany_190221&page=small.jpg

Request Chain 35

https://epub.stripes.com/?issue=Transition-Guide_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Transition-Guide_111121&page=small.jpg

Request Chain 36

https://epub.stripes.com/?issue=Whats-Up-RHMN_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Whats-Up-RHMN_011221&page=small.jpg

Request Chain 37

https://epub.stripes.com/?issue=GSS_GSS_latest&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=GSS_GSS_061221&page=small.jpg

Request Chain 159

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.stripes.com%2F&domain=www.stripes.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=QwHTj3xjNGh0dW1mQ1dsTFFxSm1OQ29SZkI3eEthblpIVUROdXpBQU5YOTdJT3UxZmZaNkU0STdkNHQ0dGE1Vmh2RXR6OVlUbGFENEFsRDJqa3l2bFJPeVpnSVlpQjhuUXdVUzlFSENTYU1wTG1qd3pBclM2WGxPc1BPV2tkYS9oeTVJaVVpdkZnV01SQzB6ME1BUTZQTlZwWUEvZVdIR01RVVduby82cGtNRW9GbFBqcUJGT0RyTkUvcXcvOStGMjlla2VXWVRuUXhpeFphZ1ZLaXp1VitHQlpwOHhzZ1RMQ0hXK1BQb3FIekhzdnE0PXw&cppv=2

Request Chain 316

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638771088543-956670011783-005724-004-004919%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1638771088543-956670011783-005724-004-004919%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1638771088543-956670011783-005724-004-004919&biddername=55&key=1745699476523475939

349 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pegasus-spyware-used-to-hack-us-diplomats-3845657.html Show response
www.stripes.com/theaters/us/2021-12-03/ 87 KB
87 KB 1678ms
1371ms Document
text/html 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 67c9a47d1877c80006b4f99fd6a64a855cd29eee36577fd1554871cc2aed9035

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.1
x-request-id: c3a39320-cc76-425f-8cff-faff0e170352
last-modified: Sat, 04 Dec 2021 05:48:49 GMT
etag: W/"2d1c3054c5ed4a2ad5c6c412f4fc005a:25"
x-cache-backend: web1
x-varnish: 11103762
age: 0
via: 1.1 varnish (Varnish/5.2)
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1
x-cache: MISS
accept-ranges: bytes

GET
H2 200 ad.js Show response
www.stripes.com/theme/js/ 3 KB
3 KB 135ms
135ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/ad.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: ae5f478837031e705c3b4542b833f76979fcd122da5be00bc8e483e65ffb774c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 12 Aug 2021 13:32:36 GMT
server: nginx/1.20.1
age: 204
etag: "611522f4-b00"
x-cache: HIT #40/204s
x-varnish: 20514850 19169840
x-cache-backend: web1
accept-ranges: bytes
content-type: application/javascript
content-length: 2816
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.0/ 91 KB
33 KB 115ms
31ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 16:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33140
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Dec 2022 16:21:50 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
10 KB 117ms
39ms Script
application/x-javascript 2600:9000:2315:6400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:6400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 04:24:37 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:17:06 GMT
server: nginx
age: 6407
etag: W/"6179ec02-59c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: nHIzjXRKSxq0n7B-flcTI4oAPWfXuCoVR48iuM-9L3HXptBolSHCkA==
expires: Mon, 06 Dec 2021 06:24:37 GMT

GET
H2 200 ltm0ibz.css
use.typekit.net/ 7 KB
1 KB 214ms
57ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ltm0ibz.css

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

06d35a9ff5c57d6b6a4175f5c8cd4fe62db29f6217f8aa695ee6a19d404a3bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 06 Dec 2021 06:11:24 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 954

GET
H2 200 layout.css
www.stripes.com/theme/css/ 173 KB
174 KB 99ms
99ms Stylesheet
text/css 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/css/layout.css
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 3e52eb23477a407a5206fe459e5bac03ac80ba94bf7505f50cc6db89bef5fece

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 02 Dec 2021 15:05:14 GMT
server: nginx/1.20.1
age: 280
etag: "61a8e0aa-2b559"
x-cache: HIT #50/280s
x-varnish: 21467061 22480779
x-cache-backend: web2
accept-ranges: bytes
content-type: text/css
content-length: 177497
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 font-awesome-all.min.css
www.stripes.com/theme/css/ 58 KB
58 KB 170ms
170ms Stylesheet
text/css 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/css/font-awesome-all.min.css
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 21 Oct 2021 14:19:41 GMT
server: nginx/1.20.1
age: 280
etag: "617176fd-e7d0"
x-cache: HIT #47/280s
x-varnish: 11103764 21236518
x-cache-backend: web1
accept-ranges: bytes
content-type: text/css
content-length: 59344
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 stripes-logo-black.svg
www.stripes.com/theme/images/ 19 KB
19 KB 120ms
114ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/images/stripes-logo-black.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 786608e1d8ab9470008057634c4724717661f6f23c71299952812c80a0d195b9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 01 Jul 2021 16:50:58 GMT
server: nginx/1.20.1
age: 125
etag: "60ddf272-4a32"
x-cache: HIT #12/125s
x-varnish: 11697725 23430233
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 18994
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 icon_twitter.svg
www.stripes.com/theme/icons/ 517 B
806 B 119ms
113ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_twitter.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 0adba3a8e675d262942cd7c59f61fa77dac5f4208ec40f4ea8c371fe23de681a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 114
etag: "60a5e7ec-205"
x-cache: HIT #10/114s
x-varnish: 17959186 22547285
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 517
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_facebook.svg
www.stripes.com/theme/icons/ 391 B
680 B 121ms
115ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_facebook.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: ed838fb7bff02044f6fac6255ee96e585e9262f980074d4c5124e037c7560461

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 198
etag: "60a5e7ec-187"
x-cache: HIT #24/198s
x-varnish: 19138843 22646001
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 391
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 icon_email.svg
www.stripes.com/theme/icons/ 587 B
876 B 121ms
115ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_email.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: d22b82ea285890ccc7f07c9d088ee0b8dfce954a7ba6edee0aa172ebb008aba5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 238
etag: "60a5e7ec-24b"
x-cache: HIT #22/238s
x-varnish: 10282765 17435303
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 587
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 icon_copy-link.svg
www.stripes.com/theme/icons/ 699 B
988 B 137ms
131ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_copy-link.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: c6e73dfccc73993c0049628cde8275d770a65a7db1e91cb51e22e19471163e4c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 238
etag: "60a5e7ec-2bb"
x-cache: HIT #25/238s
x-varnish: 20514852 19169829
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 699
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 icon_print.svg
www.stripes.com/theme/icons/ 591 B
878 B 121ms
116ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_print.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: a995e987ced454f9eef260cc88c42417619a2d043edceec971eeb8c7a0760c94

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 75
etag: "60a5e7ec-24f"
x-cache: HIT #6/75s
x-varnish: 5858510 22514525
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 591
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_add-this.svg
www.stripes.com/theme/icons/ 509 B
798 B 137ms
131ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_add-this.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 7b8100025a6d492ac82579830ad0951e275ab2963c29327f70704611c3f31376

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 209
etag: "60a5e7ec-1fd"
x-cache: HIT #22/209s
x-varnish: 20807889 22645945
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 509
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 122ms
47ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MCJSRBS

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6cd4d07c830ae0db165fec192c436377330f093ce97fbe6af19c41ccee5ae83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29674
x-xss-protection: 0
expires: Mon, 06 Dec 2021 06:11:24 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/140482/ Frame F7BF
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/140482/connatix.player.dc.js

1 MB
232 KB

25ms
19ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/140482/connatix.player.dc.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5bd347e9dae9ec34879d4efd95c533f3772e972964d47edceb1297c03e086805

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: br
last-modified: Fri, 26 Nov 2021 12:04:31 GMT
age: 841609
etag: "53d01b3d1aa4270da3b3b1d85de185c5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 236844

Redirect headers

location: https://cds.connatix.com/p/140482/connatix.player.dc.js
date: Mon, 06 Dec 2021 06:11:24 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H2 200 The%20Defense%20Department%20is%20looking%20for%20a%20few%20good%20h
www.stripes.com/theaters/us/406191.jpg/alternates/LANDSCAPE_910/ 107 KB
108 KB 121ms
116ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theaters/us/406191.jpg/alternates/LANDSCAPE_910/The%20Defense%20Department%20is%20looking%20for%20a%20few%20good%20h
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 5ca44a1643b25bd0b4b266e1d1a27fd6708f6469dcc571b9295384906aaca56c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
age: 4161
x-cache: HIT #2/4161s
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2
x-cache-backend: web2
content-length: 109807
x-request-id: d7b1a477-c253-41ae-b4f3-e7263467c717
last-modified: Fri, 25 Jun 2021 02:14:41 GMT
server: nginx/1.20.1
etag: "1638597374.3952296-109807-3976467350"
x-varnish: 17959187 16712749
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 06 Dec 2021 15:32:06 GMT

GET
H2 200 12-5-21%20bob%20dole%20ap%20obit.jpg
www.stripes.com/incoming/1eeg0k-12-5-21-bob-dole-ap-obit.jpg/alternates/LANDSCAPE_290/ 11 KB
11 KB 137ms
132ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/1eeg0k-12-5-21-bob-dole-ap-obit.jpg/alternates/LANDSCAPE_290/12-5-21%20bob%20dole%20ap%20obit.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: a4158059621512441b8a6e9b8eeb01e86d6e44a06f9fb7727f8dfb28e4ce9a8e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
age: 2191
x-cache: HIT #114/2191s
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2
x-cache-backend: web2
content-length: 10752
x-request-id: ef2fbd81-de03-4ef8-9927-1a748f8ff835
last-modified: Sun, 05 Dec 2021 17:33:23 GMT
server: nginx/1.20.1
etag: "1638725653.659454-10752-3035372196"
x-varnish: 19923646 11103513
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 06 Dec 2021 05:34:13 GMT

GET
H2 200 031221HAWAII-WATERphoto01.jpg
www.stripes.com/incoming/ji75ru-031221HAWAII-WATERphoto01.jpg/alternates/LANDSCAPE_290/ 13 KB
13 KB 136ms
130ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/ji75ru-031221HAWAII-WATERphoto01.jpg/alternates/LANDSCAPE_290/031221HAWAII-WATERphoto01.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 2b25c06a79fc4bdfed55f1035ef2e48738f1c126835516ee8cafa62fbdbc551b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
age: 9458
x-cache: HIT #954/9458s
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1
x-cache-backend: web1
content-length: 13130
x-request-id: a414ba83-eb2f-4be0-af88-2800f7269f15
last-modified: Thu, 02 Dec 2021 02:23:12 GMT
server: nginx/1.20.1
etag: "1638549984.2067442-13130-3559725683"
x-varnish: 22480952 7266631
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 06 Dec 2021 04:49:09 GMT

GET
H2 200 12-5-21%20kirsten%20gillibrand
www.stripes.com/incoming/2pefs1-12-5-21-kirsten-gillibrand/alternates/LANDSCAPE_290/ 10 KB
10 KB 137ms
132ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/2pefs1-12-5-21-kirsten-gillibrand/alternates/LANDSCAPE_290/12-5-21%20kirsten%20gillibrand
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: f40ef676d07c47cbb355c2dbb4f9014c8d9c7ac5d64ee38203674958abb0b3bd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
age: 6967
x-cache: HIT #658/6967s
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2
x-cache-backend: web2
content-length: 10325
x-request-id: fc1b4dd2-469d-468f-9146-79fc7e44c502
last-modified: Sun, 05 Dec 2021 15:53:13 GMT
server: nginx/1.20.1
etag: "1638720851.6452265-10325-2264277396"
x-varnish: 11697726 16787906
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 06 Dec 2021 16:14:52 GMT

GET
H2 200 Dept.%20Veterans%20Affairs%20HQ%20-%20generic
www.stripes.com/incoming/7n352t-Dept.-Veterans-Affairs-HQ-generic/alternates/SQUARE_100/ 4 KB
4 KB 138ms
133ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/7n352t-Dept.-Veterans-Affairs-HQ-generic/alternates/SQUARE_100/Dept.%20Veterans%20Affairs%20HQ%20-%20generic
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 81396e680524ad2f2e208ca675b00071f77a74cf6e5a3b2334351f5b864ced50

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
age: 41222
x-cache: HIT #5671/41222s
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1
x-cache-backend: web1
content-length: 3832
x-request-id: f165c183-bd2b-48cb-9a37-c1d9ed6f12ac
last-modified: Sat, 29 May 2021 00:24:01 GMT
server: nginx/1.20.1
etag: "1638510630.2209702-3832-3118404484"
x-varnish: 6631553 9034185
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 05 Dec 2021 19:12:38 GMT

GET
H2 200 6811264.jpg
www.stripes.com/incoming/cx8u7z-6811264.jpg/alternates/SQUARE_100/ 4 KB
4 KB 138ms
133ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/cx8u7z-6811264.jpg/alternates/SQUARE_100/6811264.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 6c290af6ad449b8fb63f0ac82b9195d1ec70c429a9205382a2a2ad487e5f7622

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
age: 41218
x-cache: HIT #5605/41218s
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2
x-cache-backend: web2
content-length: 3599
x-request-id: 27e275fc-a36d-4be3-a840-5793f0355112
last-modified: Wed, 01 Dec 2021 22:43:03 GMT
server: nginx/1.20.1
etag: "1638686670.866837-3599-482808991"
x-varnish: 19138844 15480668
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 05 Dec 2021 18:44:30 GMT

GET
H2 200 031221CHRISTMAS-DROPphoto01.jpg
www.stripes.com/incoming/whs3tt-031221CHRISTMAS-DROPphoto01.jpg/alternates/SQUARE_100/ 4 KB
4 KB 138ms
133ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/whs3tt-031221CHRISTMAS-DROPphoto01.jpg/alternates/SQUARE_100/031221CHRISTMAS-DROPphoto01.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 6dcd0ecf0aff08f6f793db3e75a2445b965655a3ee9ccfae0564280edcc1553f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
age: 4468
x-cache: HIT #426/4468s
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2
x-cache-backend: web2
content-length: 4060
x-request-id: 82e0646b-efc1-471a-b75a-ef06905fb93f
last-modified: Thu, 02 Dec 2021 05:52:41 GMT
server: nginx/1.20.1
etag: "1638593801.50629-4060-105061203"
x-varnish: 20777632 20873616
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 06 Dec 2021 04:56:52 GMT

GET
H2 200 icon_twitter-blue.svg
www.stripes.com/theme/icons/ 512 B
799 B 173ms
168ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_twitter-blue.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 21eb6119029f2c6a6bada03dc288b036f90a33d21d54484c9f3b1934e695e07b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 83
etag: "60a5e7ec-200"
x-cache: HIT #8/83s
x-varnish: 11103767 16095570
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 512
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 icon_facebook-blue.svg
www.stripes.com/theme/icons/ 463 B
751 B 138ms
134ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_facebook-blue.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 594c78bda3126ce363abbe3cea4ade221a042406e6961f7cc6e57d82ae5e15bc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 211
etag: "60a5e7ec-1cf"
x-cache: HIT #23/211s
x-varnish: 11811821 22480800
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 463
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 icon_coronavirus.svg
www.stripes.com/theme/icons/ 1008 B
1 KB 139ms
135ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_coronavirus.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: f1e25a67c85672b425315d6418b881db426ea8fe7b103f0f32dfa7bde1953472

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 03 Jun 2021 20:46:56 GMT
server: nginx/1.20.1
age: 114
etag: "60b93fc0-3f0"
x-cache: HIT #12/114s
x-varnish: 5824390 17404607
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 1008
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 icon_camera.svg
www.stripes.com/theme/icons/ 462 B
749 B 138ms
134ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_camera.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 00694c22b65462919f7067f79231cc2d916f31c0276c2cf521ed5d9fca9392df

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 03 Jun 2021 20:46:56 GMT
server: nginx/1.20.1
age: 34
etag: "60b93fc0-1ce"
x-cache: HIT #5/34s
x-varnish: 8491449 22514555
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 462
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 icon_typhoon.svg
www.stripes.com/theme/icons/ 990 B
1 KB 140ms
135ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_typhoon.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 4f009bb37f58e77fd17b19201645f0d9b4a3bda5f5cd02ce426b1824eada501a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 196
etag: "60a5e7ec-3de"
x-cache: HIT #21/196s
x-varnish: 23104210 2325753
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 990
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 icon_speech-bubble.svg
www.stripes.com/theme/icons/ 248 B
536 B 139ms
135ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_speech-bubble.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 545e6c6766ef438509eac05b9ee5165b7be7ad145178ccce6517c3a31d171c52

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 242
etag: "60a5e7ec-f8"
x-cache: HIT #25/242s
x-varnish: 21892037 6198306
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 248
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_newspaper.svg
www.stripes.com/theme/icons/ 442 B
731 B 172ms
168ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_newspaper.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 9ce64f411c03d71f1998fc920980b74b51ab42670d1aac8c0b6017cf041e5c8c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 185
etag: "60a5e7ec-1ba"
x-cache: HIT #21/185s
x-varnish: 18613792 15971851
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 442
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 icon_comics.svg
www.stripes.com/theme/icons/ 574 B
863 B 139ms
135ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_comics.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 129f1bdf202d3fe70065aa13e821201cd22e8d4088d4dee3d13ad71b5f903b7a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 185
etag: "60a5e7ec-23e"
x-cache: HIT #21/185s
x-varnish: 13572095 22480807
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 574
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_report.svg
www.stripes.com/theme/icons/ 415 B
704 B 172ms
169ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_report.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 28a60f54b774bf33169679db4aa42ac5715a9e3e703a47420a1c9afcc7781f75

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 03 Jun 2021 20:46:56 GMT
server: nginx/1.20.1
age: 185
etag: "60b93fc0-19f"
x-cache: HIT #20/185s
x-varnish: 17113122 10914485
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 415
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Stripes-Europe_latest1&page=small.jpg
https://epub.stripes.com/?issue=Stripes-Europe_170921&page=small.jpg

22 KB
22 KB

288ms
287ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Stripes-Europe_170921&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: 7df648eb8dcd2ab8a07798dfae0448842682b16253a4d348be5fa47a956da8c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 21949

Redirect headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Stripes-Europe_170921&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Best-of-Pacific_latest1&page=small.jpg
https://epub.stripes.com/?issue=Best-of-Pacific_160721&page=small.jpg

34 KB
34 KB

288ms
288ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Best-of-Pacific_160721&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: e9953887eb310250b15b622eb85aa87fe1868db9cd86bcd09f4c9b71c345fdc4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

Redirect headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Best-of-Pacific_160721&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_latest1&page=small.jpg
https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_140521&page=small.jpg

30 KB
31 KB

274ms
274ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_140521&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: efd6f7d3912d8e7201c7df80b3d632ae03a1944cc1b3a47e7d9aea57eda3c461

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 31140

Redirect headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Welcome-to-Pacific-JO_140521&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Best-of-Germany_latest1&page=small.jpg
https://epub.stripes.com/?issue=Best-of-Germany_190221&page=small.jpg

32 KB
32 KB

263ms
262ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Best-of-Germany_190221&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: c658ff53576fc6aaddd37277f911c657dea0ea05d273c7c5656031faa04a31dc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 32142

Redirect headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Best-of-Germany_190221&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Transition-Guide_latest1&page=small.jpg
https://epub.stripes.com/?issue=Transition-Guide_111121&page=small.jpg

33 KB
33 KB

262ms
262ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Transition-Guide_111121&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: 59ba60596a51fcd5f9dfed3a4cf796227c8b0e416e6ddabc96e37cfb0c7df49e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

Redirect headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Transition-Guide_111121&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Whats-Up-RHMN_latest1&page=small.jpg
https://epub.stripes.com/?issue=Whats-Up-RHMN_011221&page=small.jpg

23 KB
23 KB

260ms
260ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Whats-Up-RHMN_011221&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: 432fe9d967d439d9f3fb4a499593238d4039491c1509a2d40fa182b3e19d98be

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 23298

Redirect headers

Date: Mon, 06 Dec 2021 06:11:02 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Whats-Up-RHMN_011221&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=GSS_GSS_latest&page=small.jpg
https://epub.stripes.com/?issue=GSS_GSS_061221&page=small.jpg

29 KB
29 KB

278ms
277ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=GSS_GSS_061221&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: bbe7b6e6013f03257b5dc02155b8f5d06e4b53444ce0eb3c5e08e22fcf860647

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 29466

Redirect headers

Date: Mon, 06 Dec 2021 06:11:03 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=GSS_GSS_061221&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/ 60 KB
19 KB 175ms
59ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment.min.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a7ecc510a27a3c2d4c537d1034599cc9813b9ae7651d9b521fae4e78db5ce40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3332079
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18876
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-ef85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlr6YOZ%2Fc1uD%2FLN6d5NCc2gkJd2QVsDZcnMt8mvUdzhtePLh3A7jzRJ07PIt3hO4eutc3Z9WYBf0D%2BMRVf4ovImyfsXMnTqGwO1XIOm%2BNpu2Q%2BrrhsLDTsRdD2aek1Eij4gZnSMDUdcwb45eIYWb6DzU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b935b4f1f3459c5-MXP
expires: Sat, 26 Nov 2022 06:11:24 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 403ms
100ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0A) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 277
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 29126
x-tw-cdn: VZ
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (nyb/1D0A)
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 192 KB
62 KB 76ms
23ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcf47517c3b2b996f0a78e5d794c30770fc45d1240a17f428177512cdab58376

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:44 GMT
server: AmazonS3
x-amz-request-id: AETFR4819FDWSBCM
etag: "1b7539202658ec387521e3f67c07c9e2"
x-hw: 1638771084.cds030.lo4.hn,1638771084.cds072.lo4.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 63414
x-amz-id-2: hZ98v1lXKDIQ691Of9dETNkUVJttdDjRXheAhzaJPS9q3ZhXxKNA0A/DxmfOVnsbuhgHJfLtc9E=

GET
H2 200 sss.min.js Show response
www.stripes.com/theme/js/ 991 B
1 KB 100ms
93ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/sss.min.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: d25cf1328a0760adaf95e35a9278df7a085c9c0a821faa05a75d7a3e482f7ed3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 215
etag: "60a5e7ee-3df"
x-cache: HIT #41/215s
x-varnish: 10282763 16137515
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 991
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 jquery.oembed.js Show response
www.stripes.com/theme/js/ 66 KB
67 KB 103ms
96ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/jquery.oembed.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 4f5210b63799c504ea7499a6d11733c9848fcc115a661c784059611d07d5de08

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 227
etag: "60a5e7ee-10943"
x-cache: HIT #41/227s
x-varnish: 20514851 17370119
x-cache-backend: web1
accept-ranges: bytes
content-type: application/javascript
content-length: 67907
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 main.js Show response
www.stripes.com/theme/js/ 4 KB
4 KB 101ms
95ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/main.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: da756438a59e52da1ab54dd8d5d602e8770c4f7e021df212c2d89ba563199719

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 09 Sep 2021 13:36:54 GMT
server: nginx/1.20.1
age: 76
etag: "613a0df6-f7b"
x-cache: HIT #14/76s
x-varnish: 5858508 1119704
x-cache-backend: web1
accept-ranges: bytes
content-type: application/javascript
content-length: 3963
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 embed-card.js Show response
www.stripes.com/theme/js/ 358 B
651 B 120ms
114ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/embed-card.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 2956f7b2aef18a4a79ac487f3a1d70cebc1a8a4352f7460b1048ec66e5028ad3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 213
etag: "60a5e7ec-166"
x-cache: HIT #38/213s
x-varnish: 20807888 15024482
x-cache-backend: web1
accept-ranges: bytes
content-type: application/javascript
content-length: 358
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 poll.js Show response
www.stripes.com/theme/js/ 2 KB
3 KB 119ms
112ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/poll.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: b66de84a754ca07ce6dc6936fc3ee8c8a8c8046a3258d46bf83876eb286634e4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 208
etag: "60a5e7ee-912"
x-cache: HIT #35/208s
x-varnish: 10282764 11717136
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 2322
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 / Show response
trinitymedia.ai/player/trinity/2900001605/ 5 KB
3 KB 341ms
112ms Script
application/javascript 54.161.145.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity/2900001605/?pageURL=$$PAGE_URL$$&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.161.145.16 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-145-16.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2e1f6865a454721d685241aaed2dc36a7f66cbf746e7b81662b0878103a3cb5d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store
content-length: 2092

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 392 KB
114 KB 182ms
67ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3e6aee43ce232f5c967d532d699c8dd2366873b4a61a6d6cbebb3606174a4a61

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:24 GMT
Content-Encoding: gzip
x-amz-request-id: MFWMHR98YRH2XN05
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: ZcllB9SbA926ZH9KQOz5wPFzA3xkxM/Tym1rK3Gaq8MnlwOAicmhT1g79GTLiRV39G6SUKjvQ8E=
Last-Modified: Thu, 02 Dec 2021 15:07:54 GMT
Server: AmazonS3
ETag: "0de0bc397fd51514098ef13d672152b4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 755212c0-9d5c-0138-7835-06b4c2516bae Show response
tag.simpli.fi/sifitag/ 0
789 B 124ms
36ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/755212c0-9d5c-0138-7835-06b4c2516bae

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 06 Dec 2021 06:11:24 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: Fr4VnoF9gKS8jIJ9fEVh
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 31 KB
11 KB 121ms
35ms Script
application/javascript 2600:9000:2156:600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 58329
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
date: Sun, 05 Dec 2021 13:59:16 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: FXZ-GW__OoVx0vYmQNG-76sz9McyKXqEozvj5P_JsHGYv4_QgrRh_A==

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 265 KB
67 KB 147ms
38ms Script
text/javascript 2600:9000:2156:8c00:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8c00:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f1819026c806a90d255de37b5dcbaa697ebe215f13dfbe3c11466846de16c60

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:47:17 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:13:20 GMT
server: AmazonS3
age: 1449
etag: "06d52f4a258d8948be6b5af90ded068a"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 68278
x-amz-cf-id: Zxc9-G4Ti1D2q6d5gyB3R78PfpNeZnqTfZSVnLTNIRvvYvK7BWydHg==

GET
H/1.1 200
OK embed.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 128 KB
46 KB 116ms
40ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b960a89dca43490bf0005a6ed7ef8287405c4bd8b050fc4a4934580d8a5920c6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Nov 2021 15:14:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"7ab9fd3318ef228deb0ec630a29c7cbe"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: 9jbFNF22uSpGwB2q4ZV2MbjCwig3Uym_x4QPIG_QssVn2YFdrAM9GA==

GET
H2 200 newsletter-popup.js Show response
www.stripes.com/theme/js/ 369 B
663 B 121ms
114ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/newsletter-popup.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 7f347580a7b031cfa6fc35eb046691b615875a9a791e75be3e39b821949ea600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 22 Jul 2021 13:36:32 GMT
server: nginx/1.20.1
age: 208
etag: "60f97460-171"
x-cache: HIT #37/208s
x-varnish: 19923645 21236563
x-cache-backend: web1
accept-ranges: bytes
content-type: application/javascript
content-length: 369
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 147ms
32ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 06 Dec 2021 06:11:24 GMT
x-host: s7.addthis.com
content-length: 116382

GET
H2 200 esi-parser.js Show response
www.stripes.com/theme/js/ 5 KB
6 KB 119ms
112ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/esi-parser.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: a7b96aae8e27bf932c36b6d28d81ff38091c23b43165c59da9272dc3d0eda219

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 215
etag: "60a5e7ec-151e"
x-cache: HIT #40/215s
x-varnish: 5858509 19925496
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 5406
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
36 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-714126-1

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01e159c59de456dab1469e1056e826438cc8130b500566a43bc00914f976c09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
expires: Mon, 06 Dec 2021 06:11:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3BD5CQRB6

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c84ba7f6dad43224738e0b6c95399f02790a1007c1f676c6c10ccbcb1506f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61873
x-xss-protection: 0
expires: Mon, 06 Dec 2021 06:11:24 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 109ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theme/js/ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b8ada87f6e9500e167b6afbc808f611d85788ae0b1119f75c5e2a3939480b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1064 / 886 of 1000 / last-modified: 1638572771"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26977
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Dec 2021 06:11:25 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 42ms
41ms Script
application/x-javascript 2600:9000:2315:6400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:6400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 04:51:57 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 4768
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Yk_gQsqiZO5R8GfAx3ZggtP2rhuWFrda2VNJ55uN5HU1YMZ68NgYew==
expires: Mon, 06 Dec 2021 06:51:57 GMT

GET
H2 200 v2zjsA7dXRGaOflwAf-P7adywfX-wHbRgVK7j9pAo5dE7A23d3SaObk4__kJ66vgn Show response
unwieldyhealth.com/ 103 KB
30 KB 90ms
30ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://unwieldyhealth.com/v2zjsA7dXRGaOflwAf-P7adywfX-wHbRgVK7j9pAo5dE7A23d3SaObk4__kJ66vgn

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

6dbec6d796db1b8f7a7a02af4f31910f7cfe4a234aa11139c5587552eac84524

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "773d4eeb84e563086f9b30001a1e96f384b0a869aa948042fd2f9f2947a80d80"
vary: Accept-Encoding, Accept-Language
x-hostname: e00eae1c
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 06 Dec 2021 06:11:25 GMT
timing-allow-origin: *

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 207ms
52ms Stylesheet
text/css 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ltm0ibz&ht=tk&f=4750.5022.5035.5178.5310.5416.13728.13732.13741&a=23587097&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 233 B
533 B 272ms
150ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=stripes.com&domain=stripes.com&path=%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0ae4422dc342d3d7b53c2551eaec4549a0d712d9a8bf535e396924e6c3d266e2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 180
x-served-by: cache-mxp6956-MXP
access-control-allow-origin: *
x-timer: S1638771085.824729,VS0,VE100
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 04 Dec 2021 06:11:24 GMT

GET
H2 200 l
use.typekit.net/af/a1f0a7/00000000000000007735ab08/30/ 15 KB
15 KB 234ms
94ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a1f0a7/00000000000000007735ab08/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a269fb78e485537faa03fc97623ac40f73045e9bb3bbdffe99f791e2c42388c7

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
server: nginx
etag: "b572f0bd95b8852b4b5cc172a1eca0f4af231e96"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15516

GET
H2 200 l
use.typekit.net/af/7ed1f6/0000000000000000773599aa/30/ 24 KB
24 KB 265ms
130ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7ed1f6/0000000000000000773599aa/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c28538ecd935a02cfe6a710b9d5222934f7d089617d6946da5ac2d28eecf4403

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
server: nginx
etag: "627a859e573624681b7c0bd15fd678fc8c9b8590"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24212

GET
H2 200 l
use.typekit.net/af/eae76c/00000000000000007735ab13/30/ 15 KB
15 KB 194ms
59ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eae76c/00000000000000007735ab13/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5f671f08f9fb9359472f84a258dfbf3b6345842b2a694e9f76ea8f728db788c8

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
server: nginx
etag: "e3f91c477dd19e9a0fedbace5e88820ce219a983"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15088

GET
H2 200 l
use.typekit.net/af/cfd773/00000000000000007735ab07/30/ 15 KB
15 KB 215ms
80ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cfd773/00000000000000007735ab07/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8eba40f39772c493ecc0fd53cdd43d1f5dffc562d3436c55763d70bc82280a58

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
server: nginx
etag: "4c9391c3cb3a51e8c1761375e24a182226b1d64d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15372

GET
H2 200 l
use.typekit.net/af/3058a4/0000000000000000773599a9/30/ 22 KB
23 KB 206ms
71ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3058a4/0000000000000000773599a9/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 86af2f2995b2ff5186ed018e5f52db32b2207a46b6abec40a7695d28786146e2

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
server: nginx
etag: "59a89fb61f21a3edac30327928f715dcac504cdb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23004

GET
H2 200 fa-solid-900.woff2
www.stripes.com/theme/webfonts/ 78 KB
79 KB 97ms
96ms Font
font/woff2 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/webfonts/fa-solid-900.woff2
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theme/css/font-awesome-all.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Request headers

Referer: https://www.stripes.com/theme/css/font-awesome-all.min.css
Origin: https://www.stripes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 0
etag: "60a5e7ee-1397c"
x-cache: MISS
content-type: font/woff2
x-cache-backend: web2
x-varnish: 10282776
accept-ranges: bytes
content-length: 80252
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 l
use.typekit.net/af/ccb3f3/000000000000000077359996/30/ 23 KB
23 KB 209ms
95ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ccb3f3/000000000000000077359996/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c9a15506556834fcb140633442b3f233c868bd7edb365c951555d429f608caeb

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
server: nginx
etag: "a0080e8a25d0ce5d821eac01bd9821c15609cf33"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23424

GET
H/1.1 200
OK si
capi.connatix.com/tr/ 0
188 B 443ms
112ms Image
application/json 3.132.182.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=22487b42-1752-47d3-8988-89edc0ddfb08
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.182.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-182-4.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
access-control-allow-credentials: true
server: Kestrel
Connection: keep-alive
Content-Length: 0
content-type: application/json

GET
H2 200 player.css
cds.connatix.com/p/140482/ 53 KB
8 KB 19ms
19ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/140482/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7f7a2dc8aba3c3e447f512c5db932f05241c1441b2188d87abf759b1a85295c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: br
last-modified: Fri, 26 Nov 2021 12:04:32 GMT
age: 841610
etag: "eb561df918de3fc2dbd966c4d0470447"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8321

GET
H2 200 / Show response
trinitymedia.ai/player/pulse/2900005504/ Frame 6F0A 6 KB
4 KB 115ms
114ms Document
text/html 54.161.145.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/pulse/2900005504/?playlist=//delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.161.145.16 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-145-16.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 24e8fc2da87fe2d555d796e55674f1261e49a906059704638f7af8e160c686b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-type: text/html;charset=UTF-8
content-length: 3104
server: Apache
cache-control: no-store
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *

GET
H2 200 l
use.typekit.net/af/c00e0b/0000000000000000773599ad/30/ 22 KB
22 KB 189ms
98ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c00e0b/0000000000000000773599ad/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3d396c4d9cb7175c15080c9f60c5af11eace9815f2a39cabdc3b2679df39b2d8

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
server: nginx
etag: "e1769aec92cb7819665871889d342767f1277ab4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22640

GET
H2 200 newslettersignup-bg.jpg
www.stripes.com/theme/images/ 33 KB
33 KB 96ms
96ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/images/newslettersignup-bg.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theme/css/layout.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 0641c5c4150eec9082db44493a7168d300718a478e28b628c37f766b2bf83aa4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/theme/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 0
etag: "60a5e7ec-8242"
x-cache: MISS
content-type: image/jpeg
x-cache-backend: web2
x-varnish: 19138847
accept-ranges: bytes
content-length: 33346
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 trinity-injector-script.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/ 319 KB
49 KB 77ms
77ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/trinity-injector-script.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900001605/?pageURL=$$PAGE_URL$$&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: f10c2ef28bc741f9ffd0a2eb720cc51407d45e6c6b4c5897cbc742ff9a8d590a

Request headers

Referer: https://www.stripes.com/
Origin: https://www.stripes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 12:38:09 GMT
server: AmazonS3
x-amz-request-id: F7YR0SDC63VE05ZZ
etag: "e87850ff89db5081afccae0397ae4582"
x-hw: 1638771085.dop043.lo4.t,1638771085.cds219.lo4.hn,1638771085.cds036.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49629
x-amz-id-2: 4nBmzWHD3juN2+fQ9i3K+AjI/P7Dg2N6aTLZrDsuAqhvyK26BB0hZyaajspWo6zNeY+5rYGuA3k=

GET
H/1.1 200
OK format.js Show response
cdn.teads.tv/media/ 107 KB
36 KB 176ms
50ms Script
text/javascript 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.teads.tv/media/format.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7537c0d704d7f0d6b79f06f3335e189f39168ef66c0aafe0f4b4643b6143c924

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 14:15:11 GMT
Server: AmazonS3
x-amz-request-id: QPS53VFJ517KGKPV
ETag: "4a63743cc5bc95870e096fabaaf59f91"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Cache-Control: max-age=138
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 36760
x-amz-id-2: 9/h2KkKfZWjA8mDdtsKiQpdZjeybM48PoM1LUEoiQ0ou99pSRGdmurJ6L5MTx57vutrJP/sWIJk=

GET
H2 200 form-settings Show response
mc.us2.list-manage.com/subscribe/ 2 KB
3 KB 278ms
200ms Script
application/json 23.45.110.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.us2.list-manage.com/subscribe/form-settings?u=f141047f5265cca1bca1a0c28&id=0ab8697a7f&u=f141047f5265cca1bca1a0c28&id=0ab8697a7f&c=dojo_request_script_callbacks.dojo_request_script0
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.45.110.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-110-243.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 2f4629aee73fb98ef3be17dc61010858661ca7a569706ae546916ddbb29163a2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
referrer-policy: same-origin
server: openresty
vary: Accept-Encoding
content-type: application/json; charset=utf-8
expires: Mon, 06 Dec 2021 06:16:25 GMT
cache-control: max-age=300
content-length: 929
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 3 KB
1 KB 135ms
62ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/267968996/Stripes_Takeover&t=sitepage%3Dstripes-U.S.&sz=6x1&c=9046512958&m=text/javascript

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9577e4d5aa2515c7ba2fe8aac6fe139dad976326cd5340695ecad274fa7bf4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 747
x-xss-protection: 0
google-lineitem-id: 5828607266
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373224122
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame F7BF 8 KB
5 KB 505ms
168ms XHR
application/x-protobuf 3.132.182.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=140482
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.182.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-182-4.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 43b85f6afc4c35f33e6cc583841f3cbbd25134696d07850961da139f8e2124b4

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 4805

GET
H2 200 t Show response
jadserve.postrelease.com/ 2 KB
1 KB 337ms
131ms Script
text/javascript 35.153.224.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-224-87.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: efe65a393688c9192f53dafcb2ca6f7191779332185c53e57e1a4185b5b438aa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 893
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 app.js Show response
vd.trinitymedia.ai/trinity-player/pulse/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/js/ Frame 6F0A 855 KB
230 KB 105ms
20ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/js/app.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/pulse/2900005504/?playlist=//delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 22bdaa965875e584e70087d6e7e78b333c4a16b86ba126edf158705e1bb27048

Request headers

Referer: https://trinitymedia.ai/
Origin: https://trinitymedia.ai
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 12:38:10 GMT
server: AmazonS3
x-amz-request-id: 2ZCFXN9GAC99BS15
etag: "370ade5ffc0297f28da3269ee25fb0a3"
x-hw: 1638771085.dop043.lo4.t,1638771085.cds219.lo4.hn,1638771085.cds035.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 234594
x-amz-id-2: pPNVWzlc4MR9Od7aDqxIlqBvRc98A5jnB0FQGZAKRRysi5y0G3bTN+Rc1oNX3G4AOZoy5c8y1aQ=

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 23 KB
6 KB 134ms
31ms XHR
text/plain 2600:9000:2156:9800:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9800:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6660d021cb61bf85a010f2d5255188935ae90360558494eb9e2412fd3728d7b4

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Dec 2021 10:04:43 GMT
content-encoding: gzip
last-modified: Sun, 05 Dec 2021 10:04:15 GMT
server: AmazonS3
age: 72403
etag: W/"7b5c754b0cbad57ff5f92d5db77ec522"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: iykWvQV-UpXMTvzl43ikUpxi7wmIX8w-7kWfCeYaU9XNKL1Q8MkyOQ==
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)

GET
H2 200 15117444711140237065
tpc.googlesyndication.com/simgad/ 80 KB
81 KB 102ms
31ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15117444711140237065?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6903418cd2cda134ffc4048149352b8d5cb27928117a0d204ea27e73e448f48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 15:57:06 GMT
x-content-type-options: nosniff
age: 310459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82320
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:54:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Dec 2022 15:57:06 GMT

GET
H2 200 5632065328601309286
tpc.googlesyndication.com/simgad/ 19 KB
19 KB 72ms
71ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5632065328601309286?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f6d6747a20379285899eb273e878ce5e180fc9e8aa5463c5b00989f23a1beb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 15:57:06 GMT
x-content-type-options: nosniff
age: 310459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19660
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:54:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Dec 2022 15:57:06 GMT

GET
H2 200 13711484568623043557
tpc.googlesyndication.com/simgad/ 89 KB
89 KB 79ms
78ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13711484568623043557?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b110085568edfe15a234de5f8bda3a838be46dfeaea429c9be7abb483c2a08b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 479819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91336
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H2 200 17033718985352900333
tpc.googlesyndication.com/simgad/ 22 KB
22 KB 100ms
99ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17033718985352900333?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e3cd4238bdd3dcd7e0710d584323a16a922ca222a7f6c632a3b4c45aaac3aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 479819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22656
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H2 200 17163776189481263682
tpc.googlesyndication.com/simgad/ 31 KB
31 KB 103ms
102ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17163776189481263682?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a5bd42df0226330e4a8f965446c7d5536a11c166ac0472f47ce9948379b1470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 479819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32056
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H2 200 9150966138789081389
tpc.googlesyndication.com/simgad/ 44 KB
44 KB 107ms
106ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9150966138789081389?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a090ab7df6161fa67c307f4aa50667bf976b80226dada40fdfaedbcb007922ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 479819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45056
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 127ms
44ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=34537
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 165 KB
53 KB 170ms
41ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 21:19:34 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1416-29219-5c85dc6abdd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=106828
accept-ranges: bytes
content-type: text/javascript
content-length: 54050
expires: Tue, 07 Dec 2021 11:51:53 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/stripes/ 7 KB
2 KB 79ms
63ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/stripes/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: abdf35269b8e8f726d2a7f79d31a8323212d7b48f10bacc3632ae5334531922e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
etag: -623866452--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=53, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1457

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 180ms
156ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61ada98dc22dcbb4&bkl=0&bl=1&pdt=1776&sid=61ada98dc22dcbb4&pub=stripes&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.stripes.com&fp=theaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html&fr=&of=0&sr=twitter&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=pegasus%20spyware%20used%20to%20hack%20US%20diplomats%2Cpegasus%20spyware%20us%20diplomats%2Cpegasus%20spyware%2Cpegasus%20spyware%20nso%20group&colc=1638771085419&jsl=131089&uvs=61ada98d9330ff35000&skipb=1&callback=addthis.cbs.jsonp__237580699342784470
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 51e4dcb3859308401c922d20f0c9b7f154b008c04c6aedb92fc2464954e8e99d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:25 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame C6D5 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 7584 71 KB
26 KB 35ms
34ms Document
text/html 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 06 Dec 2021 06:11:25 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 301ms
99ms Image
image/gif 52.45.61.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=stripes.com&p=%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html&u=CIJ0YKdC3YX8UsRA&d=stripes.com&g=66270&g0=U.S.&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6218&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2541&t=BSvip9CsXgV6uUydXBQqAHijGrvM&V=129&i=Pegasus%20spyware%20used%20to%20hack%20US%20diplomats%20working%20abroad%20%7C%20Stars%20and%20Stripes&tz=0&sn=1&sv=5ozFUNAtY7DJqHbPC5XAMABiRXkK&sd=1&im=06530c4f&_
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.61.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-61-27.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:25 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 86AE 42 KB
15 KB 48ms
37ms Document
text/html 2600:9000:2156:600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62e9a0d0147f7293806755528e5777e0a138386a9020049c039cb2735b80d613

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

content-type: text/html
last-modified: Sun, 21 Nov 2021 12:17:53 GMT
x-amz-version-id: 4rqYHrMhihq8E.nYI35gRFVBXpN.exIW
server: AmazonS3
content-encoding: gzip
date: Sun, 05 Dec 2021 11:14:19 GMT
etag: W/"a602e0797ed12b929b825522f0044c3a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 2KRb0rP7VLHtSqsAYl4sd7Q5Mcya6rdjWl7r688KBj3ks7fEtYtwEA==
age: 68227

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TCBWEF5WWR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714126-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ed05536c1aac8e6dd2dc0b936dfcbc186a1ef53e13996d333f72886f537a283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61843
x-xss-protection: 0
expires: Mon, 06 Dec 2021 06:11:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3BD5CQRB6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714126-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9bed13c8737243a92036b6ce7476212ce02141339f9e8bf2d31d76e8a138dcc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61867
x-xss-protection: 0
expires: Mon, 06 Dec 2021 06:11:25 GMT

GET
H3 200 pubads_impl_2021113001.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 82ms
63ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

465b31f84196ddfdd21c859a1460c95d70093d91e3ae5ce5c688c398b9dc20f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119680
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Dec 2021 06:11:25 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
716 B 119ms
47ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.stripes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

00479816b3ec247bebe149cc083fb40db68e7c3bae96998c67d0dd666d509c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Mon, 06 Dec 2021 06:11:25 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 0330 319 KB
103 KB 100ms
100ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.stripes.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D2E) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 290051
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 06 Dec 2021 06:11:25 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D2E)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 122ms
31ms Image
image/gif 2600:9000:2156:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age: 10504611
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: TF_9tLy94_rOu0lIKN8m6MtxDXgCQvi3BBOOnvmjOP-qPiIejoFb8Q==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 195ms
146ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 06 Dec 2021 06:11:25 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 147ms
147ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.stripes.com/
Bugsnag-Sent-At: 2021-12-06T06:11:25.600Z
Accept-Language: en-GB,en;q=0.9
Bugsnag-Api-Key: 6a718baeb7a9a3b44b6047423cea023a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 06:11:25 GMT
via: 1.1 google
bugsnag-session-uuid: a20ef6f3-f725-483d-b712-cd761686f2de
alt-svc: clear
content-length: 21
content-type: application/json

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 6F0A 0
0 164ms
33ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/js/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 06:11:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 rss Show response
delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/ Frame 6F0A 32 KB
8 KB 89ms
21ms Fetch
application/xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 372c79e9569ebaae5040b8550b42ab1add3ef51ae32c31faa2f9eeb899be1970

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
x-hw: 1638771085.dop239.lo4.t,1638771085.cds228.lo4.hn,1638771085.cds272.lo4.c
content-type: application/xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=8
accept-ranges: bytes
content-length: 7779

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 6F0A 0
0 157ms
32ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/js/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 06:11:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

POST
H2 200 collect
depart.trinitymedia.ai/api/ 0
0 110ms
33ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 06:11:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 css2
fonts.googleapis.com/ Frame 867D 2 KB
967 B 109ms
39ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/trinity-injector-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 04:16:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 06:11:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 06:11:25 GMT

GET
H2 200 trinity-player.php Show response
trinitymedia.ai/player/ Frame 6A88 9 KB
5 KB 129ms
128ms Document
text/html 54.161.145.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=f9ef387f-945a-43ee-b14c-0c7ccb2c19ab&isLegacyBrowser=false&version=20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8&useCFCDN=0&themeId=267
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/trinity-injector-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.161.145.16 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-145-16.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 079febc978c97cb16dcaf6e730d03c57461e7ce5a7eebe483dac6d039cacc152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-type: text/html; charset=UTF-8
content-length: 4386
server: Apache
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame F7BF 0
316 B 111ms
111ms XHR
application/x-protobuf 3.132.182.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=140482
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.182.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-182-4.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 06 Dec 2021 06:11:24 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
26 KB 86ms
46ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

4b8ada87f6e9500e167b6afbc808f611d85788ae0b1119f75c5e2a3939480b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1064 / 956 of 1000 / last-modified: 1638572771"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26977
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Dec 2021 06:11:25 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ Frame F7BF 852 B
689 B 70ms
19ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b7e48c138e4a89704f115dce26161a11723921358d5021fd40095c1463f62d25

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:43:28 GMT
age: 1577104
etag: "22e82baa3451d58ece0cc49e9ffdd561"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 598

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F7BF 374 KB
124 KB 128ms
45ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126291
x-xss-protection: 0
expires: Mon, 06 Dec 2021 06:11:25 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/ Frame F7BF 649 B
571 B 43ms
20ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 436a16ee0cec77e60f40d2183ffe0a550a673f36ed9cd338183d2ec512c7113a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 10:04:47 GMT
age: 543211
etag: "ee6acc73696bdb482a28cbd30672b035"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 480

GET
H2 200 3_media.bin Show response
vid.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/ Frame F7BF 774 B
644 B 43ms
20ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a3047b6acf0c2384e67db5839544faaf6f593ff62ced8d38d418d63650cf767a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:57:14 GMT
age: 440324
etag: "e5c30d159939f2a879ae80ea05ccea69"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 553

GET
H2 200 2_media.bin Show response
vid.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/ Frame F7BF 639 B
681 B 59ms
36ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: beb708126effaa6d24be5caa1736fe0caad6775e8ae88630af8a489d9effff4e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:31:55 GMT
age: 1096186
etag: "b563b46c5f47c9d47cff3e2dd828623c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 443

GET
H2 200 2_media.bin Show response
vid.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/ Frame F7BF 697 B
589 B 58ms
35ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 22f285b13c847acfae37b653367aec4453e570bd7d61158422db8cb1c792b3de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:28:21 GMT
age: 1577104
etag: "3a8707752cfffc75b70b5341333df4c6"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 503

GET
H2 200 2_media.bin Show response
vid.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/ Frame F7BF 581 B
520 B 43ms
21ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7b5a6c2327ddb59d4323e1159dca0f60b36fd0d53a37311361d562cdfefde34e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:23:05 GMT
age: 1145227
etag: "a1d399ed504b799427c2cc0fc871292a"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 429

GET
H2 200 2_media.bin Show response
vid.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/ Frame F7BF 854 B
660 B 41ms
19ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1de247a80c68ee0c81d7dc38982eca90e34e4dd39d9a1ce6a83a5ca5241fb336

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:28:53 GMT
age: 333425
etag: "033ed44cabc23d7efee8014ab2ad3d51"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 569

GET
H2 200 3_media.bin Show response
vid.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/ Frame F7BF 326 B
384 B 42ms
21ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c263104b538a4ee08d885431b5f576e8ff68e9ce2d57df821c8e6bb917bfc159

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Fri, 29 Jan 2021 07:50:51 GMT
age: 1577105
etag: "35c7e9de562330852a3eac3e15ca7eaa"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 293

GET
H2 200 2_media.bin Show response
vid.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/ Frame F7BF 374 B
555 B 40ms
18ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c638ddbf6cd3019073fd3a9bb98bcc425e085c7e100ab65d11a6b12030f7e43d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 23:06:44 GMT
age: 2178825
etag: "d5281272e3aaba9909a1c47493594190"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 318

GET
H2 200 2_media.bin Show response
vid.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/ Frame F7BF 429 B
452 B 41ms
20ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4903dd620e413c6ea166611db7586c9cb2e7d1a557c98053e8c99537a5f18fc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 10:04:35 GMT
age: 1097593
etag: "a82d6722dcc7f8107b56e192dc305a09"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 361

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 3 KB
2 KB 732ms
371ms XHR
application/json 2606:4700:10::6816:858
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=905&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe31c3672f7d2135a661367f3114cc9e37a60eb368f0f1032c8f8f4cf80efcc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-length: 1267
x-ua-compatible: IE=edge
last-modified: Mon, 06 Dec 2021 05:43:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: en
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, public, s-maxage=60, max-age=0
accept-ranges: bytes
cf-ray: 6b935b575d735a19-MXP

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 602 KB
132 KB 195ms
53ms Script
text/javascript 2a02:26f0:fb:199::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js?20211266
Requested by: Host: cdn.teads.tv
URL: https://cdn.teads.tv/media/format.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:199::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 510e6b176fac7f9500c599078eeed7cf9a0e11982f5df02e35e0a452e02a543f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: YX94G04DAFM4JNV4
content-length: 134154
x-amz-id-2: xSbXuZfOHw3+CeXT9szaZx4HMgF4ftfcBCx2WhfI3mNgd2Q7ZcS9eKTpJQHQPi1luJBFu2ki1/o=
last-modified: Wed, 01 Dec 2021 14:15:45 GMT
etag: "0f5a10a3dedcbbaf710854a2c3f5c144"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: c
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 06 Dec 2021 06:41:25 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
162 B 97ms
50ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TCBWEF5WWR&gtm=2oec10&_p=1196089208&sr=1600x1200&ul=en-us&cid=502078607.1638771086&_s=1&dl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html&dt=Pegasus%20spyware%20used%20to%20hack%20US%20diplomats%20working%20abroad%20%7C%20Stars%20and%20Stripes&sid=1638771085&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TCBWEF5WWR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 102ms
30ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714126-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4218
date: Mon, 06 Dec 2021 05:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Dec 2021 07:01:07 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 77ms
38ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S3BD5CQRB6&gtm=2oec10&_p=1196089208&sr=1600x1200&ul=en-us&cid=502078607.1638771086&_s=1&dl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html&dt=Pegasus%20spyware%20used%20to%20hack%20US%20diplomats%20working%20abroad%20%7C%20Stars%20and%20Stripes&sid=1638771085&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3BD5CQRB6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 867D 47 KB
48 KB 104ms
32ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.stripes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:26:13 GMT
x-content-type-options: nosniff
age: 233112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:26:13 GMT

GET
H/1.1 200
OK popup.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 101 KB
31 KB 37ms
36ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ed1a215eecd0157174987e302a5f4e1f6a5d1cd7f384608c4e6e8f5cd535ff1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:10:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 82
ETag: W/"459011526cbe745c65ba1b165285fbe9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: PHmKpuuq0aKqgpn_w66NziawfKABR2hLZ0GinTsm_87_WNTCIDWwtQ==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 278ms
176ms Preflight 2600:9000:2156:2e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:2e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6OeWSwBAezEYTGTJjBr1yyF1UoAPIINumlb32FnTkNByFF1KeUG1ew==

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 86AE 107 B
862 B 180ms
179ms XHR
application/json 2600:9000:2156:2e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:2e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

77462e82e9a4e449d207373d19e12834cb6d35b1ac7859aed7724697383b06ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 107
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Mon, 06 Dec 2021 06:11:26 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: zuwVUK38gJXRfG1YlT9LF81OCZ3LmhRIsoOIJb44IOyvDvXC9pVRMw==

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
266 B 103ms
32ms Fetch
text/html 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=166574

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Mon, 06 Dec 2021 06:11:25 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 100ms
30ms Fetch 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-239-78.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Mon, 06 Dec 2021 06:11:25 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 1_th.jpg
img.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/ 3 KB
2 KB 26ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af43ea4c564c18bf2c64d2c4aa030a083c82a68ad9a07ba5b3d9f74edd2262c7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 412992
etag: "iWuDKDST3Ti8E/S1W2HETgnIDGmVcj5bM3ZudiZSoMU"
access-control-max-age: 86400
fastly-io-info: ifsz=77519 idim=720x406 ifmt=jpeg ofsz=2759 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2323

GET
H2 200 1_th.jpg
img.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/ 3 KB
3 KB 20ms
20ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 34dc1dfc7400857ee8bb0abb46d0662735c6c4b26b91b88d076e7537e22504cb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 2757471
etag: "U8zM2ju17E/3BYi81usYO8WinqaoOyR0w9MMeKTtOww"
access-control-max-age: 86400
fastly-io-info: ifsz=69533 idim=720x406 ifmt=jpeg ofsz=3078 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2636

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 95ms
94ms Image
image/gif 35.153.224.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=40196&ntv_pl=839427
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-224-87.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:25 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 95ms
94ms Image
image/gif 35.153.224.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=05a25bfa-e1ae-4001-8c14-dfe4034d137e&ntv_fl=CF4se3gYGjAPzQcMJoAeWdJoB6c_a_3asVk8NKJcWF1jmz_xiWeIdTQzc6tmHJ64E92sCpyw2UM1thVhzhPvP_WFz08TWh3xeVm4GRDW2LWp77L9k5nJX7CgEQPlSXHjkdT9K4rf7-TZDc_fvdpy7drNIDU5TX_hpLGxHtPSIgwZ4cd2lh4xek9_bjAoTafXhMELEwBnAiatAqtgfC3ZjUHLtFDmeMGzAJy3U88rg0BttRvLLvABc_oUFfVsnrb5pNWmPcsSYRCv9JlBV_b-BZNxTNfs04ilr12ayLk-TC3L2ydyZBNoqL5Y2KIpoowJ&ntv_ht=jamtYQA&ntv_at=303,302&ntv_a=AAAAAAAAAAA88MA&ord=1638771085998&ntv_dpl=1009,1011,1028,1050,1003,1007&ntv_it
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-224-87.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:25 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 96ms
95ms Image
image/gif 35.153.224.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=05a25bfa-e1ae-4001-8c14-dfe4034d137e&ntv_fl=CF4se3gYGjAPzQcMJoAeWdJoB6c_a_3asVk8NKJcWF1jmz_xiWeIdTQzc6tmHJ64E92sCpyw2UM1thVhzhPvP_WFz08TWh3xeVm4GRDW2LWp77L9k5nJX7CgEQPlSXHjkdT9K4rf7-TZDc_fvdpy7drNIDU5TX_hpLGxHtPSIgwZ4cd2lh4xek9_bjAoTafXhMELEwBnAiatAqtgfC3ZjUHLtFDmeMGzAJy3U88rg0BttRvLLvABc_oUFfVsnrb5pNWmPcsSYRCv9JlBV_b-BZNxTNfs04ilr12ayLk-TC3L2ydyZBNoqL5Y2KIpoowJ&ntv_ht=jamtYQA&ntv_at=321,322,333&ntv_a=AAAAAAAAAAA88MA&ntv_jlt=2312&ntv_jad=759&ntv_jte=11&ntv_it
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-224-87.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:25 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 95ms
95ms Image
image/gif 35.153.224.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=839427&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-224-87.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:25 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cev-plv-o0tl0j.png
o.addthis.com/at/ Frame 7584 67 B
478 B 461ms
156ms Image
image/png 158.101.26.148
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.addthis.com/at/cev-plv-o0tl0j.png?&ev=AT-stripes/-/-/61ada98dc22dcbb4/1/X61ada98db56f1a82&ce=gen%3D1%3B0%2Crxi%3Dc9ad7176a73e99da%3B0%2Crsc%3Dtwitter%3B0%2Cplv%3D1%3B0%2Cpti%3DPegasus%2520spyware%2520used%2520to%2520hack%2520US%2520diplomats%2520working%2520abroad%3B0%2Clng%3Den%3B0&PRE=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html&pro=0&rev=v8.28.8-wp
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.101.26.148 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: eaa4a94ea300e0d2c775968cbe42f0b5b51ceafdeb73d64e9efddf6d4e880865

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s7.addthis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 06:11:26 GMT
P3P: CP="NON ADM OUR DEV IND COM STA"
Cache-Control: no-cache, no-store, private, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 67
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame F7BF 0
316 B 111ms
111ms XHR
application/x-protobuf 3.132.182.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=140482
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.182.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-182-4.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame F7BF 703 B
760 B 445ms
138ms XHR
application/x-protobuf 3.132.182.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=140482
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.182.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-182-4.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 61dc6f510a3954f5fdff720a83b9dd166a7b61a2280aadc61605cc68e3466838

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 463

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame F7BF 0
316 B 111ms
111ms XHR
application/x-protobuf 3.132.182.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=140482
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.182.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-182-4.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ 33 KB
33 KB 21ms
20ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/1_th.jpg?crop=774:435,smart&width=774&height=435&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3d644c93265abc15185cf5accc1ce3a9f111642674bee3eef1fed1374ea3b127

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 1557844
etag: "7V0hB8fmaHKF2+v21vNKG6QPJBPFRgxSYXIIbaK+jeA"
access-control-max-age: 86400
fastly-io-info: ifsz=84536 idim=720x406 ifmt=jpeg ofsz=34063 odim=720x405 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 33628

GET
H2 200 1_th.jpg
img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ 29 KB
29 KB 21ms
20ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/1_th.jpg?crop=950:435,smart&width=950&height=435&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 84643b7ec7363a7ac96daf9ae8a186ef3051abdcd320c79d07e5741115a0138c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 1557844
etag: "K1l6YyAiMwWAAH4nYudGQ7pek84iEmPDkkmjileCeL4"
access-control-max-age: 86400
fastly-io-info: ifsz=84536 idim=720x406 ifmt=jpeg ofsz=29478 odim=720x330 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 29050

GET
H2 200 1_th.jpg
img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ 4 KB
3 KB 20ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c3d78ae222f2cdf9c08f1ee05ebca73903c7bf21cb21e45a76dbfc9ce830474a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 1557844
etag: "B/WegXjEdqWIQo2IdAnSNjI+erwOE7TpxCs/Cx6Mqmw"
access-control-max-age: 86400
fastly-io-info: ifsz=84536 idim=720x406 ifmt=jpeg ofsz=3835 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3401

GET
H2 200 1_th.jpg
img.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/ 4 KB
3 KB 19ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 555818d8877676d953f04b982d8d9394c886b824332642a15473480f3baf5a8e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 2229908
etag: "WPUP4EGguU9ULPU+jncZ/NhYATIGQD9bfJyklI2QdWU"
access-control-max-age: 86400
fastly-io-info: ifsz=69377 idim=720x406 ifmt=jpeg ofsz=3597 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3189

GET
H2 200 1_th.jpg
img.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/ 2 KB
2 KB 20ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d8eae99f8d3991899f01edc638dee12b8d9d2c8e9865bdb0c87b7562af18d071

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 2233188
etag: "T/U5qZCTPAmLGnzHRQjxq0S6krQMXt7gl2uA+6MmqYU"
access-control-max-age: 86400
fastly-io-info: ifsz=42851 idim=720x406 ifmt=jpeg ofsz=2355 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1897

GET
H2 200 1_th.jpg
img.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/ 3 KB
3 KB 19ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b581d1bdfa05cb424c99f7d8c429c40c1260969e39fde3b222d449b8eef5ce2c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 3975487
etag: "ZeFSGsQlxTwoz0qBo8hiuzfTmloxdBwXG9aotIrjmZk"
access-control-max-age: 86400
fastly-io-info: ifsz=123615 idim=720x406 ifmt=jpeg ofsz=3248 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2821

GET
H2 200 1_th.jpg
img.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/ 2 KB
2 KB 19ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0cea5263a3b6819b999123c15a2416b808c1c34d24435cb19c7fba696cf4a3c9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 1123159
etag: "5EqEXwsEqxZbPq01WeQqLKu/GVS553lI+wLABKy/8Lc"
access-control-max-age: 86400
fastly-io-info: ifsz=32943 idim=720x406 ifmt=jpeg ofsz=2334 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1884

GET
H2 200 1_th.jpg
img.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/ 3 KB
3 KB 19ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c65b00e5d831ccbe1bf42e38e82c3b193a35cdfab03f6471c1e8e68cd12a3a7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 2162165
etag: "cUAI6dPxSuFlj/a1TDRioxjRmcA2gr4gcD6MzGfaGAk"
access-control-max-age: 86400
fastly-io-info: ifsz=46591 idim=720x406 ifmt=jpeg ofsz=2973 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2504

GET
H2 200 1_th.jpg
img.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/ 4 KB
4 KB 20ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 45b60c9ae048b78a11d296a37e770b2748a26c5c00e0cea78607964758f50fa8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 1104121
etag: "uZ5oa44givO2FgmyLNehnG8ULjRsgh8MnkA+1C5XAkE"
access-control-max-age: 86400
fastly-io-info: ifsz=140594 idim=720x406 ifmt=jpeg ofsz=4159 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3724

GET
H2 200 1_th.jpg
img.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/ 4 KB
4 KB 19ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b214dd816be55213fb9ebacc212f8850dfb4c5515bba44aaec5823e58a68f2d8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: br
age: 3369010
etag: "JPOcaNbaTb0PgX2DmWgZSp5pbbFFBq4ospLM2EZx8KE"
access-control-max-age: 86400
fastly-io-info: ifsz=93995 idim=720x406 ifmt=jpeg ofsz=4277 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3874

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 35ms
35ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 06 Dec 2021 06:11:25 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 forbes-484fef5e39bd1f12260ad07d5cc3499d.js Show response
vd.trinitymedia.ai/trinity-player/buttons/ Frame 6A88 3 KB
1 KB 22ms
21ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/buttons/forbes-484fef5e39bd1f12260ad07d5cc3499d.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=f9ef387f-945a-43ee-b14c-0c7ccb2c19ab&isLegacyBrowser=false&version=20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8&useCFCDN=0&themeId=267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: f8e49947d3547dba3e5bf18c2cefcc2dda7ff5f714e52f398b97d84887d1c586

Request headers

Referer: https://trinitymedia.ai/
Origin: https://trinitymedia.ai
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 16:20:22 GMT
server: AmazonS3
x-amz-request-id: 9ZXY40NQ6N752CFE
etag: "36fd63d78ee11a3ae1d71d8cacae4b0a"
x-hw: 1638771085.dop043.lo4.t,1638771085.cds219.lo4.hn,1638771085.cds041.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=74239
accept-ranges: bytes
content-length: 840
x-amz-id-2: uZE+82usLNtT2fORtCsaJ901choHDTHDG3wymvJOz0brJccdzSrCYAjFxgl/4oCxoPfx3ilDqXk=

GET
H2 200 trinity-player.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/ Frame 6A88 1 MB
180 KB 67ms
22ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/trinity-player.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=f9ef387f-945a-43ee-b14c-0c7ccb2c19ab&isLegacyBrowser=false&version=20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8&useCFCDN=0&themeId=267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 57af4c52e4685a12a11e78468baf0476c726a1a1dfe797b1745c781d0df819b8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 12:38:09 GMT
server: AmazonS3
x-amz-request-id: VGCA3E2MC4T9ZQXT
etag: "47947e4a1f72c526c555c6b153dd7a22"
x-hw: 1638771085.dop239.lo4.t,1638771085.cds203.lo4.hn,1638771085.cds084.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 184355
x-amz-id-2: dtfQvbQa31N4ibCkKtwCyhTBHSH+nVyhSC2WrFhIT5hvZA3ZtXPV4rtTKi5zRGWGomJ5VyXicjs=

GET
H2 200 rss_banner.jpg
vd.trinitymedia.ai/cms/1202/image/audio/a038e2d553415764a753e378912e5fc19457329baebe8f10a8b3c63962d2fa45/ Frame 6F0A 78 KB
78 KB 98ms
81ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vd.trinitymedia.ai/cms/1202/image/audio/a038e2d553415764a753e378912e5fc19457329baebe8f10a8b3c63962d2fa45/rss_banner.jpg?ts=1638636593000
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 30d35f01e21d2c9598b7849a173ae6b8cab8e867d77f325d7b615b85e23cac70

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:25 GMT
last-modified: Sat, 04 Dec 2021 16:49:49 GMT
server: AmazonS3
x-amz-request-id: M70XE3Y7ZQ10FS9P
etag: "c291afba0a6077d98e43fc30a9ebd439"
x-hw: 1638771085.dop239.lo4.t,1638771085.cds203.lo4.hn,1638771085.cds059.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=15647
accept-ranges: bytes
content-length: 79601
x-amz-id-2: lT2tDlCrcFLpTEO+7qfNNywF1WyViBFF21emrxPeQfqCHXnf+6Y40F1hwK/SDY6Ztl3Nmw7k8xI=

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 164ms
50ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.stripes.com%2F&domain=www.stripes.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.stripes.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1405
date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.stripes.com%2F&domain=www.stripes.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=QwHTj3xjNGh0dW1mQ1dsTFFxSm1OQ29SZkI3eEthblpIVUROdXpBQU5YOTdJT3UxZmZaNkU0STdkNHQ0dGE1Vmh2RXR6OVlUbGFENEFsRDJqa3l2bFJPeVpnSVlpQjhuUXdVUzlFSENTYU1wTG1qd3pBclM2WGxPc1BPV2...

363 B
615 B

79ms
27ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=QwHTj3xjNGh0dW1mQ1dsTFFxSm1OQ29SZkI3eEthblpIVUROdXpBQU5YOTdJT3UxZmZaNkU0STdkNHQ0dGE1Vmh2RXR6OVlUbGFENEFsRDJqa3l2bFJPeVpnSVlpQjhuUXdVUzlFSENTYU1wTG1qd3pBclM2WGxPc1BPV2tkYS9oeTVJaVVpdkZnV01SQzB6ME1BUTZQTlZwWUEvZVdIR01RVVduby82cGtNRW9GbFBqcUJGT0RyTkUvcXcvOStGMjlla2VXWVRuUXhpeFphZ1ZLaXp1VitHQlpwOHhzZ1RMQ0hXK1BQb3FIekhzdnE0PXw&cppv=2

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2e48c336a6bf817d20cfdda8b4423a41456d5cb59cae469948a1c3a16853de68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 06 Dec 2021 06:11:25 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2092
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 06 Dec 2021 06:11:25 GMT
location: https://mug.criteo.com/sid?cpp=QwHTj3xjNGh0dW1mQ1dsTFFxSm1OQ29SZkI3eEthblpIVUROdXpBQU5YOTdJT3UxZmZaNkU0STdkNHQ0dGE1Vmh2RXR6OVlUbGFENEFsRDJqa3l2bFJPeVpnSVlpQjhuUXdVUzlFSENTYU1wTG1qd3pBclM2WGxPc1BPV2tkYS9oeTVJaVVpdkZnV01SQzB6ME1BUTZQTlZwWUEvZVdIR01RVVduby82cGtNRW9GbFBqcUJGT0RyTkUvcXcvOStGMjlla2VXWVRuUXhpeFphZ1ZLaXp1VitHQlpwOHhzZ1RMQ0hXK1BQb3FIekhzdnE0PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1937
content-length: 482
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 110ms
38ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.stripes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 111ms
39ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.stripes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 255 KB
35 KB 114ms
114ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=350202993357161&correlator=722381057523480&output=ldjh&impl=fifs&eid=31061815%2C44752540&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211206&iu_parts=267968996%2CStripes_BigBoard1%2CStripes_BigBoard2%2CStripes_BigBoard3%2CStripes_BigBoard4%2CStripes_Leaderboard1%2CStripes_Leaderboard2%2CStripes_Article1%2CStripes_Mobileleaderboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C950x153%2C728x90%7C950x153%2C300x250%2C320x50&prev_scp=sitepage%3Dstripes-U.S.%7Csitepage%3Dstripes-U.S.%7Csitepage%3Dstripes-U.S.%7Csitepage%3Dstripes-U.S.%7Csitepage%3Dstripes-U.S.%7Csitepage%3Dstripes-U.S.%7Csitepage%3Dstripes-U.S.%7Csitepage%3Dstripes-U.S.&cookie_enabled=1&bc=31&abxe=1&lmt=1638596929&dt=1638771086188&dlt=1638771084598&idt=1557&frm=20&biw=1600&bih=1200&oid=2&adxs=1145%2C-9%2C1145%2C1145%2C436%2C-9%2C460%2C-9&adys=551%2C-9%2C1672%2C1734%2C0%2C-9%2C2287%2C-9&adks=375948347%2C776567965%2C91974798%2C2250346662%2C1986035644%2C3310605779%2C2234984028%2C3821501628&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0%7C0x-1%7C300x0%7C300x0%7C1600x90%7C0x-1%7C909x0%7C0x-1&msz=300x0%7C0x-1%7C300x0%7C300x0%7C728x90%7C0x-1%7C300x0%7C0x-1&ga_vid=502078607.1638771086&ga_sid=1638771086&ga_hid=1196089208&ga_fc=true&fws=4%2C2%2C4%2C4%2C4%2C2%2C4%2C2&ohw=1600%2C0%2C1600%2C1600%2C1600%2C0%2C950%2C0&btvi=0%7C-1%7C1%7C2%7C0%7C-1%7C3%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

23cbee5eb8e6c0d5df3f97a74eb8a755b55dd68ded0e53918e443cbefc92b09f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35515
x-xss-protection: 0
google-lineitem-id: 5587288485,5587421721,5835259361,5826764298,5796972437,4373423010,5796972437,5437597430
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336770121,138337173436,138371269602,138370168109,138364920383,138224497700,138364920377,138318881194
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7ADC 6 KB
4 KB 126ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 06 Dec 2021 06:11:26 GMT
expires: Tue, 06 Dec 2022 06:11:26 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C366 595 KB
193 KB 68ms
30ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Sat, 04 Dec 2021 12:42:07 GMT
expires: Sun, 04 Dec 2022 12:42:07 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 149359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame F7BF 44 KB
17 KB 114ms
42ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A68C 595 KB
193 KB 43ms
32ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Sat, 04 Dec 2021 12:42:07 GMT
expires: Sun, 04 Dec 2022 12:42:07 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 149359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CF1C 595 KB
193 KB 49ms
49ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Sat, 04 Dec 2021 12:42:07 GMT
expires: Sun, 04 Dec 2022 12:42:07 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 149359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 38ms
37ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1196089208&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html&ul=en-us&de=UTF-8&dt=Pegasus%20spyware%20used%20to%20hack%20US%20diplomats%20working%20abroad%20%7C%20Stars%20and%20Stripes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1872820340&gjid=806117988&cid=502078607.1638771086&tid=UA-714126-1&_gid=1855488334.1638771086&_r=1&gtm=2ouc10&z=273204469

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1293 0
0 54ms
54ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvz6A-lS_t7XACLeEgZl4S3j5D6Qy-Nlo-t_ChE3XiZRZX9Z4uRoRMeBOpOKWA1ruIkGBzmKo_X1xeql26HJ2qcBQ9xPVNV5NyoP3Hej_tYCfclKL8y0RZO3fuDlgjhaAshGywA0jvRFCm00nUy7wB8VtF4oeww9hUXr8dhXAupG9qVzRd9hzQhfR4Y2CDWKWSW793z8zx1DEsep87InhyiWQoDDV-qUooBbe4xvkjHfN6ASboyGXIobOiM4-fLzaqRI0Q9aBNm3x4Wjnowxp0gl-95FPfgGv5RHkyEdhdDTB43x0zqkU-XbS1MAxvKlDqj2w&sig=Cg0ArKJSzBs_zAB6WIc1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 1293 19 KB
8 KB 72ms
32ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 05:39:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 1293 2 KB
1 KB 71ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 05:22:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1293 119 KB
36 KB 87ms
48ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1293 0
0 109ms
37ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOyxY_bNzMLSGi9emymdYuft3gwimZiwRcT3B5AzOPF8QPjY-vsvSd2mqHqC8kQsyySpOY6WwAN9hqD5Dsw-hpUVMCOQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 12354279551780395187
tpc.googlesyndication.com/simgad/ Frame 1293 158 KB
158 KB 75ms
37ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12354279551780395187

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c76e7eb528d38273c0486eec3b76a32a2d8e5c268cd0b49c3f88fea7febadba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 06:06:21 GMT
x-content-type-options: nosniff
age: 432305
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162040
x-xss-protection: 0
last-modified: Wed, 13 Jan 2021 18:53:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 06:06:21 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 28 KB
11 KB 204ms
204ms Fetch
text/html 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=166574&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&icr_url=&va=0&time=1638771086401&up=pc&bn=chrome&bv=96&widget_width=950&style_id=0

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

b50eae43849339bf88a263ee04be7bcab8bbe170d2b81edc69bf44473cda0f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 11378

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 091B 9 KB
3 KB 34ms
33ms Stylesheet
text/css 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:10:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 39
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 9oq56ZYBFodQkTqkIzH3nS4taKXlwuLmLaZ0H0_Mj3DtLhcIC1zI8w==

GET
H/1.1 200
OK banner.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 091B 1005 B
929 B 67ms
32ms Stylesheet
text/css 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/banner.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: JW828o4H0htoqnsO7efGAagQCeQ5Cis2ZeNMpKme3skizJP3tI-kdw==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame A770 9 KB
3 KB 89ms
33ms Stylesheet
text/css 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:10:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 39
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 1rDbmeSP6QAaPN-O7iDe3Nq2BwamyyCDuRf7tK9H7oH-1xYmsRJTiQ==

GET
H/1.1 200
OK layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame A770 1 KB
964 B 92ms
32ms Stylesheet
text/css 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/layout-2.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:10:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 96
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: ROBLjETqb8FA_rattDwX_NXi2TZUXU5NVB3xf0qu0URXpk0RYxdzEQ==

GET
H/1.1 200
OK modal.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 3 KB
1 KB 92ms
32ms Stylesheet
text/css 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/modal.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc2fb6603f1299fb85244d8a40ec6fbf764d3a7cf74e50e6b66e2df487ace61

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:10:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
Age: 63
ETag: W/"4cb20646e6160144096c6e61f322a18b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: ZVjR31Q-DllnCmirJUSBnf4rVZVsnsOIxhYbEpCN4EMN8Gf9V9MF6Q==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0330 232 B
448 B 177ms
130ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=235e3d3dabc33f47af0d53ca723200b972622b8f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.stripes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 06:11:26 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 8d688cf729ffbf26695349031e943fbe802ce0e308348057d923779f18308fa9
content-length: 166

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D799 37 KB
13 KB 32ms
31ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 06 Dec 2021 06:45:53 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E036 37 KB
13 KB 32ms
31ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 06 Dec 2021 06:45:53 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F745 37 KB
13 KB 31ms
31ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 06 Dec 2021 06:45:53 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
445 B 79ms
26ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-714126-1&cid=502078607.1638771086&jid=1872820340&gjid=806117988&_gid=1855488334.1638771086&_u=YADAAUAAAAAAAC~&z=564857852

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Dec 2021 06:11:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 94ms
27ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1415
date: Mon, 06 Dec 2021 06:11:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F47F 0
0 55ms
54ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1qn3tE6pyLtq4-F66ov3aYNj6ZCuoCyPgc-iZKq6EYtM0yFDeoo7GYwyfkyEZ8WrFqWRkj-Nir3ugaF15gOVhIBc9iMIhbcOYtD3u2Ywhp4DhAHxhtYWAKwvG3VBNdY4lGqfIitc7tGSCvfWEMbThi_Q3sjbG2m0gIjSKh2RY8ns2lrSMZkc-ZQQ7y4I0gUs-EjrcEx_w8DqfrE8wv8nzaMaWTJi_lG6GDv9VT8MXZlTE7ZTswNtv_vjjWO2CbwroUf16zWqgF4D4RCM5fQVHtq-QgR9Cmnfxg4KPKcHuyR5OGMFQLjUCskdvxV4nIDLM&sig=Cg0ArKJSzNEGgqwgCpxFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame F47F 19 KB
8 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 05:39:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame F47F 2 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 05:22:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F47F 119 KB
36 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F47F 0
0 79ms
38ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMDdr9tYBH647SOrbq5XBbe1SWCXeIyis3BcYdM09VSi4XJaaIfGXDaHvU-9DhaxqorX1w4VRl-dSV5W9ok-WWMGtigg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 18022631012611960814
tpc.googlesyndication.com/simgad/ Frame F47F 171 KB
171 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18022631012611960814

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9faf12545ac33b8f9993f35aed9dd365dcf005e984c69a248f492602e9f62a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:09:28 GMT
x-content-type-options: nosniff
age: 435718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 175090
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 20:46:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 05:09:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 18FC 0
0 54ms
54ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkq4OV4PEo3ykeR3bi6a0Q9YpFU49Jwhyh7u8MmwtMNxfj7lohf3hZtKgXKpYvNTM-O-pQIBKoAclY82Ho_Dk1-sNcxFgle58AmOCLU2fW0J_9WHapdTeFiLJQesncNJeyVBmKoZjkCGNM_F0sAUBlf9NY0-xVz8hZ3_F5hfow9FbRwWi-5B6fc-YIvu-HQ3JCw8xpPVqrYLFcdV5DX73drnbQABNezyM3qoaHtqJvR3FtkavrrTUbxH_DP5KOGzYAvLT4IlieBcv8Bo32h8KKDncxbbVGE132eW7WLrbbwgTfUSS3v-zqLvHMEMVgFv6diQ&sig=Cg0ArKJSzONIW7vtXI1IEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 18FC 19 KB
8 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 05:39:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 18FC 2 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 05:22:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18FC 119 KB
36 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 18FC 0
0 72ms
38ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTa3xa8jYFuXTuStcW2IMFz4PhMsiobVqmSTEdWHvv_kBjl8kqjIg_I87USOk6se5z760hsNNNMjGIblMg5lKp3jI8rXA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 3013373380802672623
tpc.googlesyndication.com/simgad/ Frame 18FC 34 KB
34 KB 35ms
34ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3013373380802672623

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52da00e00181b5732e82addceccf2fbc327a44aa5b38181e41d3613adaa055ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:01:16 GMT
x-content-type-options: nosniff
age: 263410
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34667
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 14:30:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Dec 2022 05:01:16 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 174ms
71ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=7f3163c0-7077-4736-95f2-9bbaefa50871&pageId=0&pid=48484&debug_metadata=1tHQRDK7H3&fv=923&ts=1638771086638&f=1&referer=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 182ms
79ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=7f3163c0-7077-4736-95f2-9bbaefa50871&pageId=0&pid=48484&slot=native&fv=923&ts=1638771086650&f=1&referer=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/0/ 534 B
569 B 167ms
79ms XHR
application/json 2.21.142.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/0/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&page=%7B%22id%22%3A0%2C%22placements%22%3A%5B%7B%22id%22%3A48484%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A950%2C%22height%22%3A534%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=7f3163c0-7077-4736-95f2-9bbaefa50871&formatVersion=923&env=js-web&netBw=9&ttfb=1371
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js?20211266
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.142.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4d0de74e81698b47a6775351787fbf12792561b48170d526f13b4100d93473ea

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.stripes.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 362
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
H3 200 container.html Show response
e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9592 6 KB
3 KB 69ms
31ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 06 Dec 2021 06:11:26 GMT
expires: Tue, 06 Dec 2022 06:11:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C79B 6 KB
3 KB 65ms
32ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 06 Dec 2021 06:11:26 GMT
expires: Tue, 06 Dec 2022 06:11:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 info.json Show response
www.reddit.com/api/ 144 B
693 B 191ms
128ms Script
application/javascript 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&jsonp=_ate.cbs.rcb_jaim0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

0f6a1735714948f43128944caf8fddc41f64f1ab93c7554d9a934e8b36544c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ratelimit-used: 1
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 144
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
x-clacks-overhead: GNU Terry Pratchett
server: snooserv
x-frame-options: SAMEORIGIN
date: Mon, 06 Dec 2021 06:11:26 GMT
x-ratelimit-remaining: 299
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ratelimit-reset: 514
accept-ranges: bytes
expires: -1

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
325 B 290ms
275ms XHR
application/json 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html#.ya1xdqc-mdo.twitter
last-modified: Mon, 06 Dec 2021 06:00:00 GMT
server: nginx/1.15.8
date: Mon, 06 Dec 2021 06:11:26 GMT
content-type: application/json
access-control-allow-origin: https://www.stripes.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 169 B
388 B 174ms
109ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&callback=window._ate.cbs.rcb_db0b0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3378148320dbcf88a247e947cee3fbd6ca80cc23b6c0df0a2f911428e8b80287

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 4
accept-ranges: none
x-pinterest-rid: 3740051476134540
expires: Mon, 06 Dec 2021 06:26:26 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
352 B 187ms
185ms Script
application/json 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&callback=_ate.cbs.rcb_a5dv0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6f38da290ae619a775fe2178fe3e0f9fd4198feacdacdc8f29be7a6ea3f02c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html#.ya1xdqc-mdo.twitter
last-modified: Mon, 06 Dec 2021 06:11:26 GMT
server: nginx/1.15.8
date: Mon, 06 Dec 2021 06:11:26 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 info.json Show response
www.reddit.com/api/ 144 B
261 B 139ms
137ms Script
application/javascript 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&jsonp=_ate.cbs.rcb_76f50

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

1ec3e285adf8b84cf4a4dae295c4b462cf599bfaee29f946e4c3c8e173e9235c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ratelimit-used: 2
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 144
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
x-clacks-overhead: GNU Terry Pratchett
server: snooserv
x-frame-options: SAMEORIGIN
date: Mon, 06 Dec 2021 06:11:26 GMT
x-ratelimit-remaining: 298
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ratelimit-reset: 514
accept-ranges: bytes
expires: -1

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 167 B
223 B 102ms
101ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&callback=window._ate.cbs.rcb_pms0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

09ee99cd71f0cb978b27ebb029dbb74ed3176b9b721e50b75669852a8ab8e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 3
accept-ranges: none
x-pinterest-rid: 8100808527603966
expires: Mon, 06 Dec 2021 06:26:26 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
352 B 188ms
187ms Script
application/json 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&callback=_ate.cbs.rcb_clco0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

c28a3278bc8de677e62d0e1a95ef15ab72e8de88e683cd76ff27fc82f26b4a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html#.ya1xdqc-mdo.twitter
last-modified: Mon, 06 Dec 2021 06:11:26 GMT
server: nginx/1.15.8
date: Mon, 06 Dec 2021 06:11:26 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 / Show response
api-location-prd.pelcro.com/ 349 B
753 B 319ms
319ms XHR
application/json 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: /
Resource Hash: c72466ecdd5f2dcb3b76e7350d19ff0b2e5c0b11586591538b9e90c059cb92e2

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.stripes.com/
X-Pelcro-Sdk-Version: 2.5.6
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 3ba4c3c7-fd4f-404f-bc20-728ef644e0d4
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61ada98e-1118090b581f481545fb678d;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: J6duXEPBIAMFfzA=
content-length: 349
x-amz-cf-id: ts5TkvC-4Q-7Pjx0btpX_Xl2hCQNKtaQeIAzLftGXjf_i0ejv8IPrA==

OPTIONS
H2 200 /
api-location-prd.pelcro.com/ Frame 0
0 219ms
126ms Preflight
application/json 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 06 Dec 2021 06:11:26 GMT
x-amzn-requestid: b69b2116-ad3f-4518-95be-4f342931bb4c
access-control-allow-origin: *
allow: GET
access-control-allow-headers: Authorization, Cache-Control, X-Pelcro-Sdk-Version
x-amz-apigw-id: J6duUGIloAMF8EA=
access-control-allow-methods: GET
x-cache: Miss from cloudfront
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: F1HV0FKsy-yZcB1DiRD2cetTtCzREYSnzgKHJY62DODpE9CNo7o7CA==

GET
H3 200 css2
fonts.googleapis.com/ Frame 6A88 2 KB
465 B 79ms
41ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/trinity-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 06:11:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 06:11:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 06:11:26 GMT

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 6A88 0
0 33ms
32ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 06:11:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 6A88 0
0 32ms
32ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 06:11:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-714126-1&cid=502078607.1638771086&jid=1872820340&_u=YADAAUAAAAAAAC~&z=940682024

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 125ms
41ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-714126-1&cid=502078607.1638771086&jid=1872820340&_u=YADAAUAAAAAAAC~&z=940682024

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1293 0
0 93ms
54ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAFUjKkHBWY52WimzVmaN8ECqBdewgXlFFVk-PHpSgEoiIE44fxm7ba_vkxBaCZYzVakHDDPN_Njtc_OC_u_x-tGEq3iFPoapoUb9NMBkuvR3vA88GupiEl-jLGqPy8pot7yx0LrSkUVwl1UALzBpipcDJ9GpzSbbAFT_dAO1fKPiVvCE904-UUuoNVm3uF-l-skQq4D9cjn581Iv8dMxDMNIkU2JQXT186S_KHForb6FyhB00LupcyrEswxraDn2u0ZVFW4glSYR0okNPAcc7KsfbdZ5IlI7NvGGK1FDkBKb1ylA2-ki13VJeMTM1M6soIKc6&sig=Cg0ArKJSzElGQkIHldMDEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
DATA 200
OK truncated
/ Frame 1293 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a42d598fd677bfe3f3116c10569ff348b4787f27da4e12caff4d3fe008c4fbaa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 105 KB
33 KB 38ms
38ms Script
application/javascript 2600:9000:2156:600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5024c8562f3a22835ff37215291695e61389d804a4e2ca943eece13960daeca

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: GT7I8D0R3oQufoOiLgwsbuUzlEWb3JHV
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 08:42:49 GMT
server: AmazonS3
age: 22363
etag: W/"2f50e5f43fca3ba6efc6a53a514d50c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
date: Sun, 05 Dec 2021 23:58:44 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: v2r6uxSji96l4nHXWr6yVigdGKSpnee-_rk2s5VOBX9yEU4GZeJVWg==

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 97ms
34ms Fetch 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.stripes.com
date: Mon, 06 Dec 2021 06:11:26 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 42 KB
12 KB 25ms
25ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53f40153ce96daae594e7a554e3f335b042f970385e7b6749aabb25e221bf69b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:48 GMT
server: AmazonS3
x-amz-request-id: AETFCZBYK6SGNVKK
etag: "c752e29512ede679e40d7b08481f87f5"
x-hw: 1638771086.cds030.lo4.hn,1638771086.cds004.lo4.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 11866
x-amz-id-2: TP0W3v5hrrCcITcCbOY+EDWKEn/zHa01mDlgvaBaqEB0m73XPG8L1V8uFLXTmXMNtRttbvYGLT0=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 16 KB
6 KB 25ms
24ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e5d4a249423ce6b1d1f789ebf8c5f52ae355415bdea128b80ed0d000b472c1a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:45 GMT
server: AmazonS3
x-amz-request-id: AET1FFHJS07GN722
etag: "b1e06faa922f856668877f1429abca7a"
x-hw: 1638771086.cds030.lo4.hn,1638771086.cds280.lo4.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 6205
x-amz-id-2: ohNeOb7asgZ12e4lkgE47rvbp9d5Jpd/92hY//VA6v9ey2BtcoL0d7bxMiF/r7GKiSVGk19Nhd8=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 23ms
23ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce0d8180e796390eaba89c213059ee270e6bc67fdc219cf1ff67953b0723649a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:48 GMT
server: AmazonS3
x-amz-request-id: AETEFQX5YR4B8TZA
etag: "77359485ce587b0f07cbe070fcc63578"
x-hw: 1638771086.cds030.lo4.hn,1638771086.cds039.lo4.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 1641
x-amz-id-2: uOYXlptDUw4Z1PiheJfnewjWQnYOTOUyUpywWKHTzUhXuSrLixh3zdSF+2oOenMkphiItE+d1Bw=

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 6A88 47 KB
47 KB 73ms
35ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trinitymedia.ai
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:26:13 GMT
x-content-type-options: nosniff
age: 233113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:26:13 GMT

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 6A88 47 KB
47 KB 67ms
31ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trinitymedia.ai
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:26:13 GMT
x-content-type-options: nosniff
age: 233113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:26:13 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F47F 0
0 54ms
53ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbJvHhXaE3UDDV3Dorh99retxV6xZnU2ODJDBuEGi61haT4vRGP_83C74VJ-s4KRsQ8sR5SCwarJv8YKpKpKiCnKBeT8STXrM8V1txXLujWt9zm3lDcq_IfzoYgUIk_fCGwuMffHuQH0aij18BjmE40fBi2DPCOi9Xhip8ashV9d02cOMZfN2-lxA7QbWTfqyCf5P93OPoojv1AQJG7rg50IHUrlXDWDZL6fmoTTKjMTeWM_0wrG68bF9xv4kP1p8nHwlNd8t7s-g7p5nsejmt0KY0p0qjUDilGCCfPG0kofd_L6lTkeUv3UJtBWTnbtY1g5E&sig=Cg0ArKJSzIZgKsAk6ihBEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
DATA 200
OK truncated
/ Frame F47F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 585ffcb241bbfefd7a9577c7f2183e8304e719ffa1b0efbf3bda766cc28b6c60

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 18FC 0
0 53ms
52ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIM4GzAMsHFMwp_XoqOYZZKWPK0AiMtFGg1NX_JkSHekYzK0ase_BV1MVwjdceheISTH-Re9vQa3k56cQtws58cbAgI-GoBwogon7p5LuajBIuR120wldJUUePxBjzXz_Kt9c7xJSC3iWnaJL2OV8sIPfcY_jB_fX0TKTTEiH1lrt5FHucAHRWKS-ktFlURFDjJx2lf4ol8s00JZ-X3TQ77SZX9Ll9nhJirlmQUPLqtLOW_3LnyIWlr9mb27LpwkPyCvWYgZVfgSDrQKBViaFlXoRAOLlLt94bBdhNBkqSEYTRnNaGDiQPMTJXTzFLqrs7PsD5&sig=Cg0ArKJSzHu8ORWAGPIIEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
DATA 200
OK truncated
/ Frame 18FC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28355ad0e17eef2c99ced04ca49ad44f3aeb50a16324e6827060b3dd1242ba95

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 6A88 0
0 33ms
33ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211202_676b4623a6e6f73ee802239c3c4c24236668d2d8/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 06:11:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9592 22 KB
7 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
URL: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 9592 9 KB
4 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
URL: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 06 Dec 2021 07:06:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9592 119 KB
36 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
URL: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C79B 22 KB
7 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
URL: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame C79B 9 KB
4 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
URL: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 06 Dec 2021 07:06:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C79B 119 KB
36 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
URL: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 86ms
21ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
last-modified: Wed, 01 Dec 2021 16:11:10 GMT
etag: "1638375070"
x-hw: 1638771087.cds001.lo4.hn,1638771087.cds256.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=10826
accept-ranges: bytes
content-length: 4298

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/a061a13b-410d-4c16-a77a-13198232388c/1/desktop/generate/ Frame 0
0 181ms
181ms Preflight 2600:9000:2156:2e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/a061a13b-410d-4c16-a77a-13198232388c/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&eu=&country=GB&hour=6&amp=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:2e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rr2jUU4Ki1176CQfSIqErnDO4I4aoUXNlI6V40chuzIGYC31W2E3_w==

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/a061a13b-410d-4c16-a77a-13198232388c/1/desktop/generate/ 1 KB
2 KB 178ms
177ms XHR
text/plain 2600:9000:2156:2e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:2e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e03d8a32efb91836728a13084ae4ee78473f966d254bcf5d21a9dbd58aa54f5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 0
access-control-allow-origin: https://www.stripes.com
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: zk5_QjV5v2uIryppNSO-75tInKENP37iPMbqtUJ-oTkWj-R5YrjUWQ==

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 593ms
189ms Ping
text/plain 52.88.197.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.197.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-197-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9592 0
0 54ms
54ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuP5UnvKrL9GTEzP4clUAgHz0siTKTIU8e2iJZkD5XehpJZ1cDrMXfrs-hevLlg6nq1KVobes4Z6JeqHZaqynmB0z8RpH43lVGC0IbVU0fbxbEG0g0yhpr-IObSKzv_zNxOpPRtss544It8tN7WjUDKpZP2AfTUCVG6K1AXAWqRmaAkUllbojgrM7mTy8t-QX1Du8XjZGrnmE0tl7GfOJgGiYB4HxSUH4j0K3R5-4jWg25SaDImCwfZDdJU6X3OdwxMoA9DlBb8Q3J8WQrxY3yTA5V_XRz8dENrO4dE-qZizem7wEd6Rz0yZWtvj3ZRcncAUWa&sig=Cg0ArKJSzNfwPwMO1x_JEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
URL: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 9592 41 KB
17 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 09:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 09:06:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C79B 0
0 55ms
55ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT78G3mlpfwhzGoVbrDw2DBJlIJy2zKEzoJWnC-apyIEuQGKGpoEDgOEmK0Gf0MJ9ElxzJAqa6wa0nPjSM1B_-s5Y4qNYqHu50u59_TZ5C_1GaHIAsCTBeWjzRRS9_XWSJuc-21Ezl0YmFPpyN7oojuyphBLhBMgJYole5FB1xGXh5BITExM4n-2axU83Of-XrmrlmmIHJN3q05wkazSA1GBjq6Vx2RB_N0ZPg9I2mF-5pVPgrbcoPHhVWjljdUpVxGFaZhbxJKJLsxhbKLK0qEGsa_EVLctO2SGg9wBlRY5DOFCjTP3e_lE__BUQ2HR8&sig=Cg0ArKJSzHFwJ_7EOkP_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
URL: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame C79B 41 KB
17 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 09:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 09:06:19 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/membership/v1/ 627 KB
132 KB 34ms
34ms Script
text/javascript 2600:9000:2156:8c00:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/membership/v1/main.min.js
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8c00:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bba83db30e7719c593bb4546227f24de4a2532f42e90be0b7a8175987e4c92b3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:51:06 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:35:41 GMT
server: AmazonS3
age: 1222
etag: "d62f0d2ae878bebdf3811f4b656f6426"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 134472
x-amz-cf-id: 6dY3DBXMBhzhqu0joA0LtEe0HbKNwo5JqXYkm6vRntXcr0GNHfHrEw==

GET
H2 200 d64409a88bf2515b34e23bcb3b8d1297.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
11 KB 91ms
34ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/d64409a88bf2515b34e23bcb3b8d1297.png

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3202a391ae90475f701a4be7dcc1ee847b2f063182e787235eabcdf4f7fe12e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:42:03 GMT
server: Cloudinary
etag: "876d0389e9a723dcbf91d7d044d1be66"
strict-transport-security: max-age=604800
x-hw: 1638771087.cds012.lo4.hn,1638771087.cds061.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=120;cpu=1;start=2021-11-11T17:51:53.693Z;desc=miss,rtt;dur=0,cloudinary;dur=39;start=2021-11-11T17:51:53.730Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 11332

GET
H2 200 f6114e616082a86e34e2d807072fbb8e.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 13 KB
13 KB 87ms
34ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/f6114e616082a86e34e2d807072fbb8e.jpeg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7434bafc7e74edc25e9c841e69240ec425cfeff1681de4d7cecc9f1d99c3747c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:12 GMT
server: Cloudinary
etag: "2720816b4617a0e459e39fe4ea50013a"
strict-transport-security: max-age=604800
x-hw: 1638771087.cds012.lo4.hn,1638771087.cds224.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-12-04T03:54:20.156Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 13387

GET
H2 200 618f057e177dd2-72243311.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 10 KB
11 KB 105ms
54ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/618f057e177dd2-72243311.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

368e4f21464d4b2d66588527d35913317a9d88e542474eced7273b70ff27a54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Nov 2021 21:03:30 GMT
server: Cloudinary
etag: "6af99ab69059db7c3817d3461d72b5ae"
strict-transport-security: max-age=604800
x-hw: 1638771087.cds012.lo4.hn,1638771087.cds288.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-11-16T11:43:48.034Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 10633

GET
H2 200 b118660d091fc36027f1a3de4d87c3c9.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 13 KB
13 KB 108ms
59ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/b118660d091fc36027f1a3de4d87c3c9.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d57548726a25fa0f0f76ed4ab597fce90ac91d6c6968bffd2f1b703efa3a161a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=586;cpu=0;start=2021-11-11T17:39:13.149Z;desc=miss,rtt;dur=1,cloudinary;dur=506;start=2021-11-11T17:39:13.188Z,cld-id;desc=ffd5f55b681d2cfc742a6097814c3f25
content-length: 13127
x-request-id: ffd5f55b681d2cfc742a6097814c3f25
last-modified: Mon, 12 Oct 2020 18:14:05 GMT
server: Cloudinary
etag: "6a98df594f9119d7d93f8e10ea601a8f"
strict-transport-security: max-age=604800
x-hw: 1638771087.cds012.lo4.hn,1638771087.cds085.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 f20f812b9f872161596c3eccdc7435cf.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
11 KB 106ms
59ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/f20f812b9f872161596c3eccdc7435cf.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5b03169fe8813321962663c79c8038763f0e7e73e3f1ddabc3334ac58877c0ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=3;cpu=1;start=2021-11-11T20:22:21.562Z;desc=hit,rtt;dur=0
content-length: 10832
x-request-id: 531c39e42c3ae792022a1e4c2b81a1c8
last-modified: Mon, 20 Sep 2021 17:41:44 GMT
server: Cloudinary
etag: "aa8a0f8b034e5c0e952b4821a5672266"
strict-transport-security: max-age=604800
x-hw: 1638771087.cds012.lo4.hn,1638771087.cds270.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5f3d5464370b83-43813815.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 115ms
70ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/5f3d5464370b83-43813815.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d4371cd54f95df78413d69b3669f541f0303fd08f5d3cd91b900cac912b77be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 16:33:33 GMT
server: Cloudinary
etag: "e8ae8d0f3f148ec73cd737c52a49bf96"
strict-transport-security: max-age=604800
x-hw: 1638771087.cds012.lo4.hn,1638771087.cds032.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-11-22T16:36:43.351Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 7787

GET
H2 200 B10124636.264547993;dc_ver=81.236;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2189986252;ord=czfn16;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvzA568FEWWHZTl-y96QBIR8fZrn... Show response
ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/ Frame 9592 41 KB
20 KB 160ms
87ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264547993;dc_ver=81.236;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2189986252;ord=czfn16;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvzA568FEWWHZTl-y96QBIR8fZrns0B8WNd1obBs9qvP0WuCElQ5VpOCrPDvZ1tAQoXVXFX6qcnMnGJpHRtdU7Z2xhqkds_o0cc4AvEznKLCludvHuQF2prePPWSOOH4RW25gJ26_5lahBdG0zSJjjY-9TfpMxdw2IWJNm4_B-fguaqV0h95n9bmBCf4LC1KOeC8NPKJVPGYUL5SJkWv8BS_RlJ5m0C7lpsu7sqgyov7wUdxWNwqC6w2yl127ErfQqMafncEdhypne9wYjSoxLsP7RMjXmuQ_6qc_ZpNzKlufC6m7b6pt4ZmXAz6MVGJo2R%26sig%3DCg0ArKJSzDHYxpkdRlxaEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=oSnv3Jj7y(;sttr=64;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

420c56b4f7cab54c237b047f3361c1ce47cab4bb845afe749075fbc256fbff66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20756
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B10124636.264578310;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1307176738;ord=d866bm;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstOALOAuUNCuPgvvH8dTq5j_oVm... Show response
ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/ Frame C79B 41 KB
21 KB 137ms
67ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264578310;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1307176738;ord=d866bm;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstOALOAuUNCuPgvvH8dTq5j_oVmKnmnY87MvO7mNO8neG2px0La_wUF3oEfoKfGgRt-sGFLIepWBEI0PW8-8dUOnNSpFxFMSzk3obI1MKnQA63QfPeu34-8_hHuWGr18-FB22PFS9kfBT6ofc1D6eM79TmXvHzSap6XuwUNu0HFNd11aFiCzeQPsTX9Pqae08bJRB-PKiZOzDafFYMV938aK0ldA5fsSJj4IxQcEA2FJ0lzvHgdObLzGUG0_cUlL2zZeRbAQjXWpSbqie5zdyCVGqW2Pf1Xoz6ewR3Ebz_nivg0Jl5QwEKSFTta6Wg%26sig%3DCg0ArKJSzLct6S3zAq1vEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=oSnv3Jj7y(;sttr=66;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

489eee4990ef1237c2d085d43b123c09221f91d6b6260aa2201cd0f54bdc0f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20685
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 268 KB
65 KB 244ms
19ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3ed1f78a1ee89c913a730637376afbd17148beec7eca98ed43e46713bb585898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 22
x-cache: HIT
content-length: 65769
etag: "da8eae94c6390a2e9b43e620a7d73207"
x-request-id: cca31a5f-0f7e-48c3-9a9c-a57699134d5b
x-served-by: cache-lcy19249-LCY
access-control-allow-origin: *
last-modified: Fri, 03 Dec 2021 23:13:39 GMT
server: Fastly
date: Mon, 06 Dec 2021 06:11:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/ui/plugin/membership/v1/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4220
date: Mon, 06 Dec 2021 05:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Dec 2021 07:01:07 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 31ms
31ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 06 Dec 2021 06:48:28 GMT

GET
H2 200 2.video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 28 KB
9 KB 31ms
31ms Script
application/javascript 2600:9000:2156:600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/2.video-loader2.1-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1482386e18d9fcf975374afc941b1474ce955d3c54c37e97a9c01d284b68ec9d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 22:02:35 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 08:42:48 GMT
server: AmazonS3
age: 29333
etag: W/"4337db5cb8f33c4840726c6a7829656a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: C8e.94spR.LU5zvFu.810RzSIRIDBnlc
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: OxjQBLBxbBt4JwxzJA9cOujPnUrKxutVbEXm76AMB0U70aO_S-npiA==

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 32ms
31ms Fetch 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.stripes.com
date: Mon, 06 Dec 2021 06:11:27 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 32ms
32ms Fetch 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.stripes.com
date: Mon, 06 Dec 2021 06:11:27 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame C79B 8 KB
3 KB 32ms
32ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264578310;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1307176738;ord=d866bm;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstOALOAuUNCuPgvvH8dTq5j_oVmKnmnY87MvO7mNO8neG2px0La_wUF3oEfoKfGgRt-sGFLIepWBEI0PW8-8dUOnNSpFxFMSzk3obI1MKnQA63QfPeu34-8_hHuWGr18-FB22PFS9kfBT6ofc1D6eM79TmXvHzSap6XuwUNu0HFNd11aFiCzeQPsTX9Pqae08bJRB-PKiZOzDafFYMV938aK0ldA5fsSJj4IxQcEA2FJ0lzvHgdObLzGUG0_cUlL2zZeRbAQjXWpSbqie5zdyCVGqW2Pf1Xoz6ewR3Ebz_nivg0Jl5QwEKSFTta6Wg%26sig%3DCg0ArKJSzLct6S3zAq1vEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=oSnv3Jj7y(;sttr=66;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 06:08:10 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C79B 0
524 B 113ms
41ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubC-29sNuDi-y-VTtbxpB3sM-eiA_HXYvVDyRtsthY8fJaZVWszbdo8Fe-iJCRgw1G3ZFrVsD7x0awNOKsPKA9TS7JHfG8qoy_tyMQrUeILcyhQs-1YQuAL9CEZQm88w7JUCNwRymVCtHQ4EVjZcPT&sig=Cg0ArKJSzMK5wLWUTvvnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211201.49841&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C79B 41 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 13:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 04 Dec 2022 13:40:09 GMT

GET
H3 200 TTR_Veterans_A-300x250.jpg
s0.2mdn.net/3967255/ Frame C79B 29 KB
29 KB 70ms
32ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3967255/TTR_Veterans_A-300x250.jpg

Requested by

Host: e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
URL: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

103a8848edf389902464b4995b6866378014c0cf4116a1247a0cb1586ecedef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 09:07:10 GMT
x-content-type-options: nosniff
age: 75857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29477
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 17:26:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Dec 2021 09:07:10 GMT

GET
DATA 200
OK truncated
/ Frame C79B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6601111fe9419c45ddae9cfc88a073ed7e0a0223c655682000e1637da0bcbc36

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 9592 8 KB
3 KB 31ms
31ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264547993;dc_ver=81.236;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2189986252;ord=czfn16;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvzA568FEWWHZTl-y96QBIR8fZrns0B8WNd1obBs9qvP0WuCElQ5VpOCrPDvZ1tAQoXVXFX6qcnMnGJpHRtdU7Z2xhqkds_o0cc4AvEznKLCludvHuQF2prePPWSOOH4RW25gJ26_5lahBdG0zSJjjY-9TfpMxdw2IWJNm4_B-fguaqV0h95n9bmBCf4LC1KOeC8NPKJVPGYUL5SJkWv8BS_RlJ5m0C7lpsu7sqgyov7wUdxWNwqC6w2yl127ErfQqMafncEdhypne9wYjSoxLsP7RMjXmuQ_6qc_ZpNzKlufC6m7b6pt4ZmXAz6MVGJo2R%26sig%3DCg0ArKJSzDHYxpkdRlxaEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=oSnv3Jj7y(;sttr=64;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 06:08:10 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9592 0
60 B 61ms
41ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIR29Qo0k8Hsv-ITfUCe4DXZl3Nx0kg0PPHz4HKKDGHRKPEgkAW6-RNc3qVge298UYzbD8i35SiiiG0j3W6cX4DfOGPfWsiYLc93dW9tBMsVGOIjM6OhwyRuY-ChaH8uVUq60uiXz4cGdczZZZsLgR&sig=Cg0ArKJSzPN7DshzcrWqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211201.86616&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9592 41 KB
15 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 13:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 04 Dec 2022 13:40:09 GMT

GET
H3 200 TTR_Dopest_A-728x90.jpg
s0.2mdn.net/3967255/ Frame 9592 24 KB
24 KB 34ms
34ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3967255/TTR_Dopest_A-728x90.jpg

Requested by

Host: e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
URL: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

167c0bf4f1ce2b335626492920ebf337c1abd0ac389d0265f7c6bfd01016d08e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 17:18:44 GMT
x-content-type-options: nosniff
age: 46363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24955
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 17:25:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Dec 2021 17:18:44 GMT

GET
DATA 200
OK truncated
/ Frame 9592 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5df8f41eaad006645791ebb83e9f1f3158c720749ef7f5958b177d124feec53d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
739 B 185ms
54ms Script
text/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/2.video-loader2.1-cr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 06:11:27 GMT
X-GUploader-UploadID: ABg5-UzuRsLKTUnE2j8TsFca2KTLvRt8NxnctG4I2-AHPJ54zUAh9bpPAQfezSx8RQX9PoHELvXaxJL-R91NukoaSB8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 06 Dec 2021 06:41:27 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C79B 0
23 B 80ms
41ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C79B 0
0 53ms
53ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDEsd3E8apW4aZ4trBa1R-I4JSq0e9qCfUvacA6X0VUviwe4CB4IrDmxV3b4outioQZ7ew_VFy5M6PxCcceRrC5IhdJjx32wWwRgNe0KnTx-iNH8N1a-VmRonqujn6S1MJiPX-c9HIufTANdqPX47gNMX-yTdnu_jhYNdC_RpH-Nv1Y43H8w66d7RrFKFn1u0S14RSuUyoU3MbBuJFJWoGsYbRAoNa0pJgoJk9LECqYBj8BU9sQTY9WVSaZjhypesUpHcB3av9nBe7nCbwk4ppxIymwdBzjikpc1ibDz_fgPrT-6Ivai2ftA7ZF7zZhUYo3Q&sig=Cg0ArKJSzEgsUeFyixe5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 06 Dec 2021 06:11:27 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9592 0
23 B 48ms
41ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9592 0
0 54ms
53ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQpR3syS4tbgz_H9rh6YnyxyZGkc_upgwENC3w_Fy5O_M8WwLyWuc7xeL4w9z3MGTY7Pyvj2WsX_OFlefdpBMTX561t5TPdbhvRMD7aVitY8wMF-zYgStWJqk2rlymzsskBoKmS-4TfBfFzPHrUZTekxudYUkgCKferihGFfIzKNO90yV-Qq2TxBSBhK9veaZTR4y7UNXCZREwSH73gLf3QC5x0OoGzwxJGnFtRqn4OkWAtu7p4L-TyK4jUQ42EU5wufY7nQ9gLeZ1T9VxYXPlLJ1p3LvSaaXeHG1iICr974Kgiz-1VLSbdfT2jZo-Wjy5_I1UFbI&sig=Cg0ArKJSzFXTIpQA4AkOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 06 Dec 2021 06:11:27 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CB7C 22 KB
8 KB 31ms
30ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 05 Dec 2021 13:10:52 GMT
expires: Mon, 05 Dec 2022 13:10:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 61235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E21E 22 KB
8 KB 31ms
30ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 05 Dec 2021 13:10:52 GMT
expires: Mon, 05 Dec 2022 13:10:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 61235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 avcplayer_2_73.js Show response
cdn.avantisvideo.com/js/ 266 KB
267 KB 34ms
34ms Script
application/javascript 2600:9000:2156:600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/avcplayer_2_73.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b4455f80bbefc4ce584b3f9866d5510cc64f918c075d963320b84a99040235

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: NuN.9nNuZfe8Z1lvjcJbDZ_PaEYTyneN
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 16:57:43 GMT
server: AmazonS3
age: 55248
etag: "df7a5e9e0c91119cb99942809c8453af"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 05 Dec 2021 14:50:56 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 272476
x-amz-cf-id: gtBdoO-4yo0FMXxE5rxkLaJpAcjP0KXZ1wDyrE8bHalA5x4IInrihg==

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame CB7C 35 KB
13 KB 32ms
31ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 17:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 17:28:18 GMT

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame E21E 35 KB
13 KB 32ms
32ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 17:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 17:28:18 GMT

GET
H2 200 ins.txt Show response
static.avantisvideo.com/data/ 5 KB
1 KB 31ms
31ms XHR
text/plain 2600:9000:2156:9800:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/ins.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9800:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73c5c079e730facbcbb0e099dae321c6dcaaa1076f51afa9899d7a745c13a0c8

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Dec 2021 06:36:22 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 08:57:16 GMT
server: AmazonS3
age: 84905
etag: W/"261a10093ee55fb7fde7cd260d7d9fcc"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nPOQI43vmQtAyZIFKZ11WATQ6vF2whtHVIckwLuKqD2mjeblP-_G0A==
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)

POST
H2 200 v2ggqS5Xfr8F-xIrz5t1qiYCZDOHhAGPzCqCeblXl3Qs1VzOfUKZVQNA60A2Nq-jgjULyEjInTcWyRzoDUQ Show response
unwieldyhealth.com/ 216 B
612 B 83ms
29ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://unwieldyhealth.com/v2ggqS5Xfr8F-xIrz5t1qiYCZDOHhAGPzCqCeblXl3Qs1VzOfUKZVQNA60A2Nq-jgjULyEjInTcWyRzoDUQ

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

8db3a9d83cae52ad594d7a6798378769e28b205fed2145a0785a9674017ad83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 06 Dec 2021 06:11:27 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: e00eae1c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Mon, 06 Dec 2021 06:11:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 44ms
43ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021113001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7b2f4aa693165e13ec89db89e9abd5d541180f8ec465501e9f2143520a5f16ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 06:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8541
x-xss-protection: 0

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame 20DF 240 B
516 B 19ms
19ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

last-modified: Wed, 27 Oct 2021 22:19:31 GMT
etag: "f7902241893e7a497417843cb15dc858"
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 06 Dec 2021 06:11:27 GMT
via: 1.1 varnish
age: 113
x-request-id: a14680fa-1ba7-43fe-977d-573809340e44
x-served-by: cache-lcy19249-LCY
x-cache: HIT
x-cache-hits: 41
vary: Accept-Encoding
timing-allow-origin: *
cache-control: max-age=60
content-length: 141

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 222ms
55ms Script
application/javascript 2a02:26f0:6c00::210:bb91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_73.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 06 Dec 2021 06:16:28 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 70C6 364 KB
103 KB 170ms
53ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvM8Pl4fiI-ZbcE4PithR_rK-MeKxMp4OZZWD18zge6GsrKnlRzIkUA_rXDfr4ERs0JdXwI9UMEjKdEOuvM17w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 104652
last-modified: Wed, 01 Dec 2021 06:59:43 GMT
server: UploadServer
etag: "c090f073758d1a9717d1a9aa2c037cb5"
vary: Accept-Encoding
x-goog-hash: crc32c=bxmpzg==, md5=wJDwc3WNGpcX0amqLAN8tQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1638341983568684
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 104652
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 06 Dec 2021 06:16:27 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 20DF 0
346 B 577ms
189ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 3
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1293 42 B
64 B 52ms
52ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssV5OrXs0_KWSsj-8F4jEExaMAQjHpcWoCyFUsA8V2UMVYuygRaqyqIgrImoC4Hei5up35b-BS6CvQ7LxBI5Hp0Qh3cTzcVlhgrUCMMHgHtILKs0EIF&sig=Cg0ArKJSzI0X8mpmD_qoEAE&id=lidar2&mcvt=1026&p=551,1145,1151,1445&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=375948347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638771086385&rpt=689&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
328 B 79ms
26ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
338 B 117ms
45ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0eb912949f3277d2e526215f4478e8f7e0ab227bf60a1ae52b4b048067a14f85

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache
x-server: 10.45.30.225
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
543 B 103ms
33ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: badf5ebd0cf9a1624cf8060b92dd47b229910c1eb6c892effe2b6a8485b966d4

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.stripes.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 05 Jan 2022 06:11:27 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 06 Dec 2021 06:11:27 GMT

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 20DF 1 KB
774 B 19ms
19ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 68
x-cache: HIT
content-length: 645
etag: "5213886b88cd72e6d0aebc89868e5d13"
x-request-id: 2d682262-63cd-4152-8d92-9b2ba89629ec
x-served-by: cache-lcy19249-LCY
access-control-allow-origin: *
last-modified: Mon, 25 Oct 2021 19:35:20 GMT
server: Fastly
date: Mon, 06 Dec 2021 06:11:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24

POST
H2 200 v2iini-jeJnKxtSzWeB1ZHvnCOMeYyGqW5ubvgkMleM-PIcro0lhhSxM7qxYrs1efIJSsj3Fon8I_4tVtsg Show response
unwieldyhealth.com/ 3 B
36 B 45ms
45ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://unwieldyhealth.com/v2iini-jeJnKxtSzWeB1ZHvnCOMeYyGqW5ubvgkMleM-PIcro0lhhSxM7qxYrs1efIJSsj3Fon8I_4tVtsg

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 06 Dec 2021 06:11:27 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-hostname: e00eae1c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 4B7B 932 B
2 KB 120ms
32ms Document
text/html 2600:9000:2156:d000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:d000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date: Mon, 06 Dec 2021 06:10:22 GMT
cache-control: max-age=300, public
etag: "f6254e6dd0cb06228801a1c8baf0939f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: yDZZhXR-O9taIc_lVnN3sN0QBdD68IAf55MCox4uJgi6eb-V1uC-aw==
age: 69

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8EA7 13 KB
5 KB 31ms
30ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 06 Dec 2021 03:49:22 GMT
expires: Tue, 06 Dec 2022 03:49:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9DAA 783 B
534 B 42ms
42ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13169fe0d5ef4cc70ba22a993ee2e13b96fa7207d00fa3043df41fd8d101452a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ISjHMrsNEXAOyaj1KwEY9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 06 Dec 2021 06:11:27 GMT
date: Mon, 06 Dec 2021 06:11:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ISjHMrsNEXAOyaj1KwEY9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9DAA 0
0 84ms
84ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021113001&jk=350202993357161&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 8EA7 35 KB
13 KB 31ms
31ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 17:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 17:28:18 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB7C 0
20 B 55ms
54ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfoVoj6mtYYi8FYik3gPX46KICwAAAAA4AeAEAg&bg=!v7ylvPjNAAaQHwIOkB87ACkAdvg8WjY0Bok9WzXChHGpId0mEbMJQGovMXXbp7WV1GcCbBnK71h0dwIAAAE1UgAAABFoAQeZAwwIHAidMKQqTKkYXvQakfUTtjN4gO4ubvXsOICHz0fWHRRLG1hg-xhSNzmQFXf_f4Oyjyu-F_bwoThGyziuV6pSqvNOi5o-rYAh5SMYDiwDXhCy-hwpQGKneDaJjkGrrOEaY1Fo2pcOTIiE2-RyNz8gRQ9ogHovNVqwnkIENei6Rz17CA5xGuD3tjbk5vV5Pid3LSvKprgSwjcPQUjpwX66D-hfGRCkaCI4AqlsXCUC95qveQZv_5CZugNJlxkAt7EgV6iaej64GkIdLCtypUtRrs835AE_BudqAF-IthZa3QQ5AJY7eQkqx-Sid_8i-lPcPnWB4BtsDoBhTA2dS2wU_jwHEJiTaYIrhnLt6uN-t88AOQkW7cK_g1Lf3HT0YCaVDpxUwVxBNiYYt-Z_2dKFamMlvkSwrFxvt9TdYCdg5hZwF-GkB_Vye12QTAjAixHidcRSVbYTfWT6CmB13TFGteVqihLbXweA7tVSKom8k77RQy_gSaZjAElXjPoV2MBtG4wap7s7uGzMcejjK7Is_SEPsdgAnkwCCiJwpdsHiDbXN1f1z0TjfG7IFLXq7eLE3YJKTRni-CfnibtFSdhrq-YtKHHYQtOGRXJYX7siG5XelKb8eY7RgOf0L_I6DEaZRLopQ0gA-scP4oc9ynTY-blSdazgQeVHd9Vt5qDn5ywdOM_gEqKxx-rFcIkW59J9aqJ8VUciEr1cLaXz2PaQWSADZR0tejTWQwwmtA8ofMfMhSvC5QAWtrCeB2OnzU8ohf5b7Q7gvizCgp06ovBuWaNgdpLFd3gmafY086sh5YiD7UKmlYx7qt81cUyFKrIj3S-gXpzFAV3UW3rWbITOXGpg20epc9grwr_QKqXu7vNgGOZXs2ZC4Isj5MZgL1mDZV0m5zLIW8bs5OL6sQDxe8y-CpP-xht_n2_z-r1J30FJ1vq1Gj0VLlwh-N4Lfdwge1XmjcnzOiJDn_AMUbl3yjechVEFY8PjnXcv3LjnthXue7A-lszZqWNoBl6z_2AGbzghlMhIUKtp8WQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E21E 0
20 B 55ms
54ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZ5AMj6mtYfDIFZPR7gOQ-JGQDQAAAAA4AeAEAg&bg=!Li2lLWnNAAaQHwIOkB87ACkAdvg8Wt-dDGW-bRF39i1cAWFeJN09RQDAbySSLg-DkknqARlgXp_3AgIAAAE2UgAAABBoAQeZAxd6F_DG33fsjfAQlIUyllnC80Hft4WwcTvVQfD9HCrUJKYMZqA21z-7mF7RuP2r2cwhWxfRYgaoFgowg7BZfzFzxdd8OXLc9-dtk1nbaYVwtd8jY3GLlHUfkB50budU-cx7n8anTXvxxB3DNogH9vNQhnl7tCr_0rQlXlDl8WaSG3cUnE3Ddvw51VfxFhUSBcdma3WiT4drigHP-b6KiHRZaQ5UfrWe7vUS-OWLTnm0GpeSzQfR8f2WjLIywrXwy13QPqOqjMCMSDyfaA0kDlgdEhJHLmFooLjX57f6VLEt0qdyCV0gvCfvVsT6M6m8u3B5PV8riT6y85CuLVFNfWZ1xY40A9EHtnjM74y1Yl5drEEuf1o8w-8YbrGH7nS0GSouaUXSYCW8NWCPU19dhBw3Xx_TVI-z78gUnZbUF-PLkEFaSOko30FvVyb7RCEzQJK9DK9ECDc8gv6d1psW01Rp8MMiFMx_u4S_V68OJqVFd_jqv8sraaRak96-k-qYppb61QaqOmJf1N6cXbgPxa8OkZixuJkjqw9-CRC9Jb6nRhoIZnk3XWsY0W0WmeDE-c_UyRqWMTfj2sfd3Qn5YhDAZ2XYVkoYmlo1JmNzf4VsydVz9rDko6EiG5HgXWvOP5ruSk2gReQw8JhJWm3Zowgtj65hjkz2Ti-oPY7dSlflrrZDaKSpxmra7ip2OcPnivt8NXcpCdKC0q1KxBVxv_meWwK-TyY-k8nz3AzxBhpy8Ny2TGk7uOFNR-YXgUVp7n6r6aeDxsBEL6BgSkXSa4EkyARcDso4sLb-3WeGbt9aNSOPB8tm9sLFhATo3h0kwp9gBT51kpQ3vX3ufn1MHg10lWWotNad4umJdyfNkZ_S_x3IMEKI1GnuQWBtc76jD-8VmfbLcOtJwSBXOF_Eg9w7v63L-dr-ZYG7ZEQhpWMQm2nCETaITmliPZ16CFU0yFBjDYjGrKZzFijkVKU05DCLz3b8Vxh3lo497RjzldNdGM7GI6Qmks_0R55nNF8Lu1Ojif35gLLUO9oIhfVLHMxJsQMyvyP91w

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 4B7B 0
120 B 373ms
190ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT
x-envoy-upstream-service-time: 3
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame 4B7B 0
121 B 372ms
189ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT
x-envoy-upstream-service-time: 2
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame 4B7B 85 KB
16 KB 39ms
39ms Script
text/javascript 2600:9000:2156:d000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:d000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36
x-cache: Hit from cloudfront
date: Mon, 06 Dec 2021 06:10:58 GMT
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
server: Cloudfront
etag: W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: 3CpmUu5NVyBtfaHCCghBPOsiWv0NtaPIz-FgqlQCGxsy4s_q8plrIQ==

GET
H2 200 track
track1.aniview.com/ 0
71 B 290ms
92ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.stripes.com&sn=&ic=0&tgt=0&app=&wi=300&he=169&test=4&d36=6.1.2.90&apppkg=&fv=3&proto=https&pid=5ebd1adfeb6db67e1d52ebba&cid=5ebd1d747d7c78697e0af0a8&stagid=&stplid=&e=inventory&vi=10&cb=1638771088432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/4/ 2 KB
2 KB 294ms
95ms XHR
application/json 3.217.20.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/4/?AV_URL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&AV_VIDEOURL=https%3A%2F%2Fcontent1.avantisvideo.com%2Fhls%2Fsports_01.m3u8%3Fid&tid=1&d=desktop&i=0&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&AV_CHANNELID=5ebd1d747d7c78697e0af0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=www.stripes.com&AV_DADPOS=3&d36=6.1.2.90&sver=1&avtoken=88431&AV_WIDTH=300&AV_HEIGHT=169&AV_DNT=0&cb=1638771088566
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.20.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-20-60.compute-1.amazonaws.com
Software: /
Resource Hash: 9d6f7c0eb177ae649532c21cf0067bc3c7d22da82ed04acfa8b0428ec49f4eec

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 24 Nov 2021 16:24:48 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 4B7B 156 B
522 B 587ms
199ms XHR
application/json 52.38.158.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.38.158.138 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-158-138.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2015d7a23c942872a4bfa104058262b4365591d7728e75fe25b5d5cce5bd6cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 190ms
190ms Ping
text/plain 52.88.197.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.197.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-197-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT

GET
H2 200 sports_01.m3u8 Show response
content1.avantisvideo.com/hls/ 15 KB
3 KB 135ms
33ms XHR
application/x-mpegurl 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.m3u8?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf96e1d997f022dc7c2bc5877b3e9fc69a085f4e489e24136721233e10c75a7e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: JTEa4uV9LWCwJQvEO_GyMjcnQ9pZTPou
content-encoding: gzip
etag: W/"039aa57dfba0d41b33070f0ba5f348c2"
age: 82550
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.stripes.com
last-modified: Mon, 30 Aug 2021 07:19:24 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 07:15:39 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/x-mpegURL
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zn_UXtZyEvdodpJ5plk3pffTwBtbdKp89crjZ6nKvIhI-j3gNNlpJg==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 66ms
66ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021113001&jk=350202993357161&bg=!eHulez_NAAaQHwIOkB87ACkAdvg8WoERtUsLfM_gfjl3GedD25P5_5PpvGzXJnpBvFQF3X1r1cC0LQIAAAEXUgAAAAxoAQeZArAxVPiGZNx2MFMBg6XFOm9D_eR7gBp8HbuRTXe68W9hDy-x5XotEw2ksNTOyV2qQfWiwKcDyCLzFspXOzFe5xOJkP_b2zwodtj_KaPDoVt74EWvDKoVTlLh5Gr8FSn12mHLeAU6L2uACVHXLcA8R8D8V-UCcqmyeIaWQTYuHL7wWThiYjgwAot0kZR6CdJH8zY6sa_Ud7KUR09pJANNbA974X-ToYWhV6F6ezf1dEXx4Vyr9u_0fbW3WFJq-hWLJlLjFm1ocUdakGOwVS98masvh8mSTNo9Cg6jTZhOyi6TbbhxAVvjLBcVzXj6ElhzmqhssrPo0YjLl54jPoDxVsN1GC3PDVxlmOmq_RiwqI5jFoii7YZbsbEqbiH2Xavk83OTF0l7GPq2pEK7KMYgi2LsqnaVjs9Cp1XDsTASsUou9whgXZMZ21QBm-ncLAkW-9youeWZ-16tf6WIJxS-1epneofQDBWXu-1bSOySLB2gJ8VFWzF3VVJScA9jtgol9rlQvMNB3vWy66NwgYAEM1oc6Qsa3a3P-2K2dzC36P3hZnB2cBiZsfXfoYZkFmkT2OKHXD0RI4YFyBLzsNKJnO5Czzqinf-mX8X_5ug44iQxD1v86fTcIT6LcsiabD0dky2nRL9Q1j0z8kKvWpBCZRr-j3-pdny6MPhpB8pN5cUvEtVAuUoarzbRFf9zDmkgbQQDS7z4XBnvdGX6_CowWLRC-ijKfId2G0QH9xC-hOi6AILpRxgAE60OYZkdl56G-t_4jOYXBaib7vwxEeBF552T9bIMeg0rr-MQmJxEEFrkKHk3vThqWMtoXEanJENe-FqprL4Zpci1MKfYKIG9uxDFEoxhz-3lmmvK-JmnhqMBEGgWXezqRTuN8tR2XLm64AfxlxrKPY9Q1kxNBfWoq7Nr

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 32ms
32ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PDskkJcW3LG20KTHhJDbjiAUcQXqtLcKfamFfiikbm8aeC5RKLuX4g==
age: 82566

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 148 KB
149 KB 40ms
40ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e161b521aceb5cfdd1224bfb44ce5ba357f1810d0b39adc061d255f2d290708

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-151903

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74265
x-cache: Hit from cloudfront
Content-Range: bytes 0-151903/34605348
Content-Length: 151904
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: BfOCowwOXO6xmrXSuY7s80tOZaivwlHebBEz6rQ6gAybjbaLGlSv8w==

GET
BLOB 200
OK f10c237f-9425-4e69-9607-ffd84588adbf
https://www.stripes.com/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.stripes.com/f10c237f-9425-4e69-9607-ffd84588adbf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 581F
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638771088543-956670011783-005724-004-004919%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1638771088543-956670011783-005724-004-004919%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1638771088543-956670011783-005724-004-004919&biddername=55&key=1745699476523475939

0
216 B

297ms
92ms

Document
text/plain

18.208.85.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1638771088543-956670011783-005724-004-004919&biddername=55&key=1745699476523475939
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-85-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.9
Date: Mon, 06 Dec 2021 06:11:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1638771088543-956670011783-005724-004-004919&biddername=55&key=1745699476523475939
AN-X-Request-Uuid: 89a9b4c4-71a9-477d-833b-a431399a4a6b
X-Proxy-Origin: 194.36.110.164; 194.36.110.164; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 27 B
706 B 100ms
28ms XHR
application/xml 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=21002496&referrer=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html%23.ya1xdqc-mdo.twitter&us_privacy=1---&cbb=8771088866&imp_id=a586be77-b4d7-499c-84ef-aeec75fcb647

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 06:11:28 GMT
X-Proxy-Origin: 194.36.110.164; 194.36.110.164; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: eff817d7-2041-4dd3-853a-d5a20731d31f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.stripes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 225ms
224ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=GB&cos=Windows&r=www.stripes.com&rs=www.stripes.com&sid=41606&t=1638771088&cip=194.36.110.164&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&test=4&aafaid=&proto=https&uid=1638771088543-956670011783-005724-004-004919&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=73037399609&d9=1000&AV_WIDTH=300&AV_HEIGHT=169&&ppid=5ebd1adfeb6db67e1d52ebba&nid=59918a0e073ef4782e4e347f&pcid=5ebd1d747d7c78697e0af0a8&ncid=5d4aab3928a06112b42d3a48&pasid=602a84ed49e41b0580387469&e=request&cb=1638771088868&asid=602001c46e67f25d741a755e&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9592 42 B
64 B 55ms
54ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLuysuMmOth82A-D-RQun1WZrdK7Y4OXJLTcfGKrYnrYKExdncldZfDIzZOp2jS7SwHMnrGOCcNTDCfLOxgbXVLK4k3hyO&sig=Cg0ArKJSzAecI_XH8Un0EAE&id=lidar2&mcvt=1009&p=0,0,90,728&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=2189986252&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638771086718&rpt=1147&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9592 42 B
64 B 54ms
53ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-g0-eW23XEzHBSg5F_9a6LgAXxpFiVq0l2tLINbj41H8yjQoLBTx2TbsK0Jpe3E_cKsqDakl7aIMcNrCvZtRo1j8pEPXxRMD2lKTn-DzcIimx2yT4&sig=Cg0ArKJSzBb9yCBpyy6jEAE&id=lidar2&mcvt=1015&p=0,436,90,1164&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1986035644&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638771086718&rpt=1144&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 139 KB
139 KB 34ms
33ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcbe335455fd51fe762c98c879b2abc933226759ba73e63e1b77fa31cdcd11fa

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=151904-293843

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74265
x-cache: Hit from cloudfront
Content-Range: bytes 151904-293843/34605348
Content-Length: 141940
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: LOt7QiF4GSR8KC3oz-NReAiRH9MAJOg8eBtm7oePNgnsM73AqNnLVA==

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 32ms
32ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4L48y5_K6Q2VVyDF_luqhtUXpIap4j1nzMqNQsUv6OBfxjHG0J8CUg==
age: 82566

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 191ms
191ms Ping
text/plain 52.88.197.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.197.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-197-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 196ms
196ms Ping
text/plain 52.88.197.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.197.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-197-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 210ms
209ms XHR
application/xml 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 06:11:28 GMT
X-Proxy-Origin: 194.36.110.164; 194.36.110.164; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 52c8f629-d5d2-4376-89a7-6e48e4680c25
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.stripes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 92ms
92ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=GB&cos=Windows&r=www.stripes.com&rs=www.stripes.com&sid=41606&t=1638771088&cip=194.36.110.164&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&test=4&aafaid=&proto=https&uid=1638771088543-956670011783-005724-004-004919&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=73037399609&d9=1000&AV_WIDTH=300&AV_HEIGHT=169&&ppid=5ebd1adfeb6db67e1d52ebba&nid=59918a0e073ef4782e4e347f&pcid=5ebd1d747d7c78697e0af0a8&ncid=5d4aab3928a06112b42d3a48&pasid=602a84ed49e41b0580387469&e=request&cb=1638771089000&asid=602001c46e67f25d741a755e&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 122 KB
123 KB 34ms
34ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6689ee6aca536ddbfb900af1890b6392651ec8e3fc583511ad08d480cf5802e5

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=293844-419051

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74265
x-cache: Hit from cloudfront
Content-Range: bytes 293844-419051/34605348
Content-Length: 125208
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: PJ9u-9jfGFUX2InVWf1SFFQL8n_Gn4v4K6IQ1wqIbz_77nNHq0sPWA==

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 33ms
32ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 30cyKnJwMLgzeuG9DZqNpkPFQ-BQqXG7kalOmO7MJxBksTdYaG1eSQ==
age: 82566

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 161 KB
162 KB 36ms
35ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 578595ef61ce6b4e5bdc0a27699977f0b64cf5b32cc3b985ac8406932aca2458

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=419052-584303

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74265
x-cache: Hit from cloudfront
Content-Range: bytes 419052-584303/34605348
Content-Length: 165252
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: d3QrhuLallOew5UlZADWfftU_1yIfJXruZNmON1GA-va99FctfQ0ow==

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 31ms
30ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZKusF3R6KTpq5bXclcIPOYYa-gb5OpH6u3pJjGsGQLIkbfLvRVvkVQ==
age: 82566

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 191ms
189ms Ping
text/plain 52.88.197.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.197.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-197-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 Dec 2021 06:11:29 GMT

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 155 KB
156 KB 40ms
39ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49f6e2bdf62cf39ffed2f768f85e050497a9f96541727d613c701d4db81431a7

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=584304-743351

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74266
x-cache: Hit from cloudfront
Content-Range: bytes 584304-743351/34605348
Content-Length: 159048
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: LqSf1immLOMEfes0tHlYkL4HMYmmWi3BIYoLS_QkQBDFFBys_SrFOw==

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 31ms
31ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: yaQKJxmrdLm6pCP9Xw8xzqG7ucZIL5XZmtzm85lZ5Aq4R9sTV0R-tw==
age: 82567

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 111 KB
112 KB 35ms
34ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e59a2c3c4e0f118a58ce3cd785583dd9ccd396f1c572e2fc7a2e22c315c1519

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=743352-857091

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74266
x-cache: Hit from cloudfront
Content-Range: bytes 743352-857091/34605348
Content-Length: 113740
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 404FpFOYhc8EqfCW9rQKsmyZS4yYOv_fXt2hdD9YM7mdNYQgZDTjwA==

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 31ms
31ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8iPiWL7uASvex1iIdzAos5z_HNlWLPnEyLeBSZjVURcmNTrTy25cTQ==
age: 82567

GET
H2 200 965c136e-8950-46d8-ac5c-aaea479e4572.png
gallery.mailchimp.com/f141047f5265cca1bca1a0c28/images/ Frame A770 1 MB
1 MB 86ms
22ms Image
image/png 34.96.122.219
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gallery.mailchimp.com/f141047f5265cca1bca1a0c28/images/965c136e-8950-46d8-ac5c-aaea479e4572.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.122.219 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 219.122.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 24ddd1e58048b259e6deeae98b02422179691006cdb65caeb236b7f4cf968278

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:48:54 GMT
age: 1357
x-guploader-uploadid: ADPycdt5uCaq-03mfUbPNT6iD3rsiT2iROjFNhDgWLGltNPx4dgUUxdf8l9HryeDSS_cCA1XLdC5coBPYGQXy9tOfRcbKSsQCQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053078
last-modified: Thu, 03 Oct 2019 18:29:45 GMT
server: UploadServer
etag: "b5c7e6cb1c31b46670d9cc70f4be66dc"
x-goog-hash: crc32c=607S6A==, md5=tcfmyxwxtGZw2cxw9L5m3A==
x-goog-generation: 1570127385991491
cache-control: public, max-age=3600
x-goog-stored-content-length: 1053078
accept-ranges: bytes
content-type: image/png
expires: Mon, 06 Dec 2021 06:48:54 GMT

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 159 KB
160 KB 34ms
33ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 752fa0a3ccccbb7cdc29fe4ac63ba88c973f6e64e4d97a9266dd07ef84783676

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=857092-1020275

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74268
x-cache: Hit from cloudfront
Content-Range: bytes 857092-1020275/34605348
Content-Length: 163184
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: QW_L9euqTvgoAYOVNPEqEy9g7wpYgc6ROVWgYr9nUnh6w4Re6aqi_Q==

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 31ms
31ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zULpnh25zGwFgIZdCFWn5zNLlmDmlLKsENzSbSOmIhC6Vd_DZUbEEQ==
age: 82569

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame F7BF 0
316 B 123ms
122ms XHR
application/x-protobuf 3.132.182.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=140482
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.182.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-182-4.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 06 Dec 2021 06:11:32 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 277ms
92ms XHR
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=GB&cos=Windows&r=www.stripes.com&rs=www.stripes.com&sid=41606&t=1638771088&cip=194.36.110.164&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&test=4&aafaid=&proto=https&uid=1638771088543-956670011783-005724-004-004919&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=73037399609&d9=1000&AV_WIDTH=300&AV_HEIGHT=169
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 06:11:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 140 KB
140 KB 43ms
42ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a77428f10186243bd77f195dda059cea49c4492d02a05521f9c88e25248dac0e

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1020276-1163155

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74270
x-cache: Hit from cloudfront
Content-Range: bytes 1020276-1163155/34605348
Content-Length: 142880
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: GtX6ZhLhxZGGBW3QJpV3gWiZ-ixpjmhalTZTaT_4fIlJk7ZqIQJYuQ==

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 31ms
31ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1csb6sRK2js-ClYcP3RCALF7PhiyIlyfzLcCR93WYqe2kflVajogXA==
age: 82571

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 135 KB
136 KB 36ms
35ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b376c9881895dfd02b1b235336bc4c2a8add3bb2274b45967723ed92cded0344

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1163156-1301711

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74272
x-cache: Hit from cloudfront
Content-Range: bytes 1163156-1301711/34605348
Content-Length: 138556
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 9pCvsa9m0Etl6Car7a9tpEeNzOg76aWbfu6YSGfV8kXf1hF_YbP5HA==

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 33ms
32ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: B72biDaYnL6yS1Yb_OYdiyRlGweUFGeeiEAcOy9hMaaSRE6d989e0w==
age: 82573

GET
H2 200 rss_banner.jpg
vd.trinitymedia.ai/cms/1202/image/audio/e6c3656a042a904d70157a4a3732c75f09f2de2d355d12127d5acebcbce2421a/ Frame 6F0A 177 KB
177 KB 22ms
21ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vd.trinitymedia.ai/cms/1202/image/audio/e6c3656a042a904d70157a4a3732c75f09f2de2d355d12127d5acebcbce2421a/rss_banner.jpg?ts=1638517521000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 58fe7c1213f604098a503e24db6342196185c7852d848c2dd82ffc97e058a570

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 06:11:35 GMT
last-modified: Fri, 03 Dec 2021 07:45:20 GMT
server: AmazonS3
x-amz-request-id: TTMF01K7FXRCFR8B
etag: "7c44f0e4d948da735f6174bbebb9fc0f"
x-hw: 1638771095.dop239.lo4.t,1638771095.cds203.lo4.hn,1638771095.cds204.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=13666
accept-ranges: bytes
content-length: 181005
x-amz-id-2: ZYCP5X44olwo3Fvu8FzF1JxpsZxLqEwwCDA+mvXSphaxEfR1G+dmRMjHqpD+9RRB1FSz6tyS0ZA=

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame F7BF 639 B
716 B 134ms
133ms XHR
application/x-protobuf 3.132.182.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=140482
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.182.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-182-4.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 1f86b82452f46fa3e40ca2bcc67d86abad20f36ac94dd22c685918e5e85a0af5

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 06 Dec 2021 06:11:35 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 419

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 102 KB
103 KB 35ms
34ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a58080263632a1b0942ad515496b87d687c12c85caf72cda26d6773ceb66b0f0

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1301712-1406615

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74274
x-cache: Hit from cloudfront
Content-Range: bytes 1301712-1406615/34605348
Content-Length: 104904
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: RyjBWxlL5ISPxRbnebfNlYi-u3zFuQ6PW9g998a5yQF4758A358saA==

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 32ms
32ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: j0L4IwHqT2uEDuguOfIgTPKJoS-MkVCGcGzIp59FxYym-Rg2sPSW2w==
age: 82575

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 160 KB
161 KB 34ms
33ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b7c1451b1ff83e045495299fc178702b790ce020113403617627307a426814c

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1406616-1570363

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74276
x-cache: Hit from cloudfront
Content-Range: bytes 1406616-1570363/34605348
Content-Length: 163748
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: -htbosMJtckgQEiheYe4bgrGcjrpFnkU5xbr4TEAO9kJeS2fEA8gXg==

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 31ms
31ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: XmACD6J3HQcVryRKbuUz9H8vLinGxxwGQwFbCITturFmxWRi1NN9xw==
age: 82577

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 100ms
99ms Image
image/gif 52.45.61.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=stripes.com&p=%2Ftheaters%2Fus%2F2021-12-03%2Fpegasus-spyware-used-to-hack-us-diplomats-3845657.html&u=CIJ0YKdC3YX8UsRA&d=stripes.com&g=66270&g0=U.S.&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=7754&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=2541&t=BSvip9CsXgV6uUydXBQqAHijGrvM&V=129&tz=0&sn=2&sv=5ozFUNAtY7DJqHbPC5XAMABiRXkK&sd=1&im=06530c4f&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.61.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-61-27.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 06:11:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame F7BF 0
316 B 112ms
111ms XHR
application/x-protobuf 3.132.182.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=140482
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.182.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-182-4.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 06 Dec 2021 06:11:40 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

OPTIONS
H2 200 sports_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 32ms
31ms Preflight 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 05 Dec 2021 07:15:22 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GwgujoH-1OFIn61CLa1apaCMyKIz_weOGQ26A7KRD8e6Xey_Ujg80A==
age: 82579

GET
H2 206 sports_01.ts Show response
content1.avantisvideo.com/hls/ 120 KB
121 KB 35ms
34ms XHR
video/mp2t 2600:9000:2156:6c00:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/sports_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a8c31926c7813b111ebd25223125f9df08582c8b36757935ddfc854ff52a9b3

Request headers

Referer: https://www.stripes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1570364-1693691

Response headers

x-amz-version-id: ZWyxNJ4rwA5dEqqlMIo6mWUttaYHrTeQ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: "33ced88e348230423439f2b4743408d0-3"
age: 74278
x-cache: Hit from cloudfront
Content-Range: bytes 1570364-1693691/34605348
Content-Length: 123328
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Sun, 05 Dec 2021 09:33:44 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: l5d1lTtflwfmwjkFXoveFx-jv5S_IZdIVKxIj3IMxJaGQYzx6r76GA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.stripes.com/theaters/us/2021-12-03	1970-01-20 00:17:39	Name: MCPopupReset Value: 1
www.stripes.com/theaters/us/2021-12-03	1969-12-31 23:59:59	Name: ntvSession Value: {"id":40196,"placementID":839427,"lastInteraction":1638771085996,"sessionStart":1638771085996,"sessionEndDate":1638835200000,"experiment":""}
www.stripes.com/	1970-01-20 08:41:39	Name: _cb_ls Value: 1
.simpli.fi/	1970-01-20 07:59:53	Name: suid Value: 8EEEC51BB33841F29183E9A933A816BA
www.stripes.com/	1970-01-20 08:43:05	Name: __atuvc Value: 1%7C49
www.stripes.com/	1970-01-19 23:12:52	Name: __atuvs Value: 61ada98d9330ff35000
www.stripes.com/	1970-01-20 08:43:05	Name: __atssc Value: twitter%3B1
www.stripes.com/	1969-12-31 23:59:59	Name: __atrfs Value: ab/\|pos/\|tot/\|rsi/\|cfc/\|hash/1\|rsiq/\|fuid/\|rxi/c9ad7176a73e99da\|rsc/twitter\|gen/1\|csi/\|dr/
www.stripes.com/	1970-01-20 08:41:39	Name: _cb Value: CIJ0YKdC3YX8UsRA
www.stripes.com/	1970-01-20 08:41:39	Name: _chartbeat2 Value: .1638771085447.1638771085447.1.5ozFUNAtY7DJqHbPC5XAMABiRXkK.1
www.stripes.com/	1970-01-19 23:12:52	Name: _cb_svref Value: null
.list-manage.com/	1970-01-20 07:58:27	Name: _abck Value: C7A18160C35C11B2DC7E2D0D897F7DB8~-1~YAAQwV4OFzShP4t9AQAALlBejgcrE9p/0d9G9gBX+FSQm2LlXyBHKB37t+ycqAl/a64OO365atTPjxjnUbTPBxLxfWrMNlt9F94+c7pEIc2IzNe1rmk0zlWq2+Y/sAxYqJLVckoWr9QPGf7FUTezYI9oE7sR+H7K3GtGbWR2dWwIkf4ETDvlhz1VNs7n/Y9VYrZ5hj8SZUtwclB8gafClvcqv3oYsI2qy1jTa3FgQRAnRlSFEVfA97DXcE54m9E/7EY38bkYs1SlB+4bTjK5OWY1xbkKNcwVk+puUUYKum/yHLCRkTBHjpGGG7azq9eZY/EsPJD8v1J/uIsVqtdJulTWHA2xGBrBr/Ue/8JZ5MXp/XBX93CIH4WlSeKE0Ytfpg==~-1~-1~-1
.us2.list-manage.com/	1970-01-19 23:12:58	Name: ak_bmsc Value: 602FF025B9FCA9B74C8B4DDF20775E5E~000000000000000000000000000000~YAAQwV4OFzWhP4t9AQAALlBejg74OrARLOXXmtBMkFeo6pwz4RuhGJrrO4/K466x2j99Xxu4I+r530wXYx3d4RDrg6KFdWQ3x3Ei+rQ11Dg5GX2XTpyTx1xQIVHwR2WjSB0JQRQVyQDtcYoCizT0yiP+FVKuaQIR4EG8B4kaFceK2B0HxVgZCM2h0ysAFJMOPrBlYQPSXHNhgEVOPQsU3afMByunMWM5ipINzup5woczVmdYnjZeKfBeorFZcaPzmFUIlNn2Sc/3rKwAId1kHdmfpOmg9U6pV0hlbFgGDEfZCvYC661cTThQZWdZqeUz3CJuGSJY4Zg2OkZuQlsvOxPOnHYNfRsvDRMRs1MLZ22CQLJdzULJL+tVLOW+8V2oo4pP7/E8BINT97wSPxHj971X1A==
.list-manage.com/	1970-01-19 23:13:05	Name: bm_sz Value: AC4FA41DF61F6FAB5A9F15019D6309AC~YAAQwV4OFzahP4t9AQAALlBejg6W3E6ZCFbmNqRR+w1nAgqBfpPGwoWy6PIkLvU+Y634s47HJWqfLOMDKAlZ1oGkdQ6p07cWg+Y31ZYwwGCT8H3SrFs2xpD7NVpyacU2RCtIscsvMYl2n7pRcCdLQ6+oZavLzTP8bTuDwXoR5xdzKvuMxN8Z68OpetKiXEHWmibgwHVvwctonFWYtCIZNZt7Dftl9kt4eVJqbzLIiun3gKa9h+HjNhVti2jqLjzusaWIiOa8ZM1jrq991WFoizithFjz5sO4K6HJ3PfReB4eCTTUnownsQ==~3682374~3551814
www.stripes.com/	1970-01-20 07:58:27	Name: TRINITY_USER_DATA Value: eyJ1c2VySWRUUyI6MTYzODc3MTA4NTY5NX0=
www.stripes.com/	1970-01-20 07:58:27	Name: TRINITY_USER_ID Value: f9ef387f-945a-43ee-b14c-0c7ccb2c19ab
.postrelease.com/	1970-01-20 07:58:27	Name: opt_out Value: 1
trinitymedia.ai/	1970-01-19 23:22:55	Name: AWSALBCORS Value: inbj3irn6PNVeK2AZpDjcXDussWj8vLzbZk00PMVixiD+g1+4NFhkY8QY03cG9cSXXJOJmgU/LQBKvep6xMnq1h8skaXm+Ex7BTmstgYi8u2h9ai15z9fFD73YyH
.trinitymedia.ai/	1970-01-20 07:58:27	Name: AUID Value: f9ef387f-945a-43ee-b14c-0c7ccb2c19ab
.stripes.com/	1970-01-20 16:44:03	Name: _ga_TCBWEF5WWR Value: GS1.1.1638771085.1.0.1638771085.0
.stripes.com/	1970-01-20 16:44:03	Name: _ga_S3BD5CQRB6 Value: GS1.1.1638771085.1.0.1638771085.0
.addthis.com/	1970-01-20 08:43:05	Name: uvc Value: 1%7C49
.addthis.com/	1970-01-20 08:43:05	Name: ssc Value: twitter%3B1
www.stripes.com/	1970-01-19 23:13:34	Name: stripesWindowshade Value: 1
www.stripes.com/	1970-01-19 23:56:03	Name: _pbjs_userid_consent_data Value: 3524755945110770
.stripes.com/	1970-01-20 03:32:03	Name: _pubcid Value: 90953ac0-b6d6-4387-bd0e-cdf7ad1c50b8
.doubleclick.net/	1970-01-20 08:34:27	Name: IDE Value: AHWqTUklhVmaKXkEY8VksZjAkvO8UYDW3WlEcHF84hsSKeVV5xPIPOoK2qJdKKEzS50
.addthis.com/	1970-01-20 08:43:05	Name: loc Value: MDAwMDBFVUdCMDAyMzE1MTc3NDA0NzAwMDBDSA==
.stripes.com/	1970-01-20 16:44:03	Name: _ga Value: GA1.2.502078607.1638771086
.stripes.com/	1970-01-19 23:14:17	Name: _gid Value: GA1.2.1855488334.1638771086
.stripes.com/	1970-01-19 23:12:51	Name: _gat_gtag_UA_714126_1 Value: 1
.stripes.com/	1970-01-20 08:34:27	Name: __gads Value: ID=a20c703a4a265932:T=1638771085:S=ALNI_MYatpTvwBU_cI4AxLU9leQfh6Fy2A
www.stripes.com/	1970-01-20 08:34:27	Name: cto_bidid Value: V5L7wV95MTdoR2JHeXlXVjUxOGZpUng3NnlLUHglMkJwZEpuWEs4OVh0dm9wNU1WJTJCJTJGM0k1b1cyUmtrOUhtJTJCbUhaTnJHVGN5VDQxNjNPQXFSRWVweHdzYlRIUnlnJTNEJTNE
www.stripes.com/	1970-01-20 08:34:27	Name: cto_bundle Value: WVBsKF9aU01sMGpMaVEwJTJCJTJGWTlRcmZsNmNLb0Y0TVlxSiUyQkhQaGdEMXhCaWZzV01YaTdubkZrbWpDQzliQjhQUTdvbTclMkJXQVVsVnhObTY1MyUyRnF5ZkkxWWklMkZxZ2V0VWJTRWdlbDYlMkZvM0RWSWFUeUpQOCUyRm5ZMjFYVG55S2p6NXZKa0ZYWGM
.reddit.com/	1970-01-20 16:44:03	Name: csv Value: 2
.stripes.com/	1970-01-20 07:51:15	Name: pelcro.unique.id Value: bHpuaGRyN2lreGt3dTl6cnM1
.stripes.com/	1970-01-19 23:56:03	Name: pelcro_count_of_articles_limit Value: 5
.stripes.com/	1970-01-19 23:56:03	Name: pelcro.pageview.frequency Value: MQ==
.stripes.com/	1970-01-19 23:56:03	Name: pelcro_count_of_articles_read Value: 1
.stripes.com/	1970-01-19 23:56:03	Name: pelcro_count_of_articles_left Value: 4
www.stripes.com/	1970-01-19 23:12:54	Name: _lr_retry_request Value: true
www.stripes.com/	1970-01-19 23:56:03	Name: _lr_env_src_ats Value: false
.stripes.com/	1970-01-21 01:29:39	Name: _awl Value: 2.1638771087.0.4-80566b55-ae4d8883b8083cd514ee44657c9526f0-6763652d6575726f70652d7765737431-61ada98f-0
.adsrvr.org/	1970-01-20 07:58:27	Name: TDID Value: f80019f3-ad04-42f9-950e-ffddf61c8a2b
www.stripes.com/	1970-01-20 00:39:15	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22f80019f3-ad04-42f9-950e-ffddf61c8a2b%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-12-06T06%3A11%3A27%22%7D
.stripes.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1638857487986
.aniview.com/	1970-01-19 23:27:15	Name: aniC Value: 1638771088543-956670011783-005724-004-004919
.adnxs.com/	1970-01-20 01:22:27	Name: uuid2 Value: 1745699476523475939
m.stripe.com/	1970-01-20 16:44:03	Name: m Value: 47404eda-5be0-4e0d-be86-9840d2c48d2ff10e85
.www.stripes.com/	1970-01-20 07:58:27	Name: __stripe_mid Value: ca018450-4a5b-4754-a5c7-00f9cb3dc4d6907b3a
.www.stripes.com/	1970-01-19 23:12:52	Name: __stripe_sid Value: 75b4e881-bf2a-4c25-afd4-adb878a2184126f49d
.adnxs.com/	1970-01-20 01:22:27	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GTrl#X]q!]tbP6j2F-XstGt!@DLG$a!h9
.adnxs.com/	1970-01-20 01:22:27	Name: icu Value: ChgI9s1iEAoYASABKAEwkNO2jQY4AUABSAEQkNO2jQYYAA..
.aniview.com/	1970-01-19 23:14:17	Name: 2_C_55 Value: 1745699476523475939
sync.aniview.com/	1970-01-19 23:14:17	Name: 2_C_55 Value: 1745699476523475939

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html(Line 1523) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pubads.g.doubleclick.net/gampad/adx?iu=/267968996/Stripes_Takeover&t=sitepage%3Dstripes-U.S.&sz=6x1&c=9046512958&m=text/javascript, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.stripes.com/theaters/us/2021-12-03/pegasus-spyware-used-to-hack-us-diplomats-3845657.html(Line 1523) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pubads.g.doubleclick.net/gampad/adx?iu=/267968996/Stripes_Takeover&t=sitepage%3Dstripes-U.S.&sz=6x1&c=9046512958&m=text/javascript, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad.doubleclick.net
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
api-location-prd.pelcro.com
api-public.addthis.com
api.rlcdn.com
assets.revcontent.com
avm.avantisvideo.com
capi.connatix.com
cd.connatix.com
cdn.avantisvideo.com
cdn.revcontent.com
cdn.teads.tv
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cds.connatix.com
content1.avantisvideo.com
delivery.trinityaudio.ai
depart.trinitymedia.ai
downloads.mailchimp.com
e686d5fd2267b8f975a29647513cd89f.safeframe.googlesyndication.com
epub.stripes.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
gallery.mailchimp.com
go1.aniview.com
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.crwdcntrl.net
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
jadserve.postrelease.com
js.pelcro.com
js.stripe.com
m.addthis.com
m.stripe.com
m.stripe.network
mab.chartbeat.com
match.adsrvr.org
mc.us2.list-manage.com
mug.criteo.com
o.addthis.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
platform.twitter.com
play.aniview.com
player.aniview.com
player.avplayer.com
pubads.g.doubleclick.net
q.stripe.com
s.ntv.io
s0.2mdn.net
s7.addthis.com
s8t.teads.tv
secure.adnxs.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
static.adsafeprotected.com
static.avantisvideo.com
static.chartbeat.com
stats.g.doubleclick.net
sync.aniview.com
syndication.twitter.com
t.teads.tv
tag.simpli.fi
tpc.googlesyndication.com
track1.aniview.com
trends.revcontent.com
trinitymedia.ai
unwieldyhealth.com
use.typekit.net
v1.addthisedge.com
vd.trinitymedia.ai
vid.connatix.com
widgets.pinterest.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pelcro.com
www.reddit.com
www.stripes.com
z.moatads.com
s7.addthis.com
104.111.242.245
104.244.42.136
142.250.184.194
142.250.185.66
142.250.186.166
143.204.98.58
143.204.98.7
151.101.0.84
151.101.128.176
151.101.130.137
151.101.2.137
151.101.65.140
151.139.128.11
158.101.26.148
169.50.137.176
178.250.2.146
18.208.85.173
184.30.24.121
185.33.220.100
185.33.221.11
2.18.232.7
2.18.233.180
2.18.234.163
2.18.235.40
2.21.142.98
202.212.180.67
205.185.216.42
23.45.110.243
2600:1901:0:7a0b::
2600:9000:2156:2e00:3:748e:7940:93a1
2600:9000:2156:600:1c:38a0:8a40:93a1
2600:9000:2156:6c00:1e:efeb:b400:93a1
2600:9000:2156:8c00:c:b42a:3740:93a1
2600:9000:2156:9000:8:48e:53c0:93a1
2600:9000:2156:9800:8:9ed9:9c40:93a1
2600:9000:2156:d000:19:7d10:bd80:93a1
2600:9000:2315:6400:18:1fcd:34f:cdc1
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700:10::6816:858
2606:4700::6810:125e
2a00:1450:4001:802::2003
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9d
2a02:2638:1::13
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:bb91
2a02:26f0:fb:199::26e5
2a04:4e42:600::714
3.132.182.4
3.217.20.60
3.229.193.232
3.33.168.159
34.120.133.55
34.96.122.219
35.153.224.87
35.158.176.54
35.190.64.11
52.215.102.174
52.223.40.198
52.31.239.78
52.38.158.138
52.45.61.27
52.88.197.51
54.161.145.16
54.187.119.242
00479816b3ec247bebe149cc083fb40db68e7c3bae96998c67d0dd666d509c63
00694c22b65462919f7067f79231cc2d916f31c0276c2cf521ed5d9fca9392df
01e159c59de456dab1469e1056e826438cc8130b500566a43bc00914f976c09c
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0641c5c4150eec9082db44493a7168d300718a478e28b628c37f766b2bf83aa4
06d35a9ff5c57d6b6a4175f5c8cd4fe62db29f6217f8aa695ee6a19d404a3bf4
079febc978c97cb16dcaf6e730d03c57461e7ce5a7eebe483dac6d039cacc152
09ee99cd71f0cb978b27ebb029dbb74ed3176b9b721e50b75669852a8ab8e2c3
0adba3a8e675d262942cd7c59f61fa77dac5f4208ec40f4ea8c371fe23de681a
0ae4422dc342d3d7b53c2551eaec4549a0d712d9a8bf535e396924e6c3d266e2
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cea5263a3b6819b999123c15a2416b808c1c34d24435cb19c7fba696cf4a3c9
0eb912949f3277d2e526215f4478e8f7e0ab227bf60a1ae52b4b048067a14f85
0f1819026c806a90d255de37b5dcbaa697ebe215f13dfbe3c11466846de16c60
0f6a1735714948f43128944caf8fddc41f64f1ab93c7554d9a934e8b36544c7b
103a8848edf389902464b4995b6866378014c0cf4116a1247a0cb1586ecedef4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129f1bdf202d3fe70065aa13e821201cd22e8d4088d4dee3d13ad71b5f903b7a
13169fe0d5ef4cc70ba22a993ee2e13b96fa7207d00fa3043df41fd8d101452a
1482386e18d9fcf975374afc941b1474ce955d3c54c37e97a9c01d284b68ec9d
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
167c0bf4f1ce2b335626492920ebf337c1abd0ac389d0265f7c6bfd01016d08e
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
1a7ecc510a27a3c2d4c537d1034599cc9813b9ae7651d9b521fae4e78db5ce40
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1de247a80c68ee0c81d7dc38982eca90e34e4dd39d9a1ce6a83a5ca5241fb336
1ec3e285adf8b84cf4a4dae295c4b462cf599bfaee29f946e4c3c8e173e9235c
1ed05536c1aac8e6dd2dc0b936dfcbc186a1ef53e13996d333f72886f537a283
1f6d6747a20379285899eb273e878ce5e180fc9e8aa5463c5b00989f23a1beb4
1f86b82452f46fa3e40ca2bcc67d86abad20f36ac94dd22c685918e5e85a0af5
2015d7a23c942872a4bfa104058262b4365591d7728e75fe25b5d5cce5bd6cd9
21eb6119029f2c6a6bada03dc288b036f90a33d21d54484c9f3b1934e695e07b
22bdaa965875e584e70087d6e7e78b333c4a16b86ba126edf158705e1bb27048
22f285b13c847acfae37b653367aec4453e570bd7d61158422db8cb1c792b3de
23cbee5eb8e6c0d5df3f97a74eb8a755b55dd68ded0e53918e443cbefc92b09f
24ddd1e58048b259e6deeae98b02422179691006cdb65caeb236b7f4cf968278
24e8fc2da87fe2d555d796e55674f1261e49a906059704638f7af8e160c686b4
28355ad0e17eef2c99ced04ca49ad44f3aeb50a16324e6827060b3dd1242ba95
28a60f54b774bf33169679db4aa42ac5715a9e3e703a47420a1c9afcc7781f75
2956f7b2aef18a4a79ac487f3a1d70cebc1a8a4352f7460b1048ec66e5028ad3
2a5bd42df0226330e4a8f965446c7d5536a11c166ac0472f47ce9948379b1470
2a8c31926c7813b111ebd25223125f9df08582c8b36757935ddfc854ff52a9b3
2b25c06a79fc4bdfed55f1035ef2e48738f1c126835516ee8cafa62fbdbc551b
2e1f6865a454721d685241aaed2dc36a7f66cbf746e7b81662b0878103a3cb5d
2e48c336a6bf817d20cfdda8b4423a41456d5cb59cae469948a1c3a16853de68
2e59a2c3c4e0f118a58ce3cd785583dd9ccd396f1c572e2fc7a2e22c315c1519
2f4629aee73fb98ef3be17dc61010858661ca7a569706ae546916ddbb29163a2
30d35f01e21d2c9598b7849a173ae6b8cab8e867d77f325d7b615b85e23cac70
3202a391ae90475f701a4be7dcc1ee847b2f063182e787235eabcdf4f7fe12e2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378148320dbcf88a247e947cee3fbd6ca80cc23b6c0df0a2f911428e8b80287
34dc1dfc7400857ee8bb0abb46d0662735c6c4b26b91b88d076e7537e22504cb
368e4f21464d4b2d66588527d35913317a9d88e542474eced7273b70ff27a54e
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
372c79e9569ebaae5040b8550b42ab1add3ef51ae32c31faa2f9eeb899be1970
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c76e7eb528d38273c0486eec3b76a32a2d8e5c268cd0b49c3f88fea7febadba
3d396c4d9cb7175c15080c9f60c5af11eace9815f2a39cabdc3b2679df39b2d8
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3d644c93265abc15185cf5accc1ce3a9f111642674bee3eef1fed1374ea3b127
3e3cd4238bdd3dcd7e0710d584323a16a922ca222a7f6c632a3b4c45aaac3aca
3e52eb23477a407a5206fe459e5bac03ac80ba94bf7505f50cc6db89bef5fece
3e6aee43ce232f5c967d532d699c8dd2366873b4a61a6d6cbebb3606174a4a61
3ed1f78a1ee89c913a730637376afbd17148beec7eca98ed43e46713bb585898
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
420c56b4f7cab54c237b047f3361c1ce47cab4bb845afe749075fbc256fbff66
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
432fe9d967d439d9f3fb4a499593238d4039491c1509a2d40fa182b3e19d98be
436a16ee0cec77e60f40d2183ffe0a550a673f36ed9cd338183d2ec512c7113a
43b85f6afc4c35f33e6cc583841f3cbbd25134696d07850961da139f8e2124b4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
45b60c9ae048b78a11d296a37e770b2748a26c5c00e0cea78607964758f50fa8
465b31f84196ddfdd21c859a1460c95d70093d91e3ae5ce5c688c398b9dc20f7
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
489eee4990ef1237c2d085d43b123c09221f91d6b6260aa2201cd0f54bdc0f0c
49f6e2bdf62cf39ffed2f768f85e050497a9f96541727d613c701d4db81431a7
4b7c1451b1ff83e045495299fc178702b790ce020113403617627307a426814c
4b8ada87f6e9500e167b6afbc808f611d85788ae0b1119f75c5e2a3939480b04
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
4d0de74e81698b47a6775351787fbf12792561b48170d526f13b4100d93473ea
4f009bb37f58e77fd17b19201645f0d9b4a3bda5f5cd02ce426b1824eada501a
4f5210b63799c504ea7499a6d11733c9848fcc115a661c784059611d07d5de08
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510e6b176fac7f9500c599078eeed7cf9a0e11982f5df02e35e0a452e02a543f
51e4dcb3859308401c922d20f0c9b7f154b008c04c6aedb92fc2464954e8e99d
52da00e00181b5732e82addceccf2fbc327a44aa5b38181e41d3613adaa055ed
53f40153ce96daae594e7a554e3f335b042f970385e7b6749aabb25e221bf69b
545e6c6766ef438509eac05b9ee5165b7be7ad145178ccce6517c3a31d171c52
555818d8877676d953f04b982d8d9394c886b824332642a15473480f3baf5a8e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578595ef61ce6b4e5bdc0a27699977f0b64cf5b32cc3b985ac8406932aca2458
57af4c52e4685a12a11e78468baf0476c726a1a1dfe797b1745c781d0df819b8
585ffcb241bbfefd7a9577c7f2183e8304e719ffa1b0efbf3bda766cc28b6c60
58fe7c1213f604098a503e24db6342196185c7852d848c2dd82ffc97e058a570
594c78bda3126ce363abbe3cea4ade221a042406e6961f7cc6e57d82ae5e15bc
59ba60596a51fcd5f9dfed3a4cf796227c8b0e416e6ddabc96e37cfb0c7df49e
5b03169fe8813321962663c79c8038763f0e7e73e3f1ddabc3334ac58877c0ef
5bd347e9dae9ec34879d4efd95c533f3772e972964d47edceb1297c03e086805
5ca44a1643b25bd0b4b266e1d1a27fd6708f6469dcc571b9295384906aaca56c
5df8f41eaad006645791ebb83e9f1f3158c720749ef7f5958b177d124feec53d
5f671f08f9fb9359472f84a258dfbf3b6345842b2a694e9f76ea8f728db788c8
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dc6f510a3954f5fdff720a83b9dd166a7b61a2280aadc61605cc68e3466838
62e9a0d0147f7293806755528e5777e0a138386a9020049c039cb2735b80d613
6601111fe9419c45ddae9cfc88a073ed7e0a0223c655682000e1637da0bcbc36
6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374
6660d021cb61bf85a010f2d5255188935ae90360558494eb9e2412fd3728d7b4
6689ee6aca536ddbfb900af1890b6392651ec8e3fc583511ad08d480cf5802e5
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67c9a47d1877c80006b4f99fd6a64a855cd29eee36577fd1554871cc2aed9035
6903418cd2cda134ffc4048149352b8d5cb27928117a0d204ea27e73e448f48f
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6c290af6ad449b8fb63f0ac82b9195d1ec70c429a9205382a2a2ad487e5f7622
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6dbec6d796db1b8f7a7a02af4f31910f7cfe4a234aa11139c5587552eac84524
6dcd0ecf0aff08f6f793db3e75a2445b965655a3ee9ccfae0564280edcc1553f
6ed1a215eecd0157174987e302a5f4e1f6a5d1cd7f384608c4e6e8f5cd535ff1
6f38da290ae619a775fe2178fe3e0f9fd4198feacdacdc8f29be7a6ea3f02c3f
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73c5c079e730facbcbb0e099dae321c6dcaaa1076f51afa9899d7a745c13a0c8
7434bafc7e74edc25e9c841e69240ec425cfeff1681de4d7cecc9f1d99c3747c
752fa0a3ccccbb7cdc29fe4ac63ba88c973f6e64e4d97a9266dd07ef84783676
7537c0d704d7f0d6b79f06f3335e189f39168ef66c0aafe0f4b4643b6143c924
77462e82e9a4e449d207373d19e12834cb6d35b1ac7859aed7724697383b06ec
786608e1d8ab9470008057634c4724717661f6f23c71299952812c80a0d195b9
7b2f4aa693165e13ec89db89e9abd5d541180f8ec465501e9f2143520a5f16ad
7b5a6c2327ddb59d4323e1159dca0f60b36fd0d53a37311361d562cdfefde34e
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7b8100025a6d492ac82579830ad0951e275ab2963c29327f70704611c3f31376
7c65b00e5d831ccbe1bf42e38e82c3b193a35cdfab03f6471c1e8e68cd12a3a7
7df648eb8dcd2ab8a07798dfae0448842682b16253a4d348be5fa47a956da8c2
7f347580a7b031cfa6fc35eb046691b615875a9a791e75be3e39b821949ea600
7f7a2dc8aba3c3e447f512c5db932f05241c1441b2188d87abf759b1a85295c2
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e
81396e680524ad2f2e208ca675b00071f77a74cf6e5a3b2334351f5b864ced50
84643b7ec7363a7ac96daf9ae8a186ef3051abdcd320c79d07e5741115a0138c
86af2f2995b2ff5186ed018e5f52db32b2207a46b6abec40a7695d28786146e2
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8db3a9d83cae52ad594d7a6798378769e28b205fed2145a0785a9674017ad83f
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e5d4a249423ce6b1d1f789ebf8c5f52ae355415bdea128b80ed0d000b472c1a
8eba40f39772c493ecc0fd53cdd43d1f5dffc562d3436c55763d70bc82280a58
90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb
953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae
9577e4d5aa2515c7ba2fe8aac6fe139dad976326cd5340695ecad274fa7bf4c8
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
9bed13c8737243a92036b6ce7476212ce02141339f9e8bf2d31d76e8a138dcc5
9c84ba7f6dad43224738e0b6c95399f02790a1007c1f676c6c10ccbcb1506f02
9ce64f411c03d71f1998fc920980b74b51ab42670d1aac8c0b6017cf041e5c8c
9d6f7c0eb177ae649532c21cf0067bc3c7d22da82ed04acfa8b0428ec49f4eec
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e161b521aceb5cfdd1224bfb44ce5ba357f1810d0b39adc061d255f2d290708
9faf12545ac33b8f9993f35aed9dd365dcf005e984c69a248f492602e9f62a67
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a090ab7df6161fa67c307f4aa50667bf976b80226dada40fdfaedbcb007922ca
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a269fb78e485537faa03fc97623ac40f73045e9bb3bbdffe99f791e2c42388c7
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a3047b6acf0c2384e67db5839544faaf6f593ff62ced8d38d418d63650cf767a
a4158059621512441b8a6e9b8eeb01e86d6e44a06f9fb7727f8dfb28e4ce9a8e
a42d598fd677bfe3f3116c10569ff348b4787f27da4e12caff4d3fe008c4fbaa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58080263632a1b0942ad515496b87d687c12c85caf72cda26d6773ceb66b0f0
a6cd4d07c830ae0db165fec192c436377330f093ce97fbe6af19c41ccee5ae83
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77428f10186243bd77f195dda059cea49c4492d02a05521f9c88e25248dac0e
a7b96aae8e27bf932c36b6d28d81ff38091c23b43165c59da9272dc3d0eda219
a995e987ced454f9eef260cc88c42417619a2d043edceec971eeb8c7a0760c94
abdf35269b8e8f726d2a7f79d31a8323212d7b48f10bacc3632ae5334531922e
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae5f478837031e705c3b4542b833f76979fcd122da5be00bc8e483e65ffb774c
af43ea4c564c18bf2c64d2c4aa030a083c82a68ad9a07ba5b3d9f74edd2262c7
b110085568edfe15a234de5f8bda3a838be46dfeaea429c9be7abb483c2a08b6
b214dd816be55213fb9ebacc212f8850dfb4c5515bba44aaec5823e58a68f2d8
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b376c9881895dfd02b1b235336bc4c2a8add3bb2274b45967723ed92cded0344
b50eae43849339bf88a263ee04be7bcab8bbe170d2b81edc69bf44473cda0f36
b581d1bdfa05cb424c99f7d8c429c40c1260969e39fde3b222d449b8eef5ce2c
b66de84a754ca07ce6dc6936fc3ee8c8a8c8046a3258d46bf83876eb286634e4
b7e48c138e4a89704f115dce26161a11723921358d5021fd40095c1463f62d25
b960a89dca43490bf0005a6ed7ef8287405c4bd8b050fc4a4934580d8a5920c6
badf5ebd0cf9a1624cf8060b92dd47b229910c1eb6c892effe2b6a8485b966d4
bba83db30e7719c593bb4546227f24de4a2532f42e90be0b7a8175987e4c92b3
bbe7b6e6013f03257b5dc02155b8f5d06e4b53444ce0eb3c5e08e22fcf860647
bcbe335455fd51fe762c98c879b2abc933226759ba73e63e1b77fa31cdcd11fa
beb708126effaa6d24be5caa1736fe0caad6775e8ae88630af8a489d9effff4e
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
bf96e1d997f022dc7c2bc5877b3e9fc69a085f4e489e24136721233e10c75a7e
c263104b538a4ee08d885431b5f576e8ff68e9ce2d57df821c8e6bb917bfc159
c28538ecd935a02cfe6a710b9d5222934f7d089617d6946da5ac2d28eecf4403
c28a3278bc8de677e62d0e1a95ef15ab72e8de88e683cd76ff27fc82f26b4a45
c3d78ae222f2cdf9c08f1ee05ebca73903c7bf21cb21e45a76dbfc9ce830474a
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c638ddbf6cd3019073fd3a9bb98bcc425e085c7e100ab65d11a6b12030f7e43d
c658ff53576fc6aaddd37277f911c657dea0ea05d273c7c5656031faa04a31dc
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c6e73dfccc73993c0049628cde8275d770a65a7db1e91cb51e22e19471163e4c
c72466ecdd5f2dcb3b76e7350d19ff0b2e5c0b11586591538b9e90c059cb92e2
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
c9a15506556834fcb140633442b3f233c868bd7edb365c951555d429f608caeb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce0d8180e796390eaba89c213059ee270e6bc67fdc219cf1ff67953b0723649a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d22b82ea285890ccc7f07c9d088ee0b8dfce954a7ba6edee0aa172ebb008aba5
d25cf1328a0760adaf95e35a9278df7a085c9c0a821faa05a75d7a3e482f7ed3
d4371cd54f95df78413d69b3669f541f0303fd08f5d3cd91b900cac912b77be1
d4903dd620e413c6ea166611db7586c9cb2e7d1a557c98053e8c99537a5f18fc
d57548726a25fa0f0f76ed4ab597fce90ac91d6c6968bffd2f1b703efa3a161a
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d8eae99f8d3991899f01edc638dee12b8d9d2c8e9865bdb0c87b7562af18d071
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da756438a59e52da1ab54dd8d5d602e8770c4f7e021df212c2d89ba563199719
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e03d8a32efb91836728a13084ae4ee78473f966d254bcf5d21a9dbd58aa54f5f
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b4455f80bbefc4ce584b3f9866d5510cc64f918c075d963320b84a99040235
e9953887eb310250b15b622eb85aa87fe1868db9cd86bcd09f4c9b71c345fdc4
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eaa4a94ea300e0d2c775968cbe42f0b5b51ceafdeb73d64e9efddf6d4e880865
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ed838fb7bff02044f6fac6255ee96e585e9262f980074d4c5124e037c7560461
edc2fb6603f1299fb85244d8a40ec6fbf764d3a7cf74e50e6b66e2df487ace61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd6f7d3912d8e7201c7df80b3d632ae03a1944cc1b3a47e7d9aea57eda3c461
efe65a393688c9192f53dafcb2ca6f7191779332185c53e57e1a4185b5b438aa
f10c2ef28bc741f9ffd0a2eb720cc51407d45e6c6b4c5897cbc742ff9a8d590a
f1e25a67c85672b425315d6418b881db426ea8fe7b103f0f32dfa7bde1953472
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f40ef676d07c47cbb355c2dbb4f9014c8d9c7ac5d64ee38203674958abb0b3bd
f5024c8562f3a22835ff37215291695e61389d804a4e2ca943eece13960daeca
f8e49947d3547dba3e5bf18c2cefcc2dda7ff5f714e52f398b97d84887d1c586
fcf47517c3b2b996f0a78e5d794c30770fc45d1240a17f428177512cdab58376
fe31c3672f7d2135a661367f3114cc9e37a60eb368f0f1032c8f8f4cf80efcc4

www.stripes.com Open in urlscan Pro 3.33.168.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

349 Requests

97 %HTTPS

44 %IPv6

46 Domains

91 Subdomains

80 IPs

7 Countries

9219 kBTransfer

19308 kBSize

55 Cookies

62 Outgoing links

Redirected requests

349 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.stripes.com Open in urlscan Pro
3.33.168.159 Public Scan

Screenshot
Live screenshot

Full Image

349
Requests

97 %
HTTPS

44 %
IPv6

46
Domains

91
Subdomains

80
IPs

7
Countries

9219 kB
Transfer

19308 kB
Size

55
Cookies

349 HTTP transactions
7 data transactions