www.celestialseasonings.com Open in urlscan Pro
149.126.77.152 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Submission: On March 11 via manual (March 11th 2020, 11:46:47 am UTC) from US

Summary HTTP 87 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 23 domains to perform 87 HTTP transactions. The main IP is 149.126.77.152, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is www.celestialseasonings.com.

This is the only time www.celestialseasonings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	149.126.77.152 149.126.77.152	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
3 4	35.186.236.204 35.186.236.204	15169 (GOOGLE) (GOOGLE)
3	93.184.220.12 93.184.220.12	15133 (EDGECAST) (EDGECAST)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2 3	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1 2	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
5 8	172.217.18.166 172.217.18.166	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:190::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	91.228.74.203 91.228.74.203	27281 (QUANTCAST) (QUANTCAST)
2	34.208.178.19 34.208.178.19	16509 (AMAZON-02) (AMAZON-02)
1	52.4.47.144 52.4.47.144	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
10	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:214... 2600:9000:214f:1200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	23.210.248.189 23.210.248.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	91.228.74.217 91.228.74.217	27281 (QUANTCAST) (QUANTCAST)
1 2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	185.31.128.128 185.31.128.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
3 3	185.31.128.129 185.31.128.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
87	28

37 149.126.77.152 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.152.ip.incapdns.net

www.celestialseasonings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.hcgweb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.236.204 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com

mpp.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.220.12 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cache.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net

5450232.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.166 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net

5923702.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9050438.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:190::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.203 (United Kingdom) 1 redirects

ASN27281 (QUANTCAST, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.208.178.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-178-19.us-west-2.compute.amazonaws.com

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.47.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-47-144.compute-1.amazonaws.com

bidagent.xad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:1200:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.248.189 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-189.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.217 (United Kingdom) 1 redirects

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.31.128.128 (Netherlands) 1 redirects

ASN54312 (ROCKETFUEL, US)

20821036p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.66 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.31.128.129 (Netherlands) 3 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20821049p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	celestialseasonings.com www.celestialseasonings.com	4 MB
15	doubleclick.net 8 redirects 5450232.fls.doubleclick.net stats.g.doubleclick.net 5923702.fls.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net 9050438.fls.doubleclick.net	6 KB
10	facebook.com www.facebook.com	1 KB
7	vindicosuite.com 3 redirects mpp.vindicosuite.com cache.vindicosuite.com	4 KB
4	rfihub.com 4 redirects 20821036p.rfihub.com a.rfihub.com 20821049p.rfihub.com	5 KB
4	adnxs.com 1 redirects secure.adnxs.com ib.adnxs.com	4 KB
4	quantserve.com 2 redirects edge.quantserve.com pixel.quantserve.com	7 KB
4	facebook.net connect.facebook.net	368 KB
3	googletagmanager.com 1 redirects www.googletagmanager.com	69 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	884 B
2	pinterest.com ct.pinterest.com	642 B
2	google.com www.google.com adservice.google.com	219 B
2	quantcount.com 1 redirects rules.quantcount.com	777 B
2	yimg.com s.yimg.com	6 KB
2	rezync.com live.rezync.com	2 KB
2	pinimg.com s.pinimg.com	17 KB
2	googleapis.com ajax.googleapis.com	59 KB
1	google.de www.google.de	110 B
1	googleadservices.com www.googleadservices.com	10 KB
1	xad.com bidagent.xad.com	342 B
1	yahoo.com sp.analytics.yahoo.com	822 B
1	hcgweb.net resources.hcgweb.net	1 KB
87	23

	Domain	Requested by
36	www.celestialseasonings.com	www.celestialseasonings.com
10	www.facebook.com	www.celestialseasonings.com
6	5923702.fls.doubleclick.net	3 redirects www.googletagmanager.com
4	connect.facebook.net	www.celestialseasonings.com connect.facebook.net
4	mpp.vindicosuite.com	3 redirects www.celestialseasonings.com
3	www.googletagmanager.com	1 redirects www.celestialseasonings.com www.googletagmanager.com
3	www.google-analytics.com	2 redirects www.celestialseasonings.com
3	cache.vindicosuite.com	www.celestialseasonings.com
2	9050438.fls.doubleclick.net	2 redirects
2	ib.adnxs.com	www.celestialseasonings.com
2	pixel.rubiconproject.com	2 redirects
2	a.rfihub.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	secure.adnxs.com	1 redirects www.celestialseasonings.com
2	pixel.quantserve.com	1 redirects www.celestialseasonings.com
2	ct.pinterest.com	s.pinimg.com www.celestialseasonings.com
2	rules.quantcount.com	1 redirects www.celestialseasonings.com
2	s.yimg.com	www.celestialseasonings.com s.yimg.com
2	live.rezync.com	www.googletagmanager.com
2	edge.quantserve.com	1 redirects www.celestialseasonings.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	stats.g.doubleclick.net	www.celestialseasonings.com
2	5450232.fls.doubleclick.net	1 redirects www.celestialseasonings.com
2	ajax.googleapis.com	www.celestialseasonings.com
1	20821049p.rfihub.com	1 redirects
1	adservice.google.com	www.celestialseasonings.com
1	20821036p.rfihub.com	1 redirects
1	www.google.de	www.celestialseasonings.com
1	www.google.com	www.celestialseasonings.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	bidagent.xad.com	www.celestialseasonings.com
1	sp.analytics.yahoo.com	www.celestialseasonings.com
1	resources.hcgweb.net	www.celestialseasonings.com
87	34

This site contains links to these domains. Also see Links.

Domain
shop.celestialseasonings.com
www.facebook.com
twitter.com
pinterest.com
instagram.com

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.vindicosuite.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-21`	3 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-06` - `2020-04-03`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.rezync.com Amazon	`2019-12-12` - `2021-01-12`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-02-25` - `2020-04-10`	a month	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Frame ID: B1C3AEA2501EF917CDF8FAF2B6234D8E
Requests: 83 HTTP requests in this frame

Frame: https://5450232.fls.doubleclick.net/activityi;dc_pre=CN-x98qskugCFQy-dwodP_MO8g;src=5450232;type=;cat=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8961948681505.076
Frame ID: A87D930054CDFC0CC6C6ACCF4059C885
Requests: 1 HTTP requests in this frame

Frame: http://5923702.fls.doubleclick.net/activityi;dc_pre=CNLw-sqskugCFRRFGwodAo4Esg;src=5923702;type=gener0;cat=endtc0;ord=9258098330568;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic
Frame ID: 8715508451A7E2B8D951D334005BDD66
Requests: 1 HTTP requests in this frame

Frame: http://5923702.fls.doubleclick.net/activityi;dc_pre=COX2-sqskugCFQ4aGwodZL4DGg;src=5923702;type=gener0;cat=endtc00;ord=1;num=7970097441750;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic
Frame ID: 4FCAE32077BA75879DDF71D4B06B37FB
Requests: 1 HTTP requests in this frame

Frame: http://5923702.fls.doubleclick.net/activityi;dc_pre=COL0-sqskugCFddsGwodKtsNKA;src=5923702;type=gener0;cat=endtc005;ord=5419408302199;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic
Frame ID: 9C75B493CD6053FBCA2AD494847089CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

87
Requests

51 %
HTTPS

45 %
IPv6

23
Domains

34
Subdomains

28
IPs

8
Countries

4583 kB
Transfer

6430 kB
Size

10
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://shop.celestialseasonings.com/
Title: Buy Online

Search URL Search Domain Scan URL

URL: http://shop.celestialseasonings.com/Sleepytime-Herbal-Tea/p/CEL-000034&c=CelestialSeasonings@Sleepytime
Title: Buy online › Free shipping over $49!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CelestialSeasonings
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/CelestialTea
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/celestialtea
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://instagram.com/celestialtea/
Title: Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

http://mpp.vindicosuite.com/conv/v=5;m=1;t=21169;ts=%3Ctimestamp_here%3E HTTP 302
https://cache.vindicosuite.com/creative/blank.gif

Request Chain 22

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 26

http://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS

Request Chain 27

https://5450232.fls.doubleclick.net/activityi;src=5450232;type=;cat=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8961948681505.076 HTTP 302
https://5450232.fls.doubleclick.net/activityi;dc_pre=CN-x98qskugCFQy-dwodP_MO8g;src=5450232;type=;cat=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8961948681505.076

Request Chain 30

http://www.google-analytics.com/r/collect?v=1&_v=j81&a=1245666250&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&ul=en-us&de=UTF-8&dt=Sleepytime%20Classic%20%7C%20Celestial%20Seasonings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1964351838&gjid=877626902&cid=1005166168.1583927188&tid=UA-18223010-7&_gid=350612380.1583927188&_r=1&z=510403098 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1245666250&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&ul=en-us&de=UTF-8&dt=Sleepytime%20Classic%20%7C%20Celestial%20Seasonings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1964351838&gjid=877626902&cid=1005166168.1583927188&tid=UA-18223010-7&_gid=350612380.1583927188&_r=1&z=510403098 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18223010-7&cid=1005166168.1583927188&jid=1964351838&_gid=350612380.1583927188&gjid=877626902&_v=j81&z=510403098

Request Chain 31

http://5923702.fls.doubleclick.net/activityi;src=5923702;type=gener0;cat=endtc0;ord=9258098330568;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic HTTP 302
http://5923702.fls.doubleclick.net/activityi;dc_pre=CNLw-sqskugCFRRFGwodAo4Esg;src=5923702;type=gener0;cat=endtc0;ord=9258098330568;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic

Request Chain 32

http://5923702.fls.doubleclick.net/activityi;src=5923702;type=gener0;cat=endtc00;ord=1;num=7970097441750;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic HTTP 302
http://5923702.fls.doubleclick.net/activityi;dc_pre=COX2-sqskugCFQ4aGwodZL4DGg;src=5923702;type=gener0;cat=endtc00;ord=1;num=7970097441750;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic

Request Chain 33

http://5923702.fls.doubleclick.net/activityi;src=5923702;type=gener0;cat=endtc005;ord=5419408302199;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic HTTP 302
http://5923702.fls.doubleclick.net/activityi;dc_pre=COL0-sqskugCFddsGwodKtsNKA;src=5923702;type=gener0;cat=endtc005;ord=5419408302199;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic

Request Chain 35

http://edge.quantserve.com/quant.js HTTP 301
https://edge.quantserve.com/quant.js

Request Chain 39

http://mpp.vindicosuite.com/mpp/?y=2&t=i&tp=1&clid=22511&pixid=99104829&rnd=%3Ctimestamp_here%3E&gtmcb=1792402522 HTTP 302
https://cache.vindicosuite.com/creative/blank.gif

Request Chain 40

http://www.google-analytics.com/r/collect?v=1&_v=j81&a=1245666250&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&ul=en-us&de=UTF-8&dt=Sleepytime%20Classic%20%7C%20Celestial%20Seasonings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEAB~&jid=531636541&gjid=1691612138&cid=257844941.1583927188&tid=UA-18223010-7&_gid=243709535.1583927188&_r=1&gtm=2wg2q2WNH9SS&z=180341803 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1245666250&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&ul=en-us&de=UTF-8&dt=Sleepytime%20Classic%20%7C%20Celestial%20Seasonings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEAB~&jid=531636541&gjid=1691612138&cid=257844941.1583927188&tid=UA-18223010-7&_gid=243709535.1583927188&_r=1&gtm=2wg2q2WNH9SS&z=180341803 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18223010-7&cid=257844941.1583927188&jid=531636541&_gid=243709535.1583927188&gjid=1691612138&_v=j81&z=180341803

Request Chain 41

http://mpp.vindicosuite.com/mpp/?y=2&t=i&tp=1&clid=22511&pixid=99104829&rnd=%3Ctimestamp_here%3E HTTP 302
https://cache.vindicosuite.com/creative/blank.gif

Request Chain 59

http://rules.quantcount.com/rules-p-XzzL7DN7M4HTd.js HTTP 301
https://rules.quantcount.com/rules-p-XzzL7DN7M4HTd.js

Request Chain 78

http://pixel.quantserve.com/pixel;r=1589012343;labels=_fp.event.Product%20Details;rf=0;a=p-XzzL7DN7M4HTd;url=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic;fpan=1;fpa=P0-1889456282-1583927188234;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1583927188234;tzo=-60;ogl= HTTP 301
https://pixel.quantserve.com/pixel;r=1589012343;labels=_fp.event.Product%20Details;rf=0;a=p-XzzL7DN7M4HTd;url=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic;fpan=1;fpa=P0-1889456282-1583927188234;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1583927188234;tzo=-60;ogl=

Request Chain 79

https://secure.adnxs.com/seg?add=16554065&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16554065%26t%3D2

Request Chain 80

https://20821036p.rfihub.com/ca.gif?rb=40316&ca=20821036&ra=YOUR_CUSTOM_CACHE_BUSTER&_o=40316&_t=20821036 HTTP 302
https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTU4MjI0MTIxNzM2NDMzMzcyNw==&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D1582241217364333727%26expires%3D30%26next%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D1582241217364333727https%25253A%25252F%25252Fdsum-sec.casalemedia.com%25252Frum%25253Fcm_dsp_id%25253D57%252526external_user_id%25253D1582241217364333727%252526forward%25253D HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D1582241217364333727%26expires%3D30%26next%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D1582241217364333727https%25253A%25252F%25252Fdsum-sec.casalemedia.com%25252Frum%25253Fcm_dsp_id%25253D57%252526external_user_id%25253D1582241217364333727%252526forward%25253D&google_gid=CAESEOGQPLnidnvqL4o5VeJL5dI&google_cver=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1582241217364333727&expires=30&next=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D1582241217364333727https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D57%2526external_user_id%253D1582241217364333727%2526forward%253D HTTP 302
https://ib.adnxs.com/setuid?entity=18&code=1582241217364333727https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D57%26external_user_id%3D1582241217364333727%26forward%3D

Request Chain 81

https://9050438.fls.doubleclick.net/activity;src=9050438;type=invmedia;cat=celes00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://9050438.fls.doubleclick.net/activity;dc_pre=CLz-psuskugCFdfgGwod5lQAlA;src=9050438;type=invmedia;cat=celes00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CLz-psuskugCFdfgGwod5lQAlA;src=9050438;type=invmedia;cat=celes00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 82

https://20821049p.rfihub.com/ca.gif?rb=40316&ca=20821049&ra=YOUR_CUSTOM_CACHE_BUSTER&_o=40316&_t=20821049 HTTP 302
https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTA0MTI0NjMzNDU1MzU1NTEyNg==&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D1041246334553555126%26expires%3D30%26next%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D1041246334553555126https%25253A%25252F%25252Fdsum-sec.casalemedia.com%25252Frum%25253Fcm_dsp_id%25253D57%252526external_user_id%25253D1041246334553555126%252526forward%25253D HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D1041246334553555126%26expires%3D30%26next%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D1041246334553555126https%25253A%25252F%25252Fdsum-sec.casalemedia.com%25252Frum%25253Fcm_dsp_id%25253D57%252526external_user_id%25253D1041246334553555126%252526forward%25253D&google_gid=CAESEOGQPLnidnvqL4o5VeJL5dI&google_cver=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1041246334553555126&expires=30&next=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D1041246334553555126https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D57%2526external_user_id%253D1041246334553555126%2526forward%253D HTTP 302
https://ib.adnxs.com/setuid?entity=18&code=1041246334553555126https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D57%26external_user_id%3D1041246334553555126%26forward%3D

87 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set sleepytime-classic Show response
www.celestialseasonings.com/products/herbal/ 145 KB
34 KB 627ms
597ms Document
text/html 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

HTTP/1.1

Server

149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.152.ip.incapdns.net

Software

Apache/2.2.3 (CentOS) / PHP/5.4.45

Resource Hash

ef04efcc33d1cddfcc199149e3c62a6871a9f2649f8f951abf9cab2f33c66dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff

Request headers

Host: www.celestialseasonings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Content-Type-Options: nosniff nosniff
X-Powered-By: PHP/5.4.45
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Language: en
X-Generator: Drupal 7 (http://drupal.org)
Link: <http://www.celestialseasonings.com/products/herbal/sleepytime-classic>; rel="canonical",<http://www.celestialseasonings.com/node/817>; rel="shortlink"
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Set-Cookie: visid_incap_478773=vez1AmqVR6aMEksldEDlDJHPaF4AAAAAQUIPAAAAAADE1g8EvOUgXWK3/VtyUGrl; expires=Thu, 11 Mar 2021 07:27:02 GMT; HttpOnly; path=/; Domain=.celestialseasonings.com nlbi_478773=J5jWFXL2WxdXhU/OShG7pQAAAACHMxaFOKuwnJlXDO3u/K16; path=/; Domain=.celestialseasonings.com incap_ses_536_478773=eCWaZmBdnmaVbXKb6EdwB5HPaF4AAAAA+SwFENu6TgQ1zWyx8bUXeQ==; path=/; Domain=.celestialseasonings.com ___utmvmXauyosE=fcDFoMDuucY; path=/; Max-Age=900 ___utmvaXauyosE=pMdutge; path=/; Max-Age=900 ___utmvbXauyosE=dZK XcAOialW: otH; path=/; Max-Age=900
X-CDN: Incapsula
Content-Encoding: gzip
X-Iinfo: 10-33094038-33094040 NNYN CT(128 -1 0) RT(1583927185374 1) q(0 0 2 0) r(6 6) U18

GET
H/1.1 200
OK system.base.css
www.celestialseasonings.com/modules/system/ 3 KB
2 KB 16ms
10ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/modules/system/system.base.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 9b884a660da6f9d4c557eeebb2d54b4d04de26468ea3f2c8d3af5165e329b05d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2017 18:44:49 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 8-14198159-0 0CNN RT(1583927186231 0) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=727671, public
Content-Length: 1045
Expires: Thu, 19 Mar 2020 21:54:17 GMT

GET
H/1.1 200
OK date.css
www.celestialseasonings.com/sites/all/modules/date/date_api/ 3 KB
2 KB 15ms
9ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/modules/date/date_api/date.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 31f098fc5be101d522594a2c6c7ae736aa94d4ddccd70696fa5fda7550d38380

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2015 15:02:29 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 0) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25354, public
Content-Length: 841
Expires: Wed, 11 Mar 2020 18:49:00 GMT

GET
H/1.1 200
OK ctools.css
www.celestialseasonings.com/sites/all/modules/ctools/css/ 439 B
1 KB 16ms
10ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/modules/ctools/css/ctools.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: a61437b7ab10f7fa75b43c3a1a433ca0f6b7083ce43da21285c791fc0da82227

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 May 2014 15:12:33 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 2-11515916-0 0CNN RT(1583927186231 1) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25354, public
Content-Length: 231
Expires: Wed, 11 Mar 2020 18:49:00 GMT

GET
H/1.1 200
OK system.menus.css
www.celestialseasonings.com/modules/system/ 1 KB
1 KB 15ms
8ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/modules/system/system.menus.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 7161f9a7a69c873ab8debe586c93b254a41c916c7809e7b24125796133bdd034

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 May 2014 15:12:20 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 4-23544843-0 0CNN RT(1583927186233 0) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25353, public
Content-Length: 514
Expires: Wed, 11 Mar 2020 18:48:59 GMT

GET
H/1.1 200
OK system.messages.css
www.celestialseasonings.com/modules/system/ 735 B
1 KB 15ms
9ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/modules/system/system.messages.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 833ca5114ed0193dbb09879b437f1f34cfaa58be677a96d84b40ad78d11dc1c3

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 May 2014 15:12:20 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 0-4195695-0 0CNN RT(1583927186233 0) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=727671, public
Content-Length: 305
Expires: Thu, 19 Mar 2020 21:54:17 GMT

GET
H/1.1 200
OK system.theme.css
www.celestialseasonings.com/modules/system/ 2 KB
2 KB 23ms
8ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/modules/system/system.theme.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: d074ea92effb73eec2b042be500c19e7eab4aec9bf7e8656ce77369dd359a0c6

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 May 2014 15:12:20 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 10) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25354, public
Content-Length: 915
Expires: Wed, 11 Mar 2020 18:49:00 GMT

GET
H/1.1 200
OK field.css
www.celestialseasonings.com/modules/field/theme/ 418 B
1020 B 26ms
10ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/modules/field/theme/field.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 0d35a144d5f1ec7545b39c2c7d627cc524e91d87e7019f5b6259274afa5f63ae

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 May 2014 15:12:22 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 8-14198159-0 0CNN RT(1583927186231 12) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=727672, public
Content-Length: 184
Expires: Thu, 19 Mar 2020 21:54:18 GMT

GET
H/1.1 200
OK node.css
www.celestialseasonings.com/modules/node/ 119 B
937 B 23ms
8ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/modules/node/node.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 3a1b0fc9ca13614d4daea01dfe033be9fa630b2d92fc3ca6d79e42aba3f24fd4

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 May 2014 15:12:23 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 2-11515916-0 0CNN RT(1583927186231 11) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=727672, public
Content-Length: 101
Expires: Thu, 19 Mar 2020 21:54:18 GMT

GET
H/1.1 200
OK picture_wysiwyg.css
www.celestialseasonings.com/sites/all/modules/picture/ 318 B
995 B 23ms
8ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/modules/picture/picture_wysiwyg.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 31dc3edabb9080de7c263f3b572f90287528b8ef8db0d5ccc675ed214b1c3af4

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2015 15:02:28 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 4-23544843-0 0CNN RT(1583927186233 9) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25354, public
Content-Length: 161
Expires: Wed, 11 Mar 2020 18:49:00 GMT

GET
H/1.1 200
OK search.css
www.celestialseasonings.com/modules/search/ 421 B
1 KB 24ms
8ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/modules/search/search.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 004558b2b0c1e5631c22e5043cf90645efa3ba4a019fde777887484ce82cf3bf

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 May 2014 15:12:21 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 0-4195695-0 0CNN RT(1583927186233 9) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25354, public
Content-Length: 195
Expires: Wed, 11 Mar 2020 18:49:00 GMT

GET
H/1.1 200
OK user.css
www.celestialseasonings.com/modules/user/ 1 KB
1 KB 32ms
7ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/modules/user/user.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 1db0396fabcf67c6bfabe93d1a6ac3435e4bd3e2c508472fa13d89dda2931a1e

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 May 2014 15:12:24 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 20) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25354, public
Content-Length: 525
Expires: Wed, 11 Mar 2020 18:49:00 GMT

GET
H/1.1 200
OK views.css
www.celestialseasonings.com/sites/all/modules/views/css/ 509 B
1 KB 33ms
8ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/modules/views/css/views.css?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 3815d1867e1fe262308f339b0dd2f1fd59ca639a502ec0a9452399f906b6718a

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2016 22:50:22 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 2-11515916-0 0CNN RT(1583927186231 21) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25354, public
Content-Length: 230
Expires: Wed, 11 Mar 2020 18:49:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
30 KB 19ms
8ms Script
text/javascript 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Feb 2020 01:12:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1334037
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29725
X-XSS-Protection: 0
Expires: Wed, 24 Feb 2021 01:12:30 GMT

GET
H/1.1 200
OK jquery.once.js Show response
www.celestialseasonings.com/misc/ 466 B
607 B 9ms
8ms Script
application/x-javascript 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/misc/jquery.once.js?v=1.2
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: b105ea919a03bbb57b02fa705661ad8a4cb4b34ab8b4fd8be5e083dbc042f2c5

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 May 2014 15:12:43 GMT
X-CDN: Incapsula
Content-Type: application/x-javascript
X-Iinfo: 2-11515916-0 0CNN RT(1583927186231 374) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25354, public
Content-Length: 252
Expires: Wed, 11 Mar 2020 18:49:00 GMT

GET
H/1.1 200
OK drupal.js Show response
www.celestialseasonings.com/misc/ 5 KB
2 KB 9ms
9ms Script
application/x-javascript 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/misc/drupal.js?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 1dc64b0c2558c520047786608c62a39ff311854e104225a8d0d62f03f5663dfe

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2015 15:02:38 GMT
X-CDN: Incapsula
Content-Type: application/x-javascript
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 375) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=727671, public
Content-Length: 2053
Expires: Thu, 19 Mar 2020 21:54:17 GMT

GET
H/1.1 200
OK mailform_v2.js Show response
resources.hcgweb.net/rtags/js/ 571 B
1 KB 75ms
27ms Script
application/x-javascript 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.hcgweb.net/rtags/js/mailform_v2.js?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 80854f8660aca53994871df3707c38d75707ae134b7733d735031b5a503d931a

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 19:17:32 GMT
X-CDN: Incapsula
Content-Type: application/x-javascript
X-Iinfo: 3-16498622-16446622 2CNN RT(1583927186653 0) q(0 0 0 0) r(0 0)
Cache-Control: max-age=84468, public
Content-Length: 278
Expires: Thu, 12 Mar 2020 11:14:14 GMT

GET
H/1.1 200
OK googleanalytics.js Show response
www.celestialseasonings.com/sites/all/modules/google_analytics/ 3 KB
1 KB 9ms
8ms Script
application/x-javascript 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/modules/google_analytics/googleanalytics.js?p23rnl
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: b906eabbebdb01037ceeace864545d31d1da5dfd359d7547c0c5535aa2d08250

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2015 17:18:57 GMT
X-CDN: Incapsula
Content-Type: application/x-javascript
X-Iinfo: 8-14198159-0 0CNN RT(1583927186231 374) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25354, public
Content-Length: 822
Expires: Wed, 11 Mar 2020 18:49:00 GMT

GET
H/1.1 200
OK flexslider.css
www.celestialseasonings.com/sites/all/modules/woocommerce-FlexSlider-0690ec2/ 7 KB
2 KB 8ms
8ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/modules/woocommerce-FlexSlider-0690ec2/flexslider.css
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: a32de391724acfeabb9e2f11cdd3c87ef10199c750f9fd16ea0b0c85f1166c8a

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 May 2017 18:58:40 GMT
X-CDN: Incapsula
Etag: "12847069"
Content-Type: text/css
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 496) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25354, public
Content-Length: 1568
Expires: Wed, 11 Mar 2020 18:49:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 23 Jan 2020 18:37:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4122527
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jan 2021 18:37:40 GMT

GET
H/1.1 200
OK jquery.flexslider.js Show response
www.celestialseasonings.com/sites/all/modules/woocommerce-FlexSlider-0690ec2/ 31 KB
8 KB 9ms
8ms Script
application/x-javascript 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/modules/woocommerce-FlexSlider-0690ec2/jquery.flexslider.js
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 8b77a177598cdb67ff5bfd0dc942dbddd8760a72f3d828750154aaac56b91309

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 May 2017 17:40:36 GMT
X-CDN: Incapsula
Etag: "272490ff"
Content-Type: application/x-javascript
X-Iinfo: 8-14198159-0 0CNN RT(1583927186231 496) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=727671, public
Content-Length: 7358
Expires: Thu, 19 Mar 2020 21:54:17 GMT

GET
H2

200

blank.gif
cache.vindicosuite.com/creative/
Redirect Chain

http://mpp.vindicosuite.com/conv/v=5;m=1;t=21169;ts=%3Ctimestamp_here%3E
https://cache.vindicosuite.com/creative/blank.gif

49 B
148 B

9ms
8ms

Image
image/gif

93.184.220.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.vindicosuite.com/creative/blank.gif
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.12 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 11:46:30 GMT
last-modified: Mon, 15 May 2017 18:51:23 GMT
server: ECS (fcn/41A4)
age: 135936
etag: "2426206463"
x-cache: HIT
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 49
expires: Wed, 18 Mar 2020 11:46:30 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 11:46:30 GMT
Via: 1.1 google
Server: 100d7c5a1aa62b9ec933124e58dcf93eaa246ced9ddcba9d0f2d1a0ff1a829a9
Location: https://cache.vindicosuite.com/creative/blank.gif
Access-Control-Allow-Methods: GET, HEAD, POST, TRACE, OPTIONS
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
Access-Control-Allow-Origin: *
Cache-Control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
Content-Type: text/html;charset=ISO-8859-1
Access-Control-Allow-Headers: Content-Type
Content-Length: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
822 B 175ms
106ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001546260051&.yp=423232

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Wed, 11 Mar 2020 11:46:27 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

44 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6857
date: Wed, 11 Mar 2020 09:52:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 11 Mar 2020 11:52:10 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK celestial-seasonings.png
www.celestialseasonings.com/sites/all/themes/cs2015/assets/img/ 13 KB
14 KB 8ms
7ms Image
image/png 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/img/celestial-seasonings.png
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 0d641dd13e8b30c76414713a749f62f36d4ee81391b764725b02abe529ca9fd5

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Last-Modified: Tue, 13 Sep 2016 21:34:17 GMT
X-CDN: Incapsula
Etag: "00194e3d"
Content-Type: image/png
X-Iinfo: 8-14198159-0 0CNN RT(1583927186231 512) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=727671, public
Content-Length: 13618
Expires: Thu, 19 Mar 2020 21:54:17 GMT

GET
H/1.1 200
OK ST_3D_lg.png
www.celestialseasonings.com/sites/celestialseasonings.com/files/product/ 1 MB
1 MB 9ms
9ms Image
image/png 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/sites/celestialseasonings.com/files/product/ST_3D_lg.png
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: e4a0b4e81cc603766e094e15f6002c35505f9ea4eb05d1adbc7f6dead6de09c6

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Last-Modified: Tue, 04 Sep 2018 17:10:02 GMT
X-CDN: Incapsula
Etag: "c940f8b6"
Content-Type: image/png
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 512) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=695434, public
Content-Length: 1281771
Expires: Thu, 19 Mar 2020 12:57:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: CATpyjyH3XesWSH9vbnwDq4caTLqMMMlyy5d/sxNQSCp5rZfkLbIuGVYKHmNXmqbw3f7MUFsWSBk9ObBi2nBzw==
x-fb-trip-id: 420120009
date: Wed, 11 Mar 2020 11:46:27 GMT, Wed, 11 Mar 2020 11:46:27 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS
https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS

150 KB
41 KB

16ms
15ms

Script
application/javascript

2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7296f93ce6b444bbd1ae8e383258b52bc1565d3a960c85d435d5f8367e3df68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41544
x-xss-protection: 0
last-modified: Wed, 11 Mar 2020 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Mar 2020 11:46:27 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS
Date: Wed, 11 Mar 2020 11:46:27 GMT
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

activityi;dc_pre=CN-x98qskugCFQy-dwodP_MO8g;src=5450232;type=;cat=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8961948681505.076
5450232.fls.doubleclick.net/ Frame A87D
Redirect Chain

https://5450232.fls.doubleclick.net/activityi;src=5450232;type=;cat=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8961948681505.076?
https://5450232.fls.doubleclick.net/activityi;dc_pre=CN-x98qskugCFQy-dwodP_MO8g;src=5450232;type=;cat=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8961948681505.076?

0
0

19ms
18ms

Document
text/html

172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5450232.fls.doubleclick.net/activityi;dc_pre=CN-x98qskugCFQy-dwodP_MO8g;src=5450232;type=;cat=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8961948681505.076?

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5450232.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CN-x98qskugCFQy-dwodP_MO8g;src=5450232;type=;cat=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8961948681505.076?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 11 Mar 2020 11:46:27 GMT
expires: Wed, 11 Mar 2020 11:46:27 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 311
x-xss-protection: 0
set-cookie: IDE=AHWqTUnlsvPlvvPciQt33-e4FM9LiOs8-pJ4_QNIE3PdPV3MgBksg2uNteIv8YRD; expires=Mon, 05-Apr-2021 11:46:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 11 Mar 2020 11:46:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5450232.fls.doubleclick.net/activityi;dc_pre=CN-x98qskugCFQy-dwodP_MO8g;src=5450232;type=;cat=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8961948681505.076?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Mar-2020 12:01:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK / Show response
mpp.vindicosuite.com/mpp/ 2 B
816 B 110ms
104ms Script
application/javascript 35.186.236.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://mpp.vindicosuite.com/mpp/?y=2&t=j&tp=1&clid=22511&pixid=99089258&rnd=%3Ctimestamp_here%3E&u=http%3A//www.celestialseasonings.com/products/herbal/sleepytime-classic&r=
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 35.186.236.204 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.236.186.35.bc.googleusercontent.com
Software: 5510ed3541d838c4631f54134077d59494a997038b9ec86d1c60d6d9fe5e977c /
Resource Hash: e16f1596201850fd4a63680b27f603cb64e67176159be3d8ed78a4403fdb1700

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 11:46:27 GMT
Via: 1.1 google
Server: 5510ed3541d838c4631f54134077d59494a997038b9ec86d1c60d6d9fe5e977c
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, POST, TRACE, OPTIONS
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
Access-Control-Allow-Origin: *
Cache-Control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: Content-Type
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 1513119858986926 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 88ms
88ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1513119858986926?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4828864e77a9e999a2d8650d7251c6ce91389c697a21ac1527250a59a72efe5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: BAD5VPAqMQcdWHhF/QT3TWtuNOlHXzP+u4AQ1o0D50niOZ7pq8l/Reh2TMWJC0tjGQit9rrfH8YpG4qFSCjk3A==
x-fb-trip-id: 420120009
date: Wed, 11 Mar 2020 11:46:27 GMT, Wed, 11 Mar 2020 11:46:27 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j81&a=1245666250&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&ul=en-us&de=UTF-8&dt=Sleepytim...
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1245666250&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&ul=en-us&de=UTF-8&dt=Sleepyti...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18223010-7&cid=1005166168.1583927188&jid=1964351838&_gid=350612380.1583927188&gjid=877626902&_v=j81&z=510403098

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18223010-7&cid=1005166168.1583927188&jid=1964351838&_gid=350612380.1583927188&gjid=877626902&_v=j81&z=510403098

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 11 Mar 2020 11:46:27 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Mar 2020 11:46:27 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18223010-7&cid=1005166168.1583927188&jid=1964351838&_gid=350612380.1583927188&gjid=877626902&_v=j81&z=510403098
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

activityi;dc_pre=CNLw-sqskugCFRRFGwodAo4Esg;src=5923702;type=gener0;cat=endtc0;ord=9258098330568;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2F...
5923702.fls.doubleclick.net/ Frame 8715
Redirect Chain

http://5923702.fls.doubleclick.net/activityi;src=5923702;type=gener0;cat=endtc0;ord=9258098330568;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2...
http://5923702.fls.doubleclick.net/activityi;dc_pre=CNLw-sqskugCFRRFGwodAo4Esg;src=5923702;type=gener0;cat=endtc0;ord=9258098330568;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.ce...

0
0

17ms
16ms

Document
text/html

172.217.18.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://5923702.fls.doubleclick.net/activityi;dc_pre=CNLw-sqskugCFRRFGwodAo4Esg;src=5923702;type=gener0;cat=endtc0;ord=9258098330568;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS

Protocol

HTTP/1.1

Server

172.217.18.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: 5923702.fls.doubleclick.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Wed, 11 Mar 2020 11:46:27 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 413
X-XSS-Protection: 0

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Wed, 11 Mar 2020 11:46:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://5923702.fls.doubleclick.net/activityi;dc_pre=CNLw-sqskugCFRRFGwodAo4Esg;src=5923702;type=gener0;cat=endtc0;ord=9258098330568;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0

GET
H/1.1

200
OK

activityi;dc_pre=COX2-sqskugCFQ4aGwodZL4DGg;src=5923702;type=gener0;cat=endtc00;ord=1;num=7970097441750;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fprod...
5923702.fls.doubleclick.net/ Frame 4FCA
Redirect Chain

http://5923702.fls.doubleclick.net/activityi;src=5923702;type=gener0;cat=endtc00;ord=1;num=7970097441750;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fpro...
http://5923702.fls.doubleclick.net/activityi;dc_pre=COX2-sqskugCFQ4aGwodZL4DGg;src=5923702;type=gener0;cat=endtc00;ord=1;num=7970097441750;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2...

0
0

18ms
17ms

Document
text/html

172.217.18.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://5923702.fls.doubleclick.net/activityi;dc_pre=COX2-sqskugCFQ4aGwodZL4DGg;src=5923702;type=gener0;cat=endtc00;ord=1;num=7970097441750;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS

Protocol

HTTP/1.1

Server

172.217.18.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: 5923702.fls.doubleclick.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Wed, 11 Mar 2020 11:46:27 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 418
X-XSS-Protection: 0

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Wed, 11 Mar 2020 11:46:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://5923702.fls.doubleclick.net/activityi;dc_pre=COX2-sqskugCFQ4aGwodZL4DGg;src=5923702;type=gener0;cat=endtc00;ord=1;num=7970097441750;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0

GET
H/1.1

200
OK

activityi;dc_pre=COL0-sqskugCFddsGwodKtsNKA;src=5923702;type=gener0;cat=endtc005;ord=5419408302199;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%...
5923702.fls.doubleclick.net/ Frame 9C75
Redirect Chain

http://5923702.fls.doubleclick.net/activityi;src=5923702;type=gener0;cat=endtc005;ord=5419408302199;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts...
http://5923702.fls.doubleclick.net/activityi;dc_pre=COL0-sqskugCFddsGwodKtsNKA;src=5923702;type=gener0;cat=endtc005;ord=5419408302199;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww....

0
0

22ms
21ms

Document
text/html

172.217.18.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://5923702.fls.doubleclick.net/activityi;dc_pre=COL0-sqskugCFddsGwodKtsNKA;src=5923702;type=gener0;cat=endtc005;ord=5419408302199;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS

Protocol

HTTP/1.1

Server

172.217.18.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: 5923702.fls.doubleclick.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Wed, 11 Mar 2020 11:46:27 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 414
X-XSS-Protection: 0

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Wed, 11 Mar 2020 11:46:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://5923702.fls.doubleclick.net/activityi;dc_pre=COL0-sqskugCFddsGwodKtsNKA;src=5923702;type=gener0;cat=endtc005;ord=5419408302199;gtm=2wg2q2;auiddc=1906144446.1583927188;~oref=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
729 B 162ms
150ms Script
application/javascript 2a02:26f0:6c00:190::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:190::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: a8a5c752f8ae0c033572453cbb3240ca9047eae565ea1f3df7cb1ea67e9984d9

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "fdf03ac619d384023432225dbd221b25"
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=7200
x-fallback: 3578417-2.16.187.29
accept-ranges: bytes
content-length: 563

GET
H/1.1

200
OK

quant.js Show response
edge.quantserve.com/
Redirect Chain

http://edge.quantserve.com/quant.js
https://edge.quantserve.com/quant.js

13 KB
6 KB

99ms
74ms

Script
application/x-javascript

91.228.74.203
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.quantserve.com/quant.js

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.203 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11-Mar-2020 11:46:27 GMT
Server: QS
Etag: M0-56c8c653
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Wed, 18 Mar 2020 11:46:27 GMT

Redirect headers

Location: https://edge.quantserve.com/quant.js
Date: Wed, 11 Mar 2020 11:46:27 GMT
Cache-Control: private, no-transform, max-age=86400
Server: QS
Connection: keep-alive
Content-Length: 0
Expires: Thu, 12 Mar 2020 11:46:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1015057431

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c06dce75cf7c9510ab0eb4618ea50d43ca632cbb8776003d38b01a3c7113f3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28487
x-xss-protection: 0
last-modified: Wed, 11 Mar 2020 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Mar 2020 11:46:27 GMT

GET
H/1.1 200
OK sync Show response
live.rezync.com/ 395 B
1012 B 712ms
179ms Script
application/javascript 34.208.178.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2b61d3ba534e761302b23b2fb43b0717&k=landing_page
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.178.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-178-19.us-west-2.compute.amazonaws.com
Software: lighttpd/1.4.33 /
Resource Hash: 795c7939352472a3ee22eed91983ee599b67000368e49fd514927f4b53a766a3

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 11 Mar 2020 11:46:28 GMT
Server: lighttpd/1.4.33
Connection: keep-alive
Content-Length: 395
content-type: application/javascript

GET
H/1.1 200
OK sync Show response
live.rezync.com/ 149 B
766 B 740ms
187ms Script
application/javascript 34.208.178.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2b61d3ba534e761302b23b2fb43b0717&k=celestial-seasonings-sleepytime-lp
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNH9SS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.178.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-178-19.us-west-2.compute.amazonaws.com
Software: lighttpd/1.4.33 /
Resource Hash: 480e8097f28392aba36d52edd3b1688a3b30785da90affb587fd339fcbd1cbfa

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 11 Mar 2020 11:46:28 GMT
Server: lighttpd/1.4.33
Connection: keep-alive
Content-Length: 149
content-type: application/javascript

GET
H2

200

blank.gif
cache.vindicosuite.com/creative/
Redirect Chain

http://mpp.vindicosuite.com/mpp/?y=2&t=i&tp=1&clid=22511&pixid=99104829&rnd=%3Ctimestamp_here%3E&gtmcb=1792402522
https://cache.vindicosuite.com/creative/blank.gif

49 B
221 B

30ms
7ms

Image
image/gif

93.184.220.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.vindicosuite.com/creative/blank.gif
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.12 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT
last-modified: Mon, 15 May 2017 18:51:23 GMT
server: ECS (fcn/41A4)
age: 135933
etag: "2426206463"
x-cache: HIT
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 49
expires: Wed, 18 Mar 2020 11:46:27 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 11:46:27 GMT
Via: 1.1 google
Server: 649ed602c418575d0c5a322423c9132754450096807635440d867d55f1da2850
Location: https://cache.vindicosuite.com/creative/blank.gif
Access-Control-Allow-Methods: GET, HEAD, POST, TRACE, OPTIONS
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
Access-Control-Allow-Origin: *
Cache-Control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
Content-Type: text/html;charset=ISO-8859-1
Access-Control-Allow-Headers: Content-Type
Content-Length: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j81&a=1245666250&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&ul=en-us&de=UTF-8&dt=Sleepytim...
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1245666250&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&ul=en-us&de=UTF-8&dt=Sleepyti...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18223010-7&cid=257844941.1583927188&jid=531636541&_gid=243709535.1583927188&gjid=1691612138&_v=j81&z=180341803

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18223010-7&cid=257844941.1583927188&jid=531636541&_gid=243709535.1583927188&gjid=1691612138&_v=j81&z=180341803

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 11 Mar 2020 11:46:27 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Mar 2020 11:46:27 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18223010-7&cid=257844941.1583927188&jid=531636541&_gid=243709535.1583927188&gjid=1691612138&_v=j81&z=180341803
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 416
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

blank.gif
cache.vindicosuite.com/creative/
Redirect Chain

http://mpp.vindicosuite.com/mpp/?y=2&t=i&tp=1&clid=22511&pixid=99104829&rnd=%3Ctimestamp_here%3E
https://cache.vindicosuite.com/creative/blank.gif

49 B
102 B

33ms
10ms

Image
image/gif

93.184.220.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.vindicosuite.com/creative/blank.gif
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.12 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT
last-modified: Mon, 15 May 2017 18:51:23 GMT
server: ECS (fcn/41A4)
age: 135933
etag: "2426206463"
x-cache: HIT
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 49
expires: Wed, 18 Mar 2020 11:46:27 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 11:46:26 GMT
Via: 1.1 google
Server: 9973c0371253ee01840135c69093500623fc4339d499ea4ee8dd636ce5700251
Location: https://cache.vindicosuite.com/creative/blank.gif
Access-Control-Allow-Methods: GET, HEAD, POST, TRACE, OPTIONS
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
Access-Control-Allow-Origin: *
Cache-Control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
Content-Type: text/html;charset=ISO-8859-1
Access-Control-Allow-Headers: Content-Type
Content-Length: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK 184451
bidagent.xad.com/conv/ 42 B
342 B 186ms
179ms Image
image/gif 52.4.47.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bidagent.xad.com/conv/184451?ts=%pord=!?
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 52.4.47.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-47-144.compute-1.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:27 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK HalisR-Light-webfont.woff
www.celestialseasonings.com/sites/all/themes/cs2015/assets/font/ 29 KB
30 KB 8ms
8ms Font
application/octet-stream 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/font/HalisR-Light-webfont.woff
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: d51fdf2e95d158af3ec82178ee946323aa4b7a58cdc972909e4122a63d9e8782

Request headers

Origin: http://www.celestialseasonings.com
Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2015 15:02:19 GMT
X-CDN: Incapsula
Etag: "bb6a3c7a"
Content-Type: text/plain; charset=UTF-8
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 594) q(0 -1 -1 0) r(0 -1)
Cache-Control: max-age=727673, public
Content-Length: 29620
Expires: Thu, 19 Mar 2020 21:54:19 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 16ms
16ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1015057431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

332458d8d7043c9237ea48c995f93f4d47988640c7eea5f50d8c28e80323e77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9953
x-xss-protection: 0
server: cafe
etag: 242256469415106277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Mar 2020 11:46:27 GMT

GET
H/1.1 200
OK STL_FV.png
www.celestialseasonings.com/sites/celestialseasonings.com/files/product/ 1 MB
1 MB 9ms
9ms Image
image/png 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/sites/celestialseasonings.com/files/product/STL_FV.png
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 272def909c0f990708c74355ff1d2f7413e1bfb5cf6d264155652b000c718ef0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Last-Modified: Thu, 19 Jul 2018 20:19:23 GMT
X-CDN: Incapsula
Etag: "b0ee730c"
Content-Type: image/png
X-Iinfo: 2-11515916-0 0CNN RT(1583927186231 644) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=28716, public
Content-Length: 1434950
Expires: Wed, 11 Mar 2020 19:45:02 GMT

GET
H/1.1 200
OK STE_ff_med.png
www.celestialseasonings.com/sites/celestialseasonings.com/files/product/ 403 KB
404 KB 8ms
8ms Image
image/png 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/sites/celestialseasonings.com/files/product/STE_ff_med.png
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 0d2018071070d525ceb9d5423d2b6635f40c7a585903664a398a30c4374c109c

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Last-Modified: Tue, 04 Sep 2018 17:39:16 GMT
X-CDN: Incapsula
Etag: "14382de0"
Content-Type: image/png
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 651) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=695433, public
Content-Length: 413182
Expires: Thu, 19 Mar 2020 12:56:59 GMT

GET
H/1.1 200
OK CS_STM_20CT_FrontView_2016_LoRes.jpg
www.celestialseasonings.com/sites/celestialseasonings.com/files/product/ 454 KB
455 KB 8ms
8ms Image
image/jpeg 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/sites/celestialseasonings.com/files/product/CS_STM_20CT_FrontView_2016_LoRes.jpg
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: a09012d6898a9b7ed133cac2728ab1e573ba7e64156fd9540089f82e8c581da7

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Last-Modified: Wed, 10 Aug 2016 21:28:10 GMT
X-CDN: Incapsula
Etag: "e31e31c0"
Content-Type: image/jpeg
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 666) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=361456, public
Content-Length: 465136
Expires: Sun, 15 Mar 2020 16:10:42 GMT

GET
H/1.1 200
OK CS_STH_20CT_FrontView_060116.jpg
www.celestialseasonings.com/sites/celestialseasonings.com/files/product/ 124 KB
124 KB 43ms
42ms Image
image/jpeg 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/sites/celestialseasonings.com/files/product/CS_STH_20CT_FrontView_060116.jpg
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 721fb39b35dba91a71b3ea0a51a27a5ca9b3d7810b5af3cdc8ff3a3bd8b2195e

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Last-Modified: Wed, 10 Aug 2016 21:17:46 GMT
X-CDN: Incapsula
Etag: "c81787bc"
Content-Type: image/jpeg
X-Iinfo: 8-14198159-0 0CNN RT(1583927186231 672) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=688219, public
Content-Length: 127044
Expires: Thu, 19 Mar 2020 10:56:45 GMT

GET
H/1.1 200
OK picturefill.min.js Show response
www.celestialseasonings.com/sites/all/modules/picture/picturefill2/ 7 KB
4 KB 11ms
10ms Script
application/x-javascript 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/modules/picture/picturefill2/picturefill.min.js?v=2.3.1
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: b944ad08c6c8ff210ebe0c2453aa821e41d1c9ae11ec1be565ede75804e3436f

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2015 15:02:28 GMT
X-CDN: Incapsula
Content-Type: application/x-javascript
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 633) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=727672, public
Content-Length: 3137
Expires: Thu, 19 Mar 2020 21:54:18 GMT

GET
H/1.1 200
OK picture.min.js Show response
www.celestialseasonings.com/sites/all/modules/picture/ 605 B
692 B 8ms
7ms Script
application/x-javascript 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/modules/picture/picture.min.js?v=7.41
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: bf2364982129bcf63d6f34ceb0d05ac8e8b131280b3bd24493b3e5073c439dc8

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2015 15:02:28 GMT
X-CDN: Incapsula
Content-Type: application/x-javascript
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 642) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25933, public
Content-Length: 337
Expires: Wed, 11 Mar 2020 18:58:39 GMT

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.celestialseasonings.com/ 116 KB
17 KB 18ms
17ms Script
application/javascript 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1428577529
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: c2a9335e5cf527303b764e8a19653ce2ae3d20b9d7d56678d678d4e0dc5de0be

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 16997
Content-Type: application/javascript

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 13 KB
5 KB 18ms
18ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

da5d59b3200e322f2dc723505bd974e642d013f8261ed7be36bbab88b2044324

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Wed, 11 Mar 2020 11:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2426
x-amz-server-side-encryption: AES256
status: 200
strict-transport-security: max-age=15552000
content-length: 5097
x-amz-id-2: ui5wKfpHRnVrgGv/EKI9nFVriaPe5VJKHExp2K79xfFsFkT9lHZPp0iaigBGpqIuGXAlma+6fHs=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 02 Apr 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Feb 2020 09:47:57 GMT
server: ATS
etag: "d699f9d2abb1c3bd39981db583d3cf0f-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-request-id: 8F062FC686245830
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: mKvbwHik1MhSUT4X3Aour3fBLLG6vD9V
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK HalisR-Bold-webfont.woff
www.celestialseasonings.com/sites/all/themes/cs2015/assets/font/ 29 KB
29 KB 8ms
8ms Font
application/octet-stream 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/font/HalisR-Bold-webfont.woff
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 478d97603dafec04e45691ec7918fea3e54fe5ddc6370eba8568420321048fc7

Request headers

Origin: http://www.celestialseasonings.com
Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2015 15:02:19 GMT
X-CDN: Incapsula
Etag: "6e812ba9"
Content-Type: text/plain; charset=UTF-8
X-Iinfo: 8-14198159-0 0CNN RT(1583927186231 633) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25355, public
Content-Length: 29325
Expires: Wed, 11 Mar 2020 18:49:01 GMT

GET
H2 200 279101362588388 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/279101362588388?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30efec3aefab775fdb312e6f07e21bb643947a8e10af8b84c62392b97d66a677

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: t+Zhuy3z5sjFw/qWcHtlEw8gvJ7IB9JOPfBVjSO62GE3rSwmn+tiXasxqDgO06B4WQ+llEGLAM5edxWAwuGfsw==
x-fb-trip-id: 420120009
date: Wed, 11 Mar 2020 11:46:27 GMT, Wed, 11 Mar 2020 11:46:27 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1513119858986926&ev=PageView&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&rl=&if=false&ts=1583927187708&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1583927187707.1979466406&it=1583927187563&coo=false&rqm=GET

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT, Wed, 11 Mar 2020 11:46:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Mar 2020 11:46:27 GMT

GET
H/1.1 200
OK style.min.css
www.celestialseasonings.com/sites/all/themes/cs2015/assets/css/ 115 KB
14 KB 9ms
8ms Stylesheet
text/css 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/css/style.min.css?v=18
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 1bc4a9cc32c5db9af2da56bbaaafe8bca1b24b878e32adf324bf4ee8ea1b0e45

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 May 2017 18:40:12 GMT
X-CDN: Incapsula
Content-Type: text/css
X-Iinfo: 0-4195695-0 0CNN RT(1583927186233 769) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25934, public
Content-Length: 13959
Expires: Wed, 11 Mar 2020 18:58:41 GMT

GET
H/1.1 200
OK scripts.min.js Show response
www.celestialseasonings.com/sites/all/themes/cs2015/assets/js/ 96 KB
25 KB 9ms
9ms Script
application/x-javascript 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/js/scripts.min.js?v=18
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: b17d7727a4f3c465a307e4ab166dae00f8f49dd13cead65032b6acffca6e51d4

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Apr 2019 19:23:43 GMT
X-CDN: Incapsula
Content-Type: application/x-javascript
X-Iinfo: 0-4195695-0 0CNN RT(1583927186233 744) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=25935, public
Content-Length: 25336
Expires: Wed, 11 Mar 2020 18:58:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1015057431/ 2 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015057431/?random=1583927187765&cv=9&fst=1583927187765&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2q2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&tiba=Sleepytime%20Classic%20%7C%20Celestial%20Seasonings&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6e88254d7ab36ef2322c8bcf6f0344e3e95abb0ff9fb5dc22d4913c7f2bdf40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 11:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1058
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rules-p-XzzL7DN7M4HTd.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-XzzL7DN7M4HTd.js
https://rules.quantcount.com/rules-p-XzzL7DN7M4HTd.js

3 B
350 B

407ms
392ms

Script
application/x-javascript

2600:9000:214f:1200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-XzzL7DN7M4HTd.js
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 11:46:29 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:41:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Miss from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3
x-amz-cf-id: 56tF9dMn_ISmDuBWcepmHw2nVBsqitZKCCCkk3ymBm2BkOhygrjWsA==

Redirect headers

Date: Wed, 11 Mar 2020 11:46:27 GMT
Via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-XzzL7DN7M4HTd.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: unIPJLpQkRF5o2rvxnKvbjRAgo9lfPLg1kGe_Ozg2MHWGfUp-3Oebw==

GET
H2 200 423232.json Show response
s.yimg.com/wi/config/ 2 B
495 B 198ms
156ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/423232.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Origin: http://www.celestialseasonings.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 11:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 931D3E78A4B08337
x-amz-id-2: 6s95rhNrxDDPZsjA0ElpKEcynnk9IYO7HFPOQJpgAym/CqxkRI+Dcd+EH63vrqYlgGI/Cb17e8I=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H/1.1 200
OK _Incapsula_Resource
www.celestialseasonings.com/ 1 B
123 B 7ms
7ms Image
text/plain 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/_Incapsula_Resource?SWKMTFSR=1&e=0.008361726365213817
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 main.a37a8bbc.js Show response
s.pinimg.com/ct/lib/ 45 KB
16 KB 137ms
137ms Script
application/javascript 2a02:26f0:6c00:190::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.a37a8bbc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:190::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 5e8923354dc828bba8fd3a84f1fed88a4b7095207803798b521710119bf347da

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "dca924303eac8ed14b9cb0fa8819af3d"
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=1209600
x-fallback: 35785e3-2.16.187.29
accept-ranges: bytes
content-length: 16477

GET
H2 200 /
www.google.com/pagead/1p-user-list/1015057431/ 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1015057431/?random=1583927187765&cv=9&fst=1583924400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2q2&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&tiba=Sleepytime%20Classic%20%7C%20Celestial%20Seasonings&async=1&fmt=3&is_vtc=1&random=4139708918&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 11:46:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1015057431/ 42 B
110 B 25ms
25ms Image
image/gif 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1015057431/?random=1583927187765&cv=9&fst=1583924400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2q2&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&tiba=Sleepytime%20Classic%20%7C%20Celestial%20Seasonings&async=1&fmt=3&is_vtc=1&random=4139708918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 11:46:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK thatch-pattern.png
www.celestialseasonings.com/sites/all/themes/cs2015/assets/img/ 94 KB
95 KB 10ms
10ms Image
image/png 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/img/thatch-pattern.png
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: b93ce8c98ff85556276c8e9e0a94e3854402ecfd225df25fc0fa19e79a645432

Request headers

Referer: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/css/style.min.css?v=18
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:27 GMT
Last-Modified: Mon, 28 Sep 2015 15:02:19 GMT
X-CDN: Incapsula
Etag: "ae6d5848"
Content-Type: image/png
X-Iinfo: 0-4195695-0 0CNN RT(1583927186233 836) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=26033, public
Content-Length: 96404
Expires: Wed, 11 Mar 2020 19:00:20 GMT

GET
H/1.1 200
OK badges-png-sprite.png
www.celestialseasonings.com/sites/all/themes/cs2015/assets/img/ 25 KB
25 KB 15ms
15ms Image
image/png 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/img/badges-png-sprite.png
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: dfa65f3a71ece4c8d3cc1101bb2da8dd9eff031ea60aa7ac3a3b3218ac9d1d41

Request headers

Referer: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/css/style.min.css?v=18
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:27 GMT
Last-Modified: Tue, 17 Nov 2015 00:47:48 GMT
X-CDN: Incapsula
Etag: "ae668de7"
Content-Type: image/png
X-Iinfo: 2-11515915-0 0CNN RT(1583927186231 844) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=28396, public
Content-Length: 25423
Expires: Wed, 11 Mar 2020 19:39:43 GMT

GET
H/1.1 200
OK newsletter-bg.jpg
www.celestialseasonings.com/sites/all/themes/cs2015/assets/img/ 33 KB
33 KB 12ms
12ms Image
image/jpeg 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/img/newsletter-bg.jpg
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 36b0ed4c3fb17087938df6b0a6c0e2259ccc4dc841261d07c8027d57cb4ebaa8

Request headers

Referer: http://www.celestialseasonings.com/sites/all/themes/cs2015/assets/css/style.min.css?v=18
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:27 GMT
Last-Modified: Mon, 28 Sep 2015 15:02:19 GMT
X-CDN: Incapsula
Etag: "313b12df"
Content-Type: image/jpeg
X-Iinfo: 4-23544843-0 0CNN RT(1583927186233 841) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=27300, public
Content-Length: 33460
Expires: Wed, 11 Mar 2020 19:21:27 GMT

GET
H/1.1 200
OK sleepytime-herbal_0.png
www.celestialseasonings.com/sites/celestialseasonings.com/files/foofs/ 33 KB
33 KB 11ms
10ms Image
image/png 149.126.77.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celestialseasonings.com/sites/celestialseasonings.com/files/foofs/sleepytime-herbal_0.png
Requested by: Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Protocol: HTTP/1.1
Server: 149.126.77.152 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.152.ip.incapdns.net
Software: /
Resource Hash: 070e2aa190484ac45881f406b50f34631aa333a1f4520c2369515aa24b3f6070

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Mar 2020 11:46:27 GMT
Last-Modified: Mon, 12 Oct 2015 16:25:24 GMT
X-CDN: Incapsula
Etag: "c744dc42"
Content-Type: image/png
X-Iinfo: 4-23544843-0 0CNN RT(1583927186233 866) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=695434, public
Content-Length: 33411
Expires: Thu, 19 Mar 2020 12:57:01 GMT

GET
H2 200 298551110935778 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 63ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/298551110935778?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df6e12fda2b33eaeee8b14c33fbf7d2cb3f88934b7abd2fbbaf695d80856634e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: pza8AGUpLMmhHgvuRBhFiHdIEcol/p31lc5HchJgWF4I+bZMWSr5oz9Fs3C3KbCHZ3oUV8SN4mgu/X13V6yvwA==
x-fb-trip-id: 420120009
date: Wed, 11 Mar 2020 11:46:27 GMT, Wed, 11 Mar 2020 11:46:27 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=279101362588388&ev=PageView&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&rl=&if=false&ts=1583927187916&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1583927187707.1979466406&it=1583927187563&coo=false&rqm=GET

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT, Wed, 11 Mar 2020 11:46:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Mar 2020 11:46:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 10ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1513119858986926&ev=AddToCart&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&rl=&if=false&ts=1583927187916&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1583927187707.1979466406&it=1583927187563&coo=false&rqm=GET

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT, Wed, 11 Mar 2020 11:46:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Mar 2020 11:46:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 30ms
29ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=279101362588388&ev=AddToCart&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&rl=&if=false&ts=1583927187917&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1583927187707.1979466406&it=1583927187563&coo=false&rqm=GET

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT, Wed, 11 Mar 2020 11:46:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Mar 2020 11:46:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1513119858986926&ev=InitiateCheckout&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&rl=&if=false&ts=1583927187918&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1583927187707.1979466406&it=1583927187563&coo=false&rqm=GET

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT, Wed, 11 Mar 2020 11:46:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Mar 2020 11:46:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=279101362588388&ev=InitiateCheckout&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&rl=&if=false&ts=1583927187919&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1583927187707.1979466406&it=1583927187563&coo=false&rqm=GET

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:27 GMT, Wed, 11 Mar 2020 11:46:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Mar 2020 11:46:27 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 35 B
360 B 110ms
95ms XHR
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612814938240&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1583927187995

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.a37a8bbc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
Origin: http://www.celestialseasonings.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 11:46:28 GMT
x-cdn: akamai
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: http://www.celestialseasonings.com
access-control-expose-headers: Epik
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 5308013856287975
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
282 B 203ms
189ms Image
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612814938240&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1583927187996

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 11:46:28 GMT
x-cdn: akamai
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
status: 200
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 6931623098778838
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298551110935778&ev=PageView&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&rl=&if=false&ts=1583927188001&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1583927187707.1979466406&it=1583927187563&coo=false&rqm=GET

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:28 GMT, Wed, 11 Mar 2020 11:46:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Mar 2020 11:46:28 GMT

GET
H/1.1

200
OK

pixel;r=1589012343;labels=_fp.event.Product%20Details;rf=0;a=p-XzzL7DN7M4HTd;url=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic;fpan=1;fpa=P0-1889456282-158392718...
pixel.quantserve.com/
Redirect Chain

http://pixel.quantserve.com/pixel;r=1589012343;labels=_fp.event.Product%20Details;rf=0;a=p-XzzL7DN7M4HTd;url=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic;fpan=1...
https://pixel.quantserve.com/pixel;r=1589012343;labels=_fp.event.Product%20Details;rf=0;a=p-XzzL7DN7M4HTd;url=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic;fpan=...

35 B
658 B

36ms
10ms

Image
image/gif

91.228.74.217
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1589012343;labels=_fp.event.Product%20Details;rf=0;a=p-XzzL7DN7M4HTd;url=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic;fpan=1;fpa=P0-1889456282-1583927188234;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1583927188234;tzo=-60;ogl=

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.217 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 11:46:28 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location: https://pixel.quantserve.com/pixel;r=1589012343;labels=_fp.event.Product%20Details;rf=0;a=p-XzzL7DN7M4HTd;url=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic;fpan=1;fpa=P0-1889456282-1583927188234;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1583927188234;tzo=-60;ogl=
Date: Wed, 11 Mar 2020 11:46:28 GMT
Cache-Control: private, no-transform, max-age=86400
Server: QS
Connection: keep-alive
Content-Length: 0
Expires: Thu, 12 Mar 2020 11:46:28 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=16554065&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16554065%26t%3D2

43 B
1 KB

15ms
14ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16554065%26t%3D2

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 11:46:30 GMT
AN-X-Request-Uuid: 850f26b5-136f-42f6-aa11-62149d28b069
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 83.143.245.67; 83.143.245.67; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.42:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 11:46:30 GMT
AN-X-Request-Uuid: 6c77bb32-f386-425d-961d-3835a800c79c
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16554065%26t%3D2
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 83.143.245.67; 83.143.245.67; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.239:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://20821036p.rfihub.com/ca.gif?rb=40316&ca=20821036&ra=YOUR_CUSTOM_CACHE_BUSTER&_o=40316&_t=20821036
https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTU4MjI0MTIxNzM2NDMzMzcyNw==&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D1349...
https://a.rfihub.com/cm?pub=445&in=0&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D1582241217364333727%26expires%3D30%26next%3Dhttps%253A%252F%252Fib.adn...
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1582241217364333727&expires=30&next=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D1582241217364333727https%253A%252F%252Fd...
https://ib.adnxs.com/setuid?entity=18&code=1582241217364333727https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D57%26external_user_id%3D1582241217364333727%26forward%3D

43 B
1 KB

23ms
9ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=1582241217364333727https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D57%26external_user_id%3D1582241217364333727%26forward%3D

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 11:46:30 GMT
AN-X-Request-Uuid: 4b4c2b1b-5202-4310-bd70-6569f80a4f4a
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 83.143.245.67; 83.143.245.67; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.49:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ib.adnxs.com/setuid?entity=18&code=1582241217364333727https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D57%26external_user_id%3D1582241217364333727%26forward%3D
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H2

200

dc_pre=CLz-psuskugCFdfgGwod5lQAlA;src=9050438;type=invmedia;cat=celes00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://9050438.fls.doubleclick.net/activity;src=9050438;type=invmedia;cat=celes00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://9050438.fls.doubleclick.net/activity;dc_pre=CLz-psuskugCFdfgGwod5lQAlA;src=9050438;type=invmedia;cat=celes00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/dc_pre=CLz-psuskugCFdfgGwod5lQAlA;src=9050438;type=invmedia;cat=celes00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
109 B

113ms
113ms

Image
image/gif

2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLz-psuskugCFdfgGwod5lQAlA;src=9050438;type=invmedia;cat=celes00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 11:46:28 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Mar 2020 11:46:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 302
strict-transport-security: max-age=21600
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CLz-psuskugCFdfgGwod5lQAlA;src=9050438;type=invmedia;cat=celes00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://20821049p.rfihub.com/ca.gif?rb=40316&ca=20821049&ra=YOUR_CUSTOM_CACHE_BUSTER&_o=40316&_t=20821049
https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTA0MTI0NjMzNDU1MzU1NTEyNg==&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D1349...
https://a.rfihub.com/cm?pub=445&in=0&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D1041246334553555126%26expires%3D30%26next%3Dhttps%253A%252F%252Fib.adn...
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1041246334553555126&expires=30&next=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D1041246334553555126https%253A%252F%252Fd...
https://ib.adnxs.com/setuid?entity=18&code=1041246334553555126https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D57%26external_user_id%3D1041246334553555126%26forward%3D

43 B
1 KB

23ms
9ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=1041246334553555126https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D57%26external_user_id%3D1041246334553555126%26forward%3D

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 11:46:30 GMT
AN-X-Request-Uuid: 3725f20e-4512-4fb8-9f52-fccc25e70016
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 83.143.245.67; 83.143.245.67; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.29:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ib.adnxs.com/setuid?entity=18&code=1041246334553555126https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D57%26external_user_id%3D1041246334553555126%26forward%3D
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1513119858986926&ev=Microdata&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&rl=&if=false&ts=1583927189210&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sleepytime%20Classic%20%7C%20Celestial%20Seasonings%22%2C%22meta%3Adescription%22%3A%22Our%20Sleepytime%20Tea%2C%20a%20popular%20Celestial%20Seasonings%20herb%20tea%2C%20features%20chamomile%20and%20natural%20ingredients.%20Order%20herbal%20tea%20here.%22%2C%22meta%3Akeywords%22%3A%22sleepytime%20tea%2C%20herbal%20tea%2C%20Celestial%20Seasonings%2C%20herb%20tea%2C%20benefits%20of%20herbal%20tea%2C%20herbal%20tea%20blends%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=3&o=30&fbp=fb.1.1583927187707.1979466406&it=1583927187563&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:29 GMT, Wed, 11 Mar 2020 11:46:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Mar 2020 11:46:29 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=279101362588388&ev=Microdata&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&rl=&if=false&ts=1583927189417&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sleepytime%20Classic%20%7C%20Celestial%20Seasonings%22%2C%22meta%3Adescription%22%3A%22Our%20Sleepytime%20Tea%2C%20a%20popular%20Celestial%20Seasonings%20herb%20tea%2C%20features%20chamomile%20and%20natural%20ingredients.%20Order%20herbal%20tea%20here.%22%2C%22meta%3Akeywords%22%3A%22sleepytime%20tea%2C%20herbal%20tea%2C%20Celestial%20Seasonings%2C%20herb%20tea%2C%20benefits%20of%20herbal%20tea%2C%20herbal%20tea%20blends%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=3&o=30&fbp=fb.1.1583927187707.1979466406&it=1583927187563&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:29 GMT, Wed, 11 Mar 2020 11:46:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Mar 2020 11:46:29 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298551110935778&ev=Microdata&dl=http%3A%2F%2Fwww.celestialseasonings.com%2Fproducts%2Fherbal%2Fsleepytime-classic&rl=&if=false&ts=1583927189503&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sleepytime%20Classic%20%7C%20Celestial%20Seasonings%22%2C%22meta%3Adescription%22%3A%22Our%20Sleepytime%20Tea%2C%20a%20popular%20Celestial%20Seasonings%20herb%20tea%2C%20features%20chamomile%20and%20natural%20ingredients.%20Order%20herbal%20tea%20here.%22%2C%22meta%3Akeywords%22%3A%22sleepytime%20tea%2C%20herbal%20tea%2C%20Celestial%20Seasonings%2C%20herb%20tea%2C%20benefits%20of%20herbal%20tea%2C%20herbal%20tea%20blends%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1583927187707.1979466406&it=1583927187563&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.celestialseasonings.com
URL: http://www.celestialseasonings.com/products/herbal/sleepytime-classic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.celestialseasonings.com/products/herbal/sleepytime-classic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 11:46:29 GMT, Wed, 11 Mar 2020 11:46:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Mar 2020 11:46:29 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 10:08:23	Name: _fbp Value: fb.1.1583927188062.160712855
.doubleclick.net/	1970-01-19 17:20:23	Name: IDE Value: AHWqTUnlsvPlvvPciQt33-e4FM9LiOs8-pJ4_QNIE3PdPV3MgBksg2uNteIv8YRD
.celestialseasonings.com/	1970-01-19 17:23:15	Name: __qca Value: P0-1889456282-1583927188234
.celestialseasonings.com/	1970-01-19 10:08:23	Name: _fbp Value: fb.1.1583927187707.1979466406
.celestialseasonings.com/	1969-12-31 23:59:59	Name: incap_ses_536_478773 Value: Mzt5Ctvfwmq4bnKb6EdwB5LPaF4AAAAAqmadQsO8yOX96IdTomnhQw==
.celestialseasonings.com/	1970-01-19 07:58:47	Name: _gat_UA-18223010-7 Value: 1
.celestialseasonings.com/	1970-01-19 16:44:07	Name: visid_incap_478773 Value: DnQSLWCeSs6Ywq2QPAEfepLPaF4AAAAAQUIPAAAAAACM6m51lpLAcsuPMe6uRT1N
.celestialseasonings.com/	1970-01-19 08:00:13	Name: _gid Value: GA1.2.243709535.1583927188
.celestialseasonings.com/	1970-01-20 01:29:59	Name: _ga Value: GA1.2.257844941.1583927188
.celestialseasonings.com/	1970-01-19 10:08:23	Name: _gcl_au Value: 1.1.1906144446.1583927188

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20821036p.rfihub.com
20821049p.rfihub.com
5450232.fls.doubleclick.net
5923702.fls.doubleclick.net
9050438.fls.doubleclick.net
a.rfihub.com
adservice.google.com
ajax.googleapis.com
bidagent.xad.com
cache.vindicosuite.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
edge.quantserve.com
googleads.g.doubleclick.net
ib.adnxs.com
live.rezync.com
mpp.vindicosuite.com
pixel.quantserve.com
pixel.rubiconproject.com
resources.hcgweb.net
rules.quantcount.com
s.pinimg.com
s.yimg.com
secure.adnxs.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
www.celestialseasonings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
149.126.77.152
172.217.16.130
172.217.18.166
172.217.22.6
185.31.128.128
185.31.128.129
212.82.100.181
216.58.207.66
23.210.248.189
2600:9000:214f:1200:6:44e3:f8c0:93a1
2a00:1288:f03d:1fa::2000
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2008
2a00:1450:4001:808::2004
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9d
2a02:26f0:6c00:190::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.208.178.19
35.186.236.204
37.252.173.22
37.252.173.27
52.4.47.144
69.173.144.165
91.228.74.203
91.228.74.217
93.184.220.12
004558b2b0c1e5631c22e5043cf90645efa3ba4a019fde777887484ce82cf3bf
070e2aa190484ac45881f406b50f34631aa333a1f4520c2369515aa24b3f6070
0d2018071070d525ceb9d5423d2b6635f40c7a585903664a398a30c4374c109c
0d35a144d5f1ec7545b39c2c7d627cc524e91d87e7019f5b6259274afa5f63ae
0d641dd13e8b30c76414713a749f62f36d4ee81391b764725b02abe529ca9fd5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1bc4a9cc32c5db9af2da56bbaaafe8bca1b24b878e32adf324bf4ee8ea1b0e45
1db0396fabcf67c6bfabe93d1a6ac3435e4bd3e2c508472fa13d89dda2931a1e
1dc64b0c2558c520047786608c62a39ff311854e104225a8d0d62f03f5663dfe
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
272def909c0f990708c74355ff1d2f7413e1bfb5cf6d264155652b000c718ef0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30efec3aefab775fdb312e6f07e21bb643947a8e10af8b84c62392b97d66a677
31dc3edabb9080de7c263f3b572f90287528b8ef8db0d5ccc675ed214b1c3af4
31f098fc5be101d522594a2c6c7ae736aa94d4ddccd70696fa5fda7550d38380
332458d8d7043c9237ea48c995f93f4d47988640c7eea5f50d8c28e80323e77b
36b0ed4c3fb17087938df6b0a6c0e2259ccc4dc841261d07c8027d57cb4ebaa8
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3815d1867e1fe262308f339b0dd2f1fd59ca639a502ec0a9452399f906b6718a
3a1b0fc9ca13614d4daea01dfe033be9fa630b2d92fc3ca6d79e42aba3f24fd4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
478d97603dafec04e45691ec7918fea3e54fe5ddc6370eba8568420321048fc7
480e8097f28392aba36d52edd3b1688a3b30785da90affb587fd339fcbd1cbfa
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5e8923354dc828bba8fd3a84f1fed88a4b7095207803798b521710119bf347da
7161f9a7a69c873ab8debe586c93b254a41c916c7809e7b24125796133bdd034
721fb39b35dba91a71b3ea0a51a27a5ca9b3d7810b5af3cdc8ff3a3bd8b2195e
7296f93ce6b444bbd1ae8e383258b52bc1565d3a960c85d435d5f8367e3df68f
795c7939352472a3ee22eed91983ee599b67000368e49fd514927f4b53a766a3
80854f8660aca53994871df3707c38d75707ae134b7733d735031b5a503d931a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833ca5114ed0193dbb09879b437f1f34cfaa58be677a96d84b40ad78d11dc1c3
8b77a177598cdb67ff5bfd0dc942dbddd8760a72f3d828750154aaac56b91309
9b884a660da6f9d4c557eeebb2d54b4d04de26468ea3f2c8d3af5165e329b05d
a09012d6898a9b7ed133cac2728ab1e573ba7e64156fd9540089f82e8c581da7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a32de391724acfeabb9e2f11cdd3c87ef10199c750f9fd16ea0b0c85f1166c8a
a61437b7ab10f7fa75b43c3a1a433ca0f6b7083ce43da21285c791fc0da82227
a6e88254d7ab36ef2322c8bcf6f0344e3e95abb0ff9fb5dc22d4913c7f2bdf40
a8a5c752f8ae0c033572453cbb3240ca9047eae565ea1f3df7cb1ea67e9984d9
b105ea919a03bbb57b02fa705661ad8a4cb4b34ab8b4fd8be5e083dbc042f2c5
b17d7727a4f3c465a307e4ab166dae00f8f49dd13cead65032b6acffca6e51d4
b906eabbebdb01037ceeace864545d31d1da5dfd359d7547c0c5535aa2d08250
b93ce8c98ff85556276c8e9e0a94e3854402ecfd225df25fc0fa19e79a645432
b944ad08c6c8ff210ebe0c2453aa821e41d1c9ae11ec1be565ede75804e3436f
bf2364982129bcf63d6f34ceb0d05ac8e8b131280b3bd24493b3e5073c439dc8
c06dce75cf7c9510ab0eb4618ea50d43ca632cbb8776003d38b01a3c7113f3d6
c2a9335e5cf527303b764e8a19653ce2ae3d20b9d7d56678d678d4e0dc5de0be
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d074ea92effb73eec2b042be500c19e7eab4aec9bf7e8656ce77369dd359a0c6
d4828864e77a9e999a2d8650d7251c6ce91389c697a21ac1527250a59a72efe5
d51fdf2e95d158af3ec82178ee946323aa4b7a58cdc972909e4122a63d9e8782
da5d59b3200e322f2dc723505bd974e642d013f8261ed7be36bbab88b2044324
df6e12fda2b33eaeee8b14c33fbf7d2cb3f88934b7abd2fbbaf695d80856634e
dfa65f3a71ece4c8d3cc1101bb2da8dd9eff031ea60aa7ac3a3b3218ac9d1d41
e16f1596201850fd4a63680b27f603cb64e67176159be3d8ed78a4403fdb1700
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a0b4e81cc603766e094e15f6002c35505f9ea4eb05d1adbc7f6dead6de09c6
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef04efcc33d1cddfcc199149e3c62a6871a9f2649f8f951abf9cab2f33c66dbb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.celestialseasonings.com Open in urlscan Pro 149.126.77.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

87 Requests

51 %HTTPS

45 %IPv6

23 Domains

34 Subdomains

28 IPs

8 Countries

4583 kBTransfer

6430 kBSize

10 Cookies

6 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.celestialseasonings.com Open in urlscan Pro
149.126.77.152 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

51 %
HTTPS

45 %
IPv6

23
Domains

34
Subdomains

28
IPs

8
Countries

4583 kB
Transfer

6430 kB
Size

10
Cookies

87 HTTP transactions
0 data transactions