floraspring.com Open in urlscan Pro
149.28.34.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://229.mp2201.com/a/229/click/9901442/743572919/_2c3261f8b65004e3491213148518d3e3b154f603/57044aaa21b9f330eae4ae7f...
Effective URL:
https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b...
Submission Tags: falconsandbox
Submission: On January 11 via api (January 11th 2023, 1:53:40 pm UTC) from US — Scanned from DE

Summary HTTP 126 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 54 IPs in 9 countries across 50 domains to perform 126 HTTP transactions. The main IP is 149.28.34.111, located in Piscataway, United States and belongs to AS-CHOOPA, US. The main domain is floraspring.com.
TLS certificate: Issued by R3 on January 5th 2023. Valid for: 3 months.

This is the only time floraspring.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.120.219.72 34.120.219.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	149.28.34.111 149.28.34.111	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.174.184 52.217.174.184	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.166.248 3.120.166.248	16509 (AMAZON-02) (AMAZON-02)
1 1	35.156.193.170 35.156.193.170	16509 (AMAZON-02) (AMAZON-02)
1	99.81.25.188 99.81.25.188	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
5	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	18.192.108.151 18.192.108.151	16509 (AMAZON-02) (AMAZON-02)
31	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:3800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	107.178.211.97 107.178.211.97	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	35.190.27.197 35.190.27.197	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:d... 2600:1901:0:df23::	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 2	52.58.161.171 52.58.161.171	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.28.89.159 52.28.89.159	16509 (AMAZON-02) (AMAZON-02)
1	184.51.8.30 184.51.8.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.195.181.132 18.195.181.132	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	18.156.32.70 18.156.32.70	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.17.182.43 52.17.182.43	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.122.34.238 3.122.34.238	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	104.70.110.28 104.70.110.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.155.179.95 54.155.179.95	16509 (AMAZON-02) (AMAZON-02)
1	52.208.157.7 52.208.157.7	16509 (AMAZON-02) (AMAZON-02)
1	3.141.114.230 3.141.114.230	16509 (AMAZON-02) (AMAZON-02)
126	54

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

229.mp2201.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.219.72 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.219.120.34.bc.googleusercontent.com

www.pm4trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 149.28.34.111 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.34.111.vultrusercontent.com

floraspring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.174.184 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.166.248 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-166-248.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.193.170 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-193-170.eu-central-1.compute.amazonaws.com

rtb-eu.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.25.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.108.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-151.eu-central-1.compute.amazonaws.com

treach-tutters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 151.101.193.91 (United States)

ASN54113 (FASTLY, US)

quick.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:3800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.211.97 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.211.178.107.bc.googleusercontent.com

stats.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.190.27.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.27.190.35.bc.googleusercontent.com

analytics-ingress-global.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:df23:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

licensing.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.161.171 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-161-171.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.89.159 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-89-159.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.8.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-30.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.181.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-181-132.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.32.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.182.43 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-182-43.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.34.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-34-238.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.70.110.28 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-110-28.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.179.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-179-95.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.157.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-157-7.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.141.114.230 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-114-230.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	vidalytics.com quick.vidalytics.com — Cisco Umbrella Rank: 267526 stats.vidalytics.com — Cisco Umbrella Rank: 145586	17 MB
11	bitmovin.com analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 40423 licensing.bitmovin.com — Cisco Umbrella Rank: 15304	1 KB
11	floraspring.com floraspring.com	126 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 446 mug.criteo.com — Cisco Umbrella Rank: 1856 sslwidget.criteo.com — Cisco Umbrella Rank: 1805 widget.us.criteo.com — Cisco Umbrella Rank: 15680 dis.criteo.com — Cisco Umbrella Rank: 903	14 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 16 region1.analytics.google.com — Cisco Umbrella Rank: 4057	1 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 stats.g.doubleclick.net — Cisco Umbrella Rank: 179 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	4 KB
5	google.de www.google.de — Cisco Umbrella Rank: 3658	890 B
5	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5573	77 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 619	12 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1347 rtb-eu.mfadsrvr.com — Cisco Umbrella Rank: 235887	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 301	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1696	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 405	510 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 796	853 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 318	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	880 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	135 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1458 pixel.quantserve.com — Cisco Umbrella Rank: 985	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	179 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2499	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 803	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2264	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3757	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 24678	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2637	183 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 882	584 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1465	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2735	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 522	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1031	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1979	162 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1005	55 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 497	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2081	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1303	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 721	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 717	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 452	239 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 923	145 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 788	786 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1277	1 KB
1	treach-tutters.com treach-tutters.com — Cisco Umbrella Rank: 404601
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 743	14 KB
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2385	90 B
1	amazonaws.com s3.amazonaws.com	56 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	1 KB
1	pm4trk.com 1 redirects www.pm4trk.com	469 B
1	mp2201.com 1 redirects 229.mp2201.com — Cisco Umbrella Rank: 704523	720 B
126	50

	Domain	Requested by
31	quick.vidalytics.com	floraspring.com quick.vidalytics.com
11	floraspring.com	floraspring.com
9	analytics-ingress-global.bitmovin.com	floraspring.com
5	gum.criteo.com	4 redirects static.criteo.net
5	www.google.de	floraspring.com
5	dev.visualwebsiteoptimizer.com	floraspring.com dev.visualwebsiteoptimizer.com
4	stats.vidalytics.com	floraspring.com
4	www.google.com	1 redirects floraspring.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com floraspring.com
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	www.facebook.com	floraspring.com
2	licensing.bitmovin.com	floraspring.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	floraspring.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	floraspring.com www.googletagmanager.com
2	rtb.mfadsrvr.com	2 redirects
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	e1.emxdgt.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com	floraspring.com
1	sslwidget.criteo.com	1 redirects
1	pixel.quantserve.com	floraspring.com
1	mug.criteo.com	floraspring.com
1	rules.quantcount.com	secure.quantserve.com
1	treach-tutters.com	floraspring.com
1	static.criteo.net	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	trends.revcontent.com	floraspring.com
1	rtb-eu.mfadsrvr.com	1 redirects
1	s3.amazonaws.com	floraspring.com
1	fonts.googleapis.com	floraspring.com
1	www.pm4trk.com	1 redirects
1	229.mp2201.com	1 redirects
126	61

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
partners.pineapple.co

Subject Issuer	Validity	Valid
floraspring.com R3	`2023-01-05` - `2023-04-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-20` - `2023-01-18`	3 months	crt.sh
treach-tutters.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-25`	a year	crt.sh
*.vidalytics.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-30` - `2023-12-31`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.bitmovin.com Go Daddy Secure Certificate Authority - G2	`2022-05-03` - `2023-06-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-01-05` - `2023-04-05`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
itm.ivitrack.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Frame ID: 9E3673B58554C1328E09D2E7E0B7B7C7
Requests: 98 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=floraspring.com&origin=onetag
Frame ID: CFDE170F4305CDD272CFE86A10925D3F
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-uAHPt7vnMNBQHM2E-kFSExvh9TE3FcOXq5z5Ow&expires=30
Frame ID: 4F81C2DC5B06B04F0F0314851A371F21
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Video - Limited Time Only!

Page URL History Show full URLs

https://229.mp2201.com/a/229/click/9901442/743572919/_2c3261f8b65004e3491213148518d3e3b154f603/5704... HTTP 302
https://www.pm4trk.com/2P1WQ3X/548B3D/?sub1=haysfloraspring0110 HTTP 302
https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

126
Requests

90 %
HTTPS

28 %
IPv6

50
Domains

61
Subdomains

54
IPs

9
Countries

17998 kB
Transfer

21011 kB
Size

64
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://vidalytics.com/?utm_source=Powered%20By&utm_medium=Player&utm_content=KwmJQD4K
Title: Powered by Vidalytics

Search URL Search Domain Scan URL

URL: https://vidalytics.com/contact/?subject=Report%20an%20issue
Title: Report an issue

Search URL Search Domain Scan URL

URL: https://partners.pineapple.co/affiliate-signup/
Title: Affiliate Signup

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://229.mp2201.com/a/229/click/9901442/743572919/_2c3261f8b65004e3491213148518d3e3b154f603/57044aaa21b9f330eae4ae7f097d4cb73ff7ed53 HTTP 302
https://www.pm4trk.com/2P1WQ3X/548B3D/?sub1=haysfloraspring0110 HTTP 302
https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://rtb.mfadsrvr.com/pixel?id=521041&type=img HTTP 302
https://rtb.mfadsrvr.com/ul_cb/pixel?id=521041&type=img HTTP 302
https://rtb-eu.mfadsrvr.com/sync?ssp=revcontent&initiator=me HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=c53d7399-16a2-4fb7-a80d-d8d63142f568&callback=dspCMCallback

Request Chain 25

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/332385166/?random=1673445212923&cv=11&fst=1673445212923&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&auid=1711224155.1673445213&uaw=0 HTTP 302
https://www.google.com/pagead/1p-user-list/332385166/?random=1673445212923&cv=11&fst=1673442000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&is_vtc=1&random=720996305 HTTP 302
https://www.google.de/pagead/1p-user-list/332385166/?random=1673445212923&cv=11&fst=1673442000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&is_vtc=1&random=720996305&ipr=y

Request Chain 43

https://gum.criteo.com/sid/json?origin=onetag&domain=floraspring.com&sn=ChromeSyncframe&so=0&topUrl=floraspring.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=CZPdvXwwb1d2V2lWbTBlTnBXOWQ3ZFNldjd0eEEwYnQ5MSswWGNBQy9QYkFsYUh2NmJpNldSNHd6bjJYTXgrZ2tsMDJKMnR6YTFkWktaN2RiTHMySno3am1PL0FCSE5SWEd2L3FzeU1OMVBqZldLZ2tDRjVyenliZlNoUW5McG5pcXlZWFdGV2lIZkpIeFI1aXJJTHNGNEJhRE1TWHNxaWY2bjhJUC96dUo0aWlsdEY1WXhicDVTV0hGREZVNFY3ZXpsaVlCYUFSVmZLOEI3bGg1dnZCektmcDZGVTVSYjA5bU5VcXVqamVISmJOcTdBTjU5UVFqeVNQUFhiWEZDNHdiWU9yOXV6UVYxeUFwN0tyQ2FNc1htUGp6RlhjZUZYWWhmTlkvdFFrajJMOW5Ebz18&cppv=2

Request Chain 56

https://sslwidget.criteo.com/event?a=77723&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-K24vF95ODRvRWpOZ2FtJTJGbUZXU1NwRWgyNnZTRTNveExFbHJ3YUtKSkElMkJRb2lIdEdpdEdUTyUyQlVRTndQenc0MUUwY0pFYWM1cVlvR3NGTmtjWU1lSkFWR1hoQ2t5TDFMWUglMkJBUG9NZ1RodEVwUVlxbmtCMyUyRmswQkpvTGZINmFVRTZwNlk0dHZLcjdidlIzMnBpQVUzOE1yUU53JTNEJTNE&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fa%253D1058%2526s1%253Dhaysfloraspring0110%2526s2%253D%2526s3%253D%2526s4%253D%2526o%253D83%2526r%253Df0c8d46a34ba416caa0eb04ce5b4e5fc%2526cr%253D%2526campid%253D83&dtycbr=1886 HTTP 302
https://widget.us.criteo.com/event?a=77723&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-K24vF95ODRvRWpOZ2FtJTJGbUZXU1NwRWgyNnZTRTNveExFbHJ3YUtKSkElMkJRb2lIdEdpdEdUTyUyQlVRTndQenc0MUUwY0pFYWM1cVlvR3NGTmtjWU1lSkFWR1hoQ2t5TDFMWUglMkJBUG9NZ1RodEVwUVlxbmtCMyUyRmswQkpvTGZINmFVRTZwNlk0dHZLcjdidlIzMnBpQVUzOE1yUU53JTNEJTNE&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fa%253D1058%2526s1%253Dhaysfloraspring0110%2526s2%253D%2526s3%253D%2526s4%253D%2526o%253D83%2526r%253Df0c8d46a34ba416caa0eb04ce5b4e5fc%2526cr%253D%2526campid%253D83&dtycbr=1886

Request Chain 69

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-uAHPt7vnMNBQHM2E-kFSExvh9TE3FcOXq5z5Ow&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-uAHPt7vnMNBQHM2E-kFSExvh9TE3FcOXq5z5Ow&expires=30

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7LrzdrvnMNBQHM2E-kFSExvh9TG8ljBtscU62A&google_cm&google_hm=ay03THJ6ZHJ2bk1OQlFITTJFLWtGU0V4dmg5VEc4bGpCdHNjVTYyQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7LrzdrvnMNBQHM2E-kFSExvh9TG8ljBtscU62A&google_gid=CAESELOXCDxKm4n2C7yvC8-03Js&google_cver=1&google_ula=913071,0

Request Chain 71

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5857772299788703702

Request Chain 72

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-4-pDervnMNBQHM2E-kFSExvh9TG4t3dAxDsevQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-4-pDervnMNBQHM2E-kFSExvh9TG4t3dAxDsevQ

Request Chain 81

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QV-LGbvnMNBQHM2E-kFSExvh9TEqtNrwq9tkng HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QV-LGbvnMNBQHM2E-kFSExvh9TEqtNrwq9tkng&verify=true

Request Chain 85

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B_puJLvnMNBQHM2E-kFSExvh9TH9s4h0qwj5vA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B_puJLvnMNBQHM2E-kFSExvh9TH9s4h0qwj5vA&C=1

Request Chain 86

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=lBxQCYbSfRlZ8ZvN-3LPuVm4qZQocOsJ HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lBxQCYbSfRlZ8ZvN-3LPuVm4qZQocOsJ

Request Chain 101

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_s0tGSD1oyZ8efge78lYric7Tch0Lt3A

Request Chain 104

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=_q7epeAAyvdMHaqUKllgsF9hGUuJ6Roh

126 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request aff_special20.php Show response
floraspring.com/z/
Redirect Chain

https://229.mp2201.com/a/229/click/9901442/743572919/_2c3261f8b65004e3491213148518d3e3b154f603/57044aaa21b9f330eae4ae7f097d4cb73ff7ed53
https://www.pm4trk.com/2P1WQ3X/548B3D/?sub1=haysfloraspring0110
https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

21 KB
7 KB

490ms
109ms

Document
text/html

149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

464e04531be64cf30598b32fc766a69d93ac24f547a0de715f62c872b77804a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 6786
content-type: text/html; charset=UTF-8
date: Wed, 11 Jan 2023 13:53:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx-rc
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 194
content-type: text/html; charset=utf-8
date: Wed, 11 Jan 2023 13:53:32 GMT
location: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 0531f7a4-1d6d-4ef9-83a0-d7e067befdac

GET
H2 200 bootstrap.min.css
floraspring.com/z/inc/ 110 KB
17 KB 96ms
95ms Stylesheet
text/css 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/inc/bootstrap.min.css

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

1d1974b2deb775a420838749b71e19bb7824e685a28fa1a50e21907c5fd7e7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-1b9ac"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 13:53:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 136ms
53ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97f2aae05698136e460333f1919da58d0a92df73d9cdc5dc40041b5bfef5acb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 13:39:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Jan 2023 13:53:32 GMT

GET
H2 200 buy-safe.css
floraspring.com/z/inc/ 534 B
428 B 96ms
95ms Stylesheet
text/css 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/inc/buy-safe.css

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

5c7358b97d06c77f1641108420df9b72caf8353bf02c1e7545c12ffe8ff20bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-216"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 13:53:32 GMT

GET
H2 200 jquery-ui.min.css
floraspring.com/css/ 28 KB
7 KB 96ms
95ms Stylesheet
text/css 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/css/jquery-ui.min.css

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

4de78f7ae6064851c4a6d700dff1e471596d28d44518f81e2cc91b07817267f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-718e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 13:53:32 GMT

GET
H2 200 ouibounce.min.css
floraspring.com/z/css/ 2 KB
844 B 96ms
96ms Stylesheet
text/css 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/css/ouibounce.min.css

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

16356413bcc5c5d4366a5b4f690fe0182fa7a242cb1cf7496e042b28d428c662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-98c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 13:53:32 GMT

GET
H2 200 vsl.css
floraspring.com/css/ 3 KB
1 KB 97ms
96ms Stylesheet
text/css 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/css/vsl.css?v=1

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

4469009ea5a9afd7a865fc77d1f50af984a04457eb295ae43feaa221d4352757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 17:21:19 GMT
server: nginx-rc
etag: W/"626c1e8f-ca6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 13:53:32 GMT

GET
H/1.1 200
OK thumb6.jpg
s3.amazonaws.com/flora-spring/ 56 KB
56 KB 329ms
109ms Image
image/jpeg 52.217.174.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/flora-spring/thumb6.jpg
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.174.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f47e9f7f2e9c4ec05f86a82619d6c487110bc34703658a68345545e96b9e7b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 13:53:33 GMT
Last-Modified: Fri, 19 Jun 2020 14:28:38 GMT
Server: AmazonS3
x-amz-request-id: RHHGEVY4F93894YW
ETag: "5903f97d5c1477d254c8f417bdd6cdd3"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 57352
x-amz-id-2: KGMFFQjc3wA7l2M9otKh93Bd0cWE4dvs8Wb5DsCvNXZw5ZSNgQHiEmRPq7te3u7KrjBx691YVlQ=

GET
H2 200 jquery.js Show response
floraspring.com/z/inc/ 82 KB
28 KB 133ms
132ms Script
application/javascript 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/inc/jquery.js

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

411226d65b1f2d52d634a32a1df97297c6bc9696fbe21565e731033432902523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-147a2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 13:53:32 GMT

GET
H2 200 jquery-ui.min.js Show response
floraspring.com/js/ 246 KB
63 KB 130ms
130ms Script
application/javascript 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/js/jquery-ui.min.js

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

ea18565a7caf6a465d9b9eb73d217f9c1942c2e9b86f4e985c9de2ab4e810fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-3d8ad"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 13:53:32 GMT

GET
H2 200 ouibounce.min.js Show response
floraspring.com/z/js/ 2 KB
969 B 124ms
123ms Script
application/javascript 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/js/ouibounce.min.js

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-658"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 13:53:32 GMT

GET
H2 200 fadeInOut.js Show response
floraspring.com/z/inc/ 118 B
350 B 124ms
123ms Script
application/javascript 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/inc/fadeInOut.js

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

97343db10774f87a60e4c76c6fc51da9f1165e52d036694328bbb6dee539ae2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-76"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 13:53:32 GMT

GET
H/1.1

200
OK

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://rtb.mfadsrvr.com/pixel?id=521041&type=img
https://rtb.mfadsrvr.com/ul_cb/pixel?id=521041&type=img
https://rtb-eu.mfadsrvr.com/sync?ssp=revcontent&initiator=me
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=c53d7399-16a2-4fb7-a80d-d8d63142f568&callback=dspCMCallback

90 B
90 B

153ms
39ms

Image
application/javascript

99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=c53d7399-16a2-4fb7-a80d-d8d63142f568&callback=dspCMCallback
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: HTTP/1.1
Server: 99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
Date: Wed, 11 Jan 2023 13:53:33 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
vary: Origin
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

Redirect headers

Location: //trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=c53d7399-16a2-4fb7-a80d-d8d63142f568&callback=dspCMCallback
Date: Wed, 11 Jan 2023 13:53:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 334 KB
101 KB 84ms
48ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

380919a0c16f25b028a2e44f877d787b202cfd399cafea700d62efe005a65158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103323
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Jan 2023 13:53:32 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 7 KB
3 KB 57ms
27ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=2887&u=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&f=1&r=0.6100445601053157
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 6abd50163996bdea7a9bcc9516e17a17ca3a61d517554a78b8b9acf1748a9251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1673301470"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 va-89005e590c0ebf15682032cbfc0ab566.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 228 KB
64 KB 38ms
22ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-89005e590c0ebf15682032cbfc0ab566.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=2887&u=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&f=1&r=0.6100445601053157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: bc97cdd00c9cc923def5d0ae0ace79b533eaf7d770bad8d85ea2190e3bacae7d

Request headers

Referer: https://floraspring.com/
Origin: https://floraspring.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 02 Jan 2023 12:54:58 GMT
server: gams1
etag: "63b2d422-10115"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65813

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 100ms
99ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=2887&d=floraspring.com&u=DD39E4F7072D81759B56A43A824D38FB0&h=69ca5818b5ae01a662395d648b6ec8cb&t=false&r=0.8618349686327766

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:31 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 95 KB
9 KB 76ms
75ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=2887&settings_type=1&vn=7.0
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-89005e590c0ebf15682032cbfc0ab566.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: fb54f1df3dbfb82debf4426bc08cea88f059b07ff32ea01fbc6ab027a3243b2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1673301470"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 109ms
28ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Jan 2023 12:21:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5499
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 11 Jan 2023 14:21:54 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 94ms
10ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 18 Jan 2023 13:53:33 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/ 2 KB
2 KB 148ms
69ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/?random=1673445212917&cv=11&fst=1673445212917&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&auid=1711224155.1673445213&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9450d27ab8fbfe46b98a01d97071bb7e1613720a67c7e01e3a9ce66862bcd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 961
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 52ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 11 Jan 2023 13:53:32 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F62F0AC1C94E4201BABAE12176EC31B4 Ref B: FRAEDGE1705 Ref C: 2023-01-11T13:53:32Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/ 2 KB
1 KB 151ms
75ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/?random=1673445212923&cv=11&fst=1673445212923&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&auid=1711224155.1673445213&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92e6022d42312950aeedc36b29eda97978f3a7f56189ee32a8557a4785e9d1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 960
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 110ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
server: nginx
etag: W/"636a704a-a8d9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Jan 2023 13:53:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
28 KB 45ms
14ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Jan 2023 13:53:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27613
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sBzCc4kqRnwxfVqqws4Alr4oNFpUfeoHwGQUgsvovmAi/188vIRh+M8qt9y6xlP+rxEwtS/c/Sm3iIoQWFAAtQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 59ms
31ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b3e1102a657cdc2a06b62903826baa8175eddb14addf67131bf71d93a0a0b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79081
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Jan 2023 13:53:32 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/332385166/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/332385166/?random=1673445212923&cv=11&fst=1673445212923&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&hn=www.googlead...
https://www.google.com/pagead/1p-user-list/332385166/?random=1673445212923&cv=11&fst=1673442000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffloraspring.c...
https://www.google.de/pagead/1p-user-list/332385166/?random=1673445212923&cv=11&fst=1673442000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffloraspring.co...

42 B
64 B

77ms
25ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/332385166/?random=1673445212923&cv=11&fst=1673442000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&is_vtc=1&random=720996305&ipr=y

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/332385166/?random=1673445212923&cv=11&fst=1673442000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&is_vtc=1&random=720996305&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 1 KB
664 B 23ms
23ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=2887&settings_type=2&vn=7.0&u=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-89005e590c0ebf15682032cbfc0ab566.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 037d45cf2b4598357315ca0f6246787f92b9c522378f610272d3f82ac3bde4c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1673301470"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 400 .js
treach-tutters.com/d/ 0
0 90ms
8ms Script
text/html 18.192.108.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://treach-tutters.com/d/.js?lpref=&lpurl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&lpt=Free%20Video%20-%20Limited%20Time%20Only!&vtm=1673445212935
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.192.108.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-108-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 stop-pop.min2.js Show response
floraspring.com/js/ 3 KB
1 KB 95ms
94ms Script
application/javascript 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/js/stop-pop.min2.js

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

58e85ec5782a9ddd2bdb1398acd024726fbf206df3ddb6745b10f2a4224fa187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-ae7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 13:53:33 GMT

GET
H2 200 loader.min.js Show response
quick.vidalytics.com/embeds/KwmJQD4K/yvF2SybVqQ9VMd6O/ 41 KB
11 KB 232ms
129ms Script
application/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/embeds/KwmJQD4K/yvF2SybVqQ9VMd6O/loader.min.js
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 66d523efb17292737d95e34475948c85facbb12050e9c864b5cafb7d82896fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 11 Jan 2023 13:53:33 GMT
date: Wed, 11 Jan 2023 13:53:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 0
x-guploader-uploadid: ADPycdsD8sC5FQk6ISGxAOa5TWlGgXkuv-WoPJ-CpmE8GNJj_arbhJ4bQlCnVLQ4hSvTLNnAMshzOYq_oprJfRBrmGXhEWg5h4rA
x-cache: MISS, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10451
x-served-by: cache-iad-kjyo7100178-IAD, cache-hhn-etou8220073-HHN
last-modified: Thu, 15 Dec 2022 23:15:07 GMT
server: UploadServer
x-timer: S1673445213.110625,VS0,VE123
x-cdn-info: loader
etag: "ed6ac99974efdc8800f0cf3562d9ee6e"
vary: Accept-Encoding
x-goog-generation: 1671146107323380
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=EvWIog==, md5=7WrJmXTv3IgA8M81Ytnubg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=180, s-maxage=180
x-goog-stored-content-length: 10451
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 204 56270944.js Show response
bat.bing.com/p/action/ 0
137 B 108ms
108ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56270944.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Jan 2023 13:53:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 92FFDBAE73EF4C86BF0CDDFC638F0EB0 Ref B: FRAEDGE1705 Ref C: 2023-01-11T13:53:33Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800

GET
H3 200 875470023133343 Show response
connect.facebook.net/signals/config/ 376 KB
107 KB 156ms
139ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/875470023133343?v=2.9.91&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2084d75b3c0eb466db964b4b65fc91d7f4aa7baff4eb6f7b4e94e553c0ffb18

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Jan 2023 13:53:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: DqZzs0y4U0r6Q4sB3IPNsYRzGuKlQ+HCmOW9XUcfVex/aXR5ziao+u9B/joIAIyFrGMHMqto6zTxqb/TEQA6WA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56270944&Ver=2&mid=f634bfaf-7844-4f31-bf0c-6f36eff21545&sid=563d833091b711eda94ac140e3d828d3&vid=563d8cd091b711ed8199df6623f54ccf&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20Video%20-%20Limited%20Time%20Only!&p=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&r=&lt=2127&evt=pageLoad&sv=1&rn=934958

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Jan 2023 13:53:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9258EEB7D17F4ED18F525A6005504DDA Ref B: FRAEDGE1705 Ref C: 2023-01-11T13:53:33Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
338 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JM1YLT9HG3&gtm=2oe190&_p=971777974&_gaz=1&cid=2030394647.1673445213&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&sid=1673445213&sct=1&seg=0&dt=Free%20Video%20-%20Limited%20Time%20Only!&en=page_view&_fv=1&_nsi=1&_ss=1&epn.page_height=739&ep.fb_pixel_id=875470023133343&ep.event_id=1673445439665_16734458440411&ep.a_affiliate_id=1058
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 60ms
20ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JM1YLT9HG3&cid=2030394647.1673445213&gtm=2oe190&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 75ms
39ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JM1YLT9HG3&cid=2030394647.1673445213&gtm=2oe190&aip=1&z=1520364084

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-rXRXmwZSu3n0s.js Show response
rules.quantcount.com/ 1 KB
1 KB 96ms
34ms Script
application/javascript 2600:9000:206e:3800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-rXRXmwZSu3n0s.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:3800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994e7cba872b1835499be600f85f99d12ae61b38d81ac0429ef39e2f587fd3f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:48:04 GMT
content-encoding: gzip
via: 1.1 d3e698ff6aa93657f45eda478b9496e0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:53:35 GMT
server: AmazonS3
etag: W/"4616f68031e96be3102ecbcf8f921399"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: dKsc4w2YuNUr9dy7VkZoEJ8kLsCwE1ToaB_qP9ik59jwMjr4YhJukg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 109ms
50ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=971777974&t=pageview&_s=1&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&ul=en-us&de=UTF-8&dt=Free%20Video%20-%20Limited%20Time%20Only!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1279541070&gjid=1613120704&cid=2030394647.1673445213&tid=UA-113385709-1&_gid=1187291293.1673445213&_r=1&gtm=2wg190MR9ZK4G&cd4=1058&z=2064992510

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CFDE 15 KB
6 KB 58ms
20ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=floraspring.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://floraspring.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 13:53:32 GMT
server: Kestrel
server-processing-duration-in-ticks: 951173
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
www.google.com/pagead/1p-user-list/693528767/ 42 B
108 B 135ms
55ms Image
image/gif 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693528767/?random=1673445212917&cv=11&fst=1673442000000&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&fmt=3&is_vtc=1&random=1859302622&rmt_tld=0&ipr=y

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693528767/ 42 B
108 B 38ms
36ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693528767/?random=1673445212917&cv=11&fst=1673442000000&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&fmt=3&is_vtc=1&random=1859302622&rmt_tld=1&ipr=y

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693528767/ 42 B
548 B 134ms
55ms Image
image/gif 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693528767/?random=1673445212923&cv=11&fst=1673442000000&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&fmt=3&is_vtc=1&random=1873527576&rmt_tld=0&ipr=y

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693528767/ 42 B
548 B 34ms
32ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693528767/?random=1673445212923&cv=11&fst=1673442000000&bg=ffffff&guid=ON&async=1&gtm=2wg190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&tiba=Free%20Video%20-%20Limited%20Time%20Only!&fmt=3&is_vtc=1&random=1873527576&rmt_tld=1&ipr=y

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame CFDE
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=floraspring.com&sn=ChromeSyncframe&so=0&topUrl=floraspring.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=CZPdvXwwb1d2V2lWbTBlTnBXOWQ3ZFNldjd0eEEwYnQ5MSswWGNBQy9QYkFsYUh2NmJpNldSNHd6bjJYTXgrZ2tsMDJKMnR6YTFkWktaN2RiTHMySno3am1PL0FCSE5SWEd2L3FzeU1OMVBqZldLZ2tDRjVyenliZlNoUW...

433 B
655 B

315ms
22ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=CZPdvXwwb1d2V2lWbTBlTnBXOWQ3ZFNldjd0eEEwYnQ5MSswWGNBQy9QYkFsYUh2NmJpNldSNHd6bjJYTXgrZ2tsMDJKMnR6YTFkWktaN2RiTHMySno3am1PL0FCSE5SWEd2L3FzeU1OMVBqZldLZ2tDRjVyenliZlNoUW5McG5pcXlZWFdGV2lIZkpIeFI1aXJJTHNGNEJhRE1TWHNxaWY2bjhJUC96dUo0aWlsdEY1WXhicDVTV0hGREZVNFY3ZXpsaVlCYUFSVmZLOEI3bGg1dnZCektmcDZGVTVSYjA5bU5VcXVqamVISmJOcTdBTjU5UVFqeVNQUFhiWEZDNHdiWU9yOXV6UVYxeUFwN0tyQ2FNc1htUGp6RlhjZUZYWWhmTlkvdFFrajJMOW5Ebz18&cppv=2

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

927036504c779f7a78fb34bc622bfc0935cec3fbd8e9a9be684cab78f9502ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5307635
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=CZPdvXwwb1d2V2lWbTBlTnBXOWQ3ZFNldjd0eEEwYnQ5MSswWGNBQy9QYkFsYUh2NmJpNldSNHd6bjJYTXgrZ2tsMDJKMnR6YTFkWktaN2RiTHMySno3am1PL0FCSE5SWEd2L3FzeU1OMVBqZldLZ2tDRjVyenliZlNoUW5McG5pcXlZWFdGV2lIZkpIeFI1aXJJTHNGNEJhRE1TWHNxaWY2bjhJUC96dUo0aWlsdEY1WXhicDVTV0hGREZVNFY3ZXpsaVlCYUFSVmZLOEI3bGg1dnZCektmcDZGVTVSYjA5bU5VcXVqamVISmJOcTdBTjU5UVFqeVNQUFhiWEZDNHdiWU9yOXV6UVYxeUFwN0tyQ2FNc1htUGp6RlhjZUZYWWhmTlkvdFFrajJMOW5Ebz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 685794
content-length: 0
expires: 0

GET
H2 200 pixel;r=204270901;source=gtm;labels=_fp.event.Default;rf=0;a=p-rXRXmwZSu3n0s;url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%...
pixel.quantserve.com/ 35 B
372 B 48ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=204270901;source=gtm;labels=_fp.event.Default;rf=0;a=p-rXRXmwZSu3n0s;url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83;uht=2;fpan=1;fpa=P0-1168670286-1673445213062;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=floraspring.com;dst=0;et=1673445213171;tzo=0;ogl=;ses=21dcf2b1-f2ce-4c20-8702-ba2d7b264748

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-113385709-1&cid=2030394647.1673445213&jid=1279541070&gjid=1613120704&_gid=1187291293.1673445213&_u=YADAAEAAAAAAACAAI~&z=1858367620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 11 Jan 2023 13:53:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 player-dash-mse.min.js Show response
quick.vidalytics.com/embeds/KwmJQD4K/yvF2SybVqQ9VMd6O/ 2 MB
498 KB 20ms
9ms XHR
application/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/embeds/KwmJQD4K/yvF2SybVqQ9VMd6O/player-dash-mse.min.js?hash=qbjezkhud
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/yvF2SybVqQ9VMd6O/loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7bb6f8d830e2966c643de4d22f7727a848d8c688491ddcee8348412f866ad1fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 25 Jan 2023 20:16:37 GMT
date: Wed, 11 Jan 2023 13:53:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 1359416
x-guploader-uploadid: ADPycds5vp3lI2vLAvefd72NB7ckYujsNVT71KDzqa2laC0o7KfOIJekORq4gmbTm4idckIUFwtE__AVMWAfOUGCO6QwCg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 508835
x-served-by: cache-iad-kiad7000067-IAD, cache-hhn-etou8220051-HHN
last-modified: Thu, 15 Dec 2022 23:15:07 GMT
server: UploadServer
x-timer: S1673445213.257709,VS0,VE2
etag: "d5ddb5222f774f57692f1788fa564ab5"
vary: Accept-Encoding
x-goog-generation: 1671146107681383
x-goog-hash: crc32c=FygdXQ==, md5=1d21Ii93T1dpLxeI+lZKtQ==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=300, s-maxage=2592000
x-goog-stored-content-length: 508835
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
accept-ranges: bytes
x-cache-hits: 63, 1

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 124ms
65ms Image
image/gif 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-113385709-1&cid=2030394647.1673445213&jid=1279541070&_u=YADAAEAAAAAAACAAI~&z=2017896940

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
37ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-113385709-1&cid=2030394647.1673445213&jid=1279541070&_u=YADAAEAAAAAAACAAI~&z=2017896940

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 awesome-log Show response
stats.vidalytics.com/ 43 B
373 B 412ms
140ms XHR
image/gif 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/awesome-log?cid=KwmJQD4K
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
server: istio-envoy
etag: "KwmJQD4K/2ge7dJ_8H9Kv0mRw"
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: no-cache, public, max-age=2592000
x-envoy-upstream-service-time: 14
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
content-length: 43

POST
H2 200 licensing Show response
analytics-ingress-global.bitmovin.com/ 117 B
378 B 64ms
20ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/licensing
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 117
alt-svc: clear

GET
H3 200 preview-5_0.jpg
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/thumb/ 2 KB
3 KB 21ms
8ms Image
image/jpeg 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/thumb/preview-5_0.jpg
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 80f0ff5df68404c17521389ff337db2b21d693873582033fc0fb857474eb9506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:28:07 GMT
date: Wed, 11 Jan 2023 13:53:33 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624326
x-guploader-uploadid: ADPycdu773aJnI_2uzJj0YMh6UKsD_0SLzzEVrWVlaOcdxfvhCj4XtxkUnttRWYFoYWsgYsdWf5JBGMr7SOeeEQzZ9LO1QMBenM3
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2499
x-served-by: cache-iad-kiad7000099-IAD, cache-hhn-etou8220090-HHN
last-modified: Wed, 02 Nov 2022 13:50:42 GMT
server: UploadServer
x-timer: S1673445214.517090,VS0,VE1
etag: "ecc25ad39ec0efe7f763a2a816ad81e8"
x-goog-generation: 1667397042754405
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=iDCLrA==, md5=7MJa057A7+f3Y6KoFq2B6A==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 2499
accept-ranges: bytes
x-cache-hits: 70, 1

POST
H2 200 licensing Show response
licensing.bitmovin.com/ 165 B
451 B 176ms
132ms XHR
application/json 2600:1901:0:df23::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/licensing
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
via: 1.1 google
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 165

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 45ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=875470023133343&ev=PageView&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&rl=&if=false&ts=1673445213592&sw=1600&sh=1200&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673445213591.896534603&it=1673445213017&coo=false&eid=1673445439665_16734458440411&rqm=GET

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 11 Jan 2023 13:53:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 26ms
26ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 13:53:32 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H3 200 stream.mpd Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/ 6 KB
6 KB 99ms
99ms XHR
application/dash+xml 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/stream.mpd
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9b74d2f14ef944e54f55eff5c743d9593330791fa4d4db5e40b4d3ee5ac98907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:33 GMT
date: Wed, 11 Jan 2023 13:53:33 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624480
x-guploader-uploadid: ADPycdsURHfHthxA3iu_Bu5n_6G3m22HGRWlx4DSK8VbUhxA0VeFSCjFk05XNyH9tP-M4SbSk69zZ3xUon3TlzNy2jIiXA
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5842
x-served-by: cache-iad-kcgs7200105-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:54:27 GMT
server: UploadServer
x-timer: S1673445214.612582,VS0,VE92
etag: "70c148b240900e1b3d3ec283cfb2cda2"
x-goog-generation: 1667397267897236
content-type: application/dash+xml
access-control-allow-origin: *
x-goog-hash: crc32c=CoC9fQ==, md5=cMFIskCQDhs9PsKDz7LNog==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 5842
accept-ranges: bytes
x-cache-hits: 220, 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=77723&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-K24vF95ODRvRWpOZ2FtJTJGbUZXU1NwRWgyNnZTRTNveExFbHJ3YUtKSkElMkJRb2lIdEdpdEdUTyUyQlV...
https://widget.us.criteo.com/event?a=77723&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-K24vF95ODRvRWpOZ2FtJTJGbUZXU1NwRWgyNnZTRTNveExFbHJ3YUtKSkElMkJRb2lIdEdpdEdUTyUyQlV...

8 KB
4 KB

401ms
107ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=77723&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-K24vF95ODRvRWpOZ2FtJTJGbUZXU1NwRWgyNnZTRTNveExFbHJ3YUtKSkElMkJRb2lIdEdpdEdUTyUyQlVRTndQenc0MUUwY0pFYWM1cVlvR3NGTmtjWU1lSkFWR1hoQ2t5TDFMWUglMkJBUG9NZ1RodEVwUVlxbmtCMyUyRmswQkpvTGZINmFVRTZwNlk0dHZLcjdidlIzMnBpQVUzOE1yUU53JTNEJTNE&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fa%253D1058%2526s1%253Dhaysfloraspring0110%2526s2%253D%2526s3%253D%2526s4%253D%2526o%253D83%2526r%253Df0c8d46a34ba416caa0eb04ce5b4e5fc%2526cr%253D%2526campid%253D83&dtycbr=1886

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f49d2e6651e1beb2614c3b7a822059fedaee99a9ee275720be55cc6d68df76c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15513056
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=77723&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-K24vF95ODRvRWpOZ2FtJTJGbUZXU1NwRWgyNnZTRTNveExFbHJ3YUtKSkElMkJRb2lIdEdpdEdUTyUyQlVRTndQenc0MUUwY0pFYWM1cVlvR3NGTmtjWU1lSkFWR1hoQ2t5TDFMWUglMkJBUG9NZ1RodEVwUVlxbmtCMyUyRmswQkpvTGZINmFVRTZwNlk0dHZLcjdidlIzMnBpQVUzOE1yUU53JTNEJTNE&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fa%253D1058%2526s1%253Dhaysfloraspring0110%2526s2%253D%2526s3%253D%2526s4%253D%2526o%253D83%2526r%253Df0c8d46a34ba416caa0eb04ce5b4e5fc%2526cr%253D%2526campid%253D83&dtycbr=1886
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15619124
timing-allow-origin: *
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ 696 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 init.mp4 Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/480x270_h264_157500/ 671 B
1 KB 8ms
8ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/480x270_h264_157500/init.mp4
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: edd7d8d4427a3d17e311a9463909736ff7cad6ca819bda82d2e540a9d082c061

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:34 GMT
date: Wed, 11 Jan 2023 13:53:33 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624480
x-guploader-uploadid: ADPycduNg50LZB-c_XbSF39LYsA3VDJVj67ax_HCd8yesHGqYxp2vSI9-Rh6arzfSvVZKDaI_1d3Xu6hOua4Ss4TRw2IPboQL7Gq
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 671
x-served-by: cache-iad-kcgs7200041-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:16 GMT
server: UploadServer
x-timer: S1673445214.754299,VS0,VE1
etag: "1c8513710770e3f735fbbc36dc1c415b"
x-goog-generation: 1667396716016418
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=V5g6pw==, md5=HIUTcQdw4/c1+7w23BxBWw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 671
accept-ranges: bytes
x-cache-hits: 50, 1

GET
H3 200 init.mp4 Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 606 B
1 KB 9ms
8ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/init.mp4
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:34 GMT
date: Wed, 11 Jan 2023 13:53:33 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624479
x-guploader-uploadid: ADPycdtajlZFlJ0Q6QoaXqI7rI7hnxFj-3uqt2WDTPYysGzeZn9RbcRjEnbQPllOrCH4dNGG6LGM3fj0BokLrOlH6WTatg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 606
x-served-by: cache-iad-kiad7000074-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:39 GMT
server: UploadServer
x-timer: S1673445214.754360,VS0,VE1
etag: "af3d86596c83ba8ac236796a59f6d6dc"
x-goog-generation: 1667396739032644
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 606
accept-ranges: bytes
x-cache-hits: 104, 1

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
83 B 130ms
130ms XHR
application/json 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 11 Jan 2023 13:53:33 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 16
access-control-allow-methods: POST,OPTIONS
content-type: application/json

GET
H3 200 s_0.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/480x270_h264_157500/ 76 KB
77 KB 9ms
8ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/480x270_h264_157500/s_0.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8a499140a79ac3304b37b301174d1ed36de46214af7db2d5951ed5d585edd8d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:34 GMT
date: Wed, 11 Jan 2023 13:53:34 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624480
x-guploader-uploadid: ADPycduXqja4DQ7E_4xUmtgqXCMXhCc6aNYowkjqkRvkJXh6IKjps2Q2mT_wsDuCVVzel6dl4WZ33H68UgEdsiNRqrM6F0xMGsm-
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 77749
x-served-by: cache-iad-kcgs7200035-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:16 GMT
server: UploadServer
x-timer: S1673445214.005536,VS0,VE1
etag: "b9402593d71262c85f7a07cfce202e39"
x-goog-generation: 1667396716171564
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=zbIbyw==, md5=uUAlk9cSYshfegfPziAuOQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 77749
accept-ranges: bytes
x-cache-hits: 47, 1

GET
H3 200 s_0.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 47 KB
48 KB 11ms
10ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_0.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5ed5ee7d2f88513a21b105e38900681e30de2b40d2ff5d97d20b14bde1f2a87b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:34 GMT
date: Wed, 11 Jan 2023 13:53:34 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624480
x-guploader-uploadid: ADPycdt-KS0GC20PwJkdZqVZPAc8JRtg0EWzq_LcOHKwZ0_MYqdUOoxbQqkyeGeW9psyn5x9yprLazlbx7VjX6surseuDKEFlcmw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 48229
x-served-by: cache-iad-kcgs7200161-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:39 GMT
server: UploadServer
x-timer: S1673445214.005697,VS0,VE1
etag: "135b54826bb6e72afeb944dfac225f94"
x-goog-generation: 1667396739180611
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=FWC8tw==, md5=E1tUgmu25yr+uUTfrCJflA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 48229
accept-ranges: bytes
x-cache-hits: 85, 1

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
81 B 129ms
129ms XHR
application/json 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 11 Jan 2023 13:53:34 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
content-length: 16
access-control-allow-methods: POST,OPTIONS
content-type: application/json

GET
H3 200 s_1.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 47 KB
47 KB 99ms
99ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_1.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9d7daba2671a1cb3aa750ea2636543b44a0ced52c7a87608ac6a6b9b4341716d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 05 Jan 2024 09:44:34 GMT
date: Wed, 11 Jan 2023 13:53:34 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 101339
x-guploader-uploadid: ADPycdtu4Z6VuWk165NEtegHhIpCoGwkkWLhMSb945WkP-QysuAIGlDLJYhQIHo2T_cN6UfdeLU8MMJXMSk7YpNg68XAl_oMQbJA
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47809
x-served-by: cache-iad-kjyo7100160-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:39 GMT
server: UploadServer
x-timer: S1673445214.047580,VS0,VE92
etag: "c786954026d6c2817d26bf16b8667ecb"
x-goog-generation: 1667396739251910
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=HZAPjw==, md5=x4aVQCbWwoF9Jr8WuGZ+yw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47809
accept-ranges: bytes
x-cache-hits: 176, 0

POST
H3 204 impression Show response
licensing.bitmovin.com/ 0
13 B 48ms
20ms XHR
application/json 2600:1901:0:df23::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/impression
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 11 Jan 2023 13:53:34 GMT
via: 1.1 google
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 31ms
14ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=875470023133343&ev=Microdata&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&rl=&if=false&ts=1673445214094&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Free%20Video%20-%20Limited%20Time%20Only!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%2F%22%2C%22%40type%22%3A%22VideoObject%22%2C%22name%22%3A%22120321_RP_FS_VSL_FB_PHPR%20%20Crypton%20Intro_Amber%20Bottle%20Test_1051_Seconds%22%2C%22description%22%3A%22120321_RP_FS_VSL_FB_PHPR%20%20Crypton%20Intro_Amber%20Bottle%20Test_1051_Seconds%22%2C%22uploadDate%22%3A%222022-11-02T13%3A38%3A08%2B00%3A00%22%2C%22duration%22%3A%22PT45M49S%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fquick.vidalytics.com%2Fvideo%2FKwmJQD4K%2FMKjqQbhG3AykVDWB%2F78595%2F68386%2Fthumb%2Fthumbnail-5_0.jpg%22%2C%22embedUrl%22%3A%22https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83%22%7D%5D&sw=1600&sh=1200&v=2.9.91&r=stable&ec=1&o=30&fbp=fb.1.1673445213591.896534603&it=1673445213017&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 11 Jan 2023 13:53:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 init.mp4 Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 672 B
1 KB 10ms
9ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/init.mp4
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 71d7577a1e8ec552b7408e07fb6fb88216d05b9b810514f2a6c297be85c711b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:35 GMT
date: Wed, 11 Jan 2023 13:53:34 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624479
x-guploader-uploadid: ADPycdti29N57VXb3ovN_tyrKRIerLj_8qt4c_qisQ9gTlch98utIGuDGFjJLFA8vhr-Zda0MGUxj2M3_bevhgi21oeQ9k2J5824
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 672
x-served-by: cache-iad-kiad7000102-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:17 GMT
server: UploadServer
x-timer: S1673445214.155666,VS0,VE1
etag: "de0beafa3fb2e7422536c42656474052"
x-goog-generation: 1667396717322457
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=adaXuw==, md5=3gvq+j+y50IlNsQmVkdAUg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 672
accept-ranges: bytes
x-cache-hits: 69, 1

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 4F81
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-uAHPt7vnMNBQHM2E-kFSExvh9TE3FcOXq5z5Ow&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-uAHPt7vnMNBQHM2E-kFSExvh9TE3FcOXq5z5Ow&expires=30

43 B
345 B

8ms
8ms

Image
image/gif

52.58.161.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-uAHPt7vnMNBQHM2E-kFSExvh9TE3FcOXq5z5Ow&expires=30
Protocol: H2
Server: 52.58.161.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-161-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-uAHPt7vnMNBQHM2E-kFSExvh9TE3FcOXq5z5Ow&expires=30
date: Wed, 11 Jan 2023 13:53:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4F81
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7LrzdrvnMNBQHM2E-kFSExvh9TG8ljBtscU62A&google_cm&google_hm=ay03THJ6ZHJ2bk1OQlFITTJFLWtGU0V4dmg5VEc4bGpCd...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7LrzdrvnMNBQHM2E-kFSExvh9TG8ljBtscU62A&google_gid=CAESELOXCDxKm4n2C7yvC8-03Js&google_cver=1&google_ula=913071,0

43 B
370 B

48ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7LrzdrvnMNBQHM2E-kFSExvh9TG8ljBtscU62A&google_gid=CAESELOXCDxKm4n2C7yvC8-03Js&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1602414
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7LrzdrvnMNBQHM2E-kFSExvh9TG8ljBtscU62A&google_gid=CAESELOXCDxKm4n2C7yvC8-03Js&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4F81
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5857772299788703702

43 B
371 B

126ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5857772299788703702

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1668272
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 11 Jan 2023 13:53:34 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.138; 178.162.209.138; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7507a84f-8447-4122-916c-1ac48f35f074
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5857772299788703702
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 4F81
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-4-pDervnMNBQHM2E-kFSExvh9TG4t3dAxDsevQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-4-pDervnMNBQHM2E-kFSExvh9TG4t3dAxDsevQ

43 B
447 B

11ms
11ms

Image
image/gif

52.28.89.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-4-pDervnMNBQHM2E-kFSExvh9TG4t3dAxDsevQ
Protocol: H2
Server: 52.28.89.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-89-159.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 11 Jan 2023 13:53:34 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-4-pDervnMNBQHM2E-kFSExvh9TG4t3dAxDsevQ
date: Wed, 11 Jan 2023 13:53:34 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 4F81 45 B
786 B 254ms
196ms Image
image/gif 184.51.8.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-ooqicbvnMNBQHM2E-kFSExvh9THlpIwVHV7Lsw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-8-30.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 11 Jan 2023 13:53:34 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 11 Jan 2023 13:53:34 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 4F81 0
145 B 350ms
93ms Image
text/plain 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-hMcBsbvnMNBQHM2E-kFSExvh9THIDGBGlMDEHQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 13:53:34 GMT
Cache-Control: no-cache
X-TraceId: d36cd871b1fecfed0d722861d47f390f
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 4F81 0
239 B 39ms
10ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-_k3UHrvnMNBQHM2E-kFSExvh9TGQfeE8HsQHTA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 4F81 0
35 B 94ms
7ms Image
text/plain 18.195.181.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-y6oeVrvnMNBQHM2E-kFSExvh9TGnzaYtf8PV6A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.181.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-181-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:34 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 4F81 43 B
163 B 145ms
17ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-9emeRrvnMNBQHM2E-kFSExvh9TFU1AqtoXiDXQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4F81 0
99 B 139ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-roZvU7vnMNBQHM2E-kFSExvh9TEAiZIWjosi4w
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13038

GET
H2 200 um
criteo-sync.teads.tv/ Frame 4F81 23 B
172 B 195ms
89ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-VONMdrvnMNBQHM2E-kFSExvh9TFdKKzWsJ8drg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 11 Jan 2023 13:53:34 GMT
pragma: no-cache
date: Wed, 11 Jan 2023 13:53:34 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 4F81 37 B
140 B 26ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-H5pRZ7vnMNBQHM2E-kFSExvh9TGvnWJQ-oMvHA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 4F81
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QV-LGbvnMNBQHM2E-kFSExvh9TEqtNrwq9tkng
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QV-LGbvnMNBQHM2E-kFSExvh9TEqtNrwq9tkng&verify=true

0
121 B

12ms
12ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QV-LGbvnMNBQHM2E-kFSExvh9TEqtNrwq9tkng&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:34 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QV-LGbvnMNBQHM2E-kFSExvh9TEqtNrwq9tkng&verify=true
date: Wed, 11 Jan 2023 13:53:34 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 put
e1.emxdgt.com/ Frame 4F81 0
55 B 48ms
11ms Image
text/html 18.156.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-iK7xbbvnMNBQHM2E-kFSExvh9THXSo3CPELv0g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:34 GMT
content-length: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame 4F81 43 B
162 B 74ms
19ms Image
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-ouTf7LvnMNBQHM2E-kFSExvh9THbEfoKx9X7wA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:34 GMT
last-modified: Mon, 04 Oct 2021 14:04:49 GMT
server: nginx
accept-ranges: bytes
etag: "615b0a01-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 4F81 49 B
235 B 85ms
21ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-qZTVoLvnMNBQHM2E-kFSExvh9TGa8L9Q6r9CdA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:34 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H3

200

rum
r.casalemedia.com/ Frame 4F81
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B_puJLvnMNBQHM2E-kFSExvh9TH9s4h0qwj5vA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B_puJLvnMNBQHM2E-kFSExvh9TH9s4h0qwj5vA&C=1

43 B
870 B

40ms
30ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-B_puJLvnMNBQHM2E-kFSExvh9TH9s4h0qwj5vA&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWIKZpm%2BsW60lJIJZSCdtVkelpM%2FGj1ODW%2FV9ByYh1u8GcV84FNR2PULDysGdjAZZawuhHaebAwyC7eaZ4uVhA%2FIo6QP%2B7N0iQsbjdDmlnOZ%2BfAnUof46xVk28gM8kPCG%2BCi"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 787e23ae38e29954-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeRbCHilBiXcbtWyZJY%2B9NT4lkNF86DPA8FymLl3PvcLc2ywPtJJYJ5jvXneun8fxSJFQ26KbhCoep5NjM69%2B395HjY%2FiEPNJ4YLc8QWbv%2BU7SgkYyTb0mZnnmyucUasNrnO"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-B_puJLvnMNBQHM2E-kFSExvh9TH9s4h0qwj5vA&C=1
cache-control: no-cache
cf-ray: 787e23adfa47909a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 4F81
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=lBxQCYbSfRlZ8ZvN-3LPuVm4qZQocOsJ
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lBxQCYbSfRlZ8ZvN-3LPuVm4qZQocOsJ

42 B
942 B

32ms
32ms

Image
image/gif

52.17.182.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lBxQCYbSfRlZ8ZvN-3LPuVm4qZQocOsJ

Protocol

HTTP/1.1

Server

52.17.182.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-182-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0f7e0a58c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rJlbJE+7RUM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-03da2f349.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: lMiO9gnwT1s=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lBxQCYbSfRlZ8ZvN-3LPuVm4qZQocOsJ
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 4F81 43 B
1 KB 65ms
19ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-HcVsX7vnMNBQHM2E-kFSExvh9TFanbB_SG8gaw

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 11 Jan 2023 13:53:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame 4F81 42 B
274 B 107ms
21ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-pcmon7vnMNBQHM2E-kFSExvh9TER1Tc9C5jyZQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 4F81 0
884 B 48ms
10ms Image
text/html 3.122.34.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-1id4i7vnMNBQHM2E-kFSExvh9THi5tAnYdC0_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.34.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-34-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:53:34 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 4F81 42 B
584 B 40ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-l1upvbvnMNBQHM2E-kFSExvh9TFTrbVxJaKQgQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 11 Jan 2023 13:53:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 4F81 43 B
183 B 1073ms
100ms Image
image/gif 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-aN7wq7vnMNBQHM2E-kFSExvh9TGFWWW1IRvb3g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 11 Jan 2023 13:53:35 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 4F81 43 B
153 B 129ms
25ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-oC7pULvnMNBQHM2E-kFSExvh9TF2M8FGax6cQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 11 Jan 2023 13:53:34 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 4F81 0
525 B 92ms
42ms Image
text/plain 104.70.110.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-NcThA7vnMNBQHM2E-kFSExvh9THCXqihcSAtDQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.70.110.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-110-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Jan 2023 13:53:34 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 10 Jan 2023 13:53:34 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 4F81 43 B
220 B 963ms
32ms Image
image/gif 54.155.179.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-dQ4ShrvnMNBQHM2E-kFSExvh9TExTVBqQvUWlQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.179.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-179-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 11 Jan 2023 13:53:35 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 24ms
23ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 22ms
22ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 23ms
22ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 29ms
29ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 29ms
28ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 13:53:33 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H3 200 s_1.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 398ms
397ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_1.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 99a7957476dd3f8516e01c007f07c59922a1301778ea83b764d0b7946de809a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:35 GMT
date: Wed, 11 Jan 2023 13:53:34 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624478
x-guploader-uploadid: ADPycdv6F_nTeQ1SibUHQG74DF94JDJGVCTK2YDwZCx0fvCNWgWpEOIvT6zy_-mvddHUffJhMlpdviuj_XQHjzDVYDBGf5OfmxCQ
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1525931
x-served-by: cache-iad-kjyo7100080-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:25 GMT
server: UploadServer
x-timer: S1673445214.405367,VS0,VE388
etag: "ab9863d846ec2b459949dbb19587af10"
x-goog-generation: 1667396725604751
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=yxKiHw==, md5=q5hj2EbsK0WZSduxlYevEA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1525931
accept-ranges: bytes
x-cache-hits: 293, 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 4F81
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_s0tGSD1oyZ8efge78lYric7Tch0Lt3A

0
338 B

873ms
32ms

Image
text/plain

52.208.157.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_s0tGSD1oyZ8efge78lYric7Tch0Lt3A
Protocol: H2
Server: 52.208.157.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-157-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Wed, 11 Jan 2023 13:53:35 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1673445215
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_s0tGSD1oyZ8efge78lYric7Tch0Lt3A
date: Wed, 11 Jan 2023 13:53:34 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1578286
content-length: 0

GET
H3 200 s_2.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 46 KB
47 KB 9ms
9ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_2.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b8da56041e89fd42f694e6adeeeeb1dec747002cb2df3a1b110ba0f842dcb1b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:36 GMT
date: Wed, 11 Jan 2023 13:53:34 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624478
x-guploader-uploadid: ADPycdsoDyY_v6F5GpPmc5VxFyaUmwDHGgYPZyjCEzjRVQkPl0h8J0Fq_AXUsiIMrDHB6CJEDeXQ0kMlpyqjjdW-Cuuheg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47444
x-served-by: cache-iad-kjyo7100045-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:39 GMT
server: UploadServer
x-timer: S1673445215.850531,VS0,VE1
etag: "027f5e63597d0cd34bd866926e28682c"
x-goog-generation: 1667396739508794
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=OsyoNQ==, md5=An9eY1l9DNNL2GaSbihoLA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47444
accept-ranges: bytes
x-cache-hits: 70, 1

GET
H3 200 s_2.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 114ms
114ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_2.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 718121661570f5f415d5b2e7e2b41a30cfd9ab301728f48c8cc473155af18e05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:36 GMT
date: Wed, 11 Jan 2023 13:53:35 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624478
x-guploader-uploadid: ADPycdslJcZMIzF9-6yGLcC2CPjDnAzEYCmu3xSyXv3BZe6dngilpnQW7GuRQ5opVK_UWzKtnUR5--ExGX8ijCpaqoJFOZPR1KRH
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1510843
x-served-by: cache-iad-kiad7000126-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:28 GMT
server: UploadServer
x-timer: S1673445215.342709,VS0,VE105
etag: "2aefc2e16102549fd718679e0a34c40e"
x-goog-generation: 1667396728633772
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=OKSSuA==, md5=Ku/C4WECVJ/XGGeeCjTEDg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1510843
accept-ranges: bytes
x-cache-hits: 156, 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 4F81
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=_q7epeAAyvdMHaqUKllgsF9hGUuJ6Roh

35 B
268 B

353ms
104ms

Image
image/gif

3.141.114.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=_q7epeAAyvdMHaqUKllgsF9hGUuJ6Roh
Protocol: H2
Server: 3.141.114.230 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-114-230.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:35 GMT
x-bt-requestid: 57d3e2a0-91b7-11ed-97ca-0000ac17024f
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=_q7epeAAyvdMHaqUKllgsF9hGUuJ6Roh
date: Wed, 11 Jan 2023 13:53:35 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1353189
content-length: 0

GET
H3 200 s_3.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 47 KB
47 KB 9ms
8ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_3.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0258a5a4c0ef9a9fb39ed3ea40c13ac2d47e3c7609045023158ee31233e1aaa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 16:46:27 GMT
date: Wed, 11 Jan 2023 13:53:35 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 594428
x-guploader-uploadid: ADPycdt-LSKlOpB5LDsgiRglkYsHrs23KpENZhV-RXY9prIMxRC8TYRRc52_9hde0o5FFg-rJ9lhBo1JwXJaZ6Ox3xXfMQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47632
x-served-by: cache-iad-kjyo7100045-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:39 GMT
server: UploadServer
x-timer: S1673445216.507115,VS0,VE1
etag: "e83b84a3e3d924d37ecac841a8053733"
x-goog-generation: 1667396739782688
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=KzxaJw==, md5=6DuEo+PZJNN+yshBqAU3Mw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47632
accept-ranges: bytes
x-cache-hits: 255, 1

GET
H3 200 s_3.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 151ms
151ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_3.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3c65bdfc2abfbd0fae472de30dad571f2d61bb2b91125f4637a9c75f398b88b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:37 GMT
date: Wed, 11 Jan 2023 13:53:35 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624478
x-guploader-uploadid: ADPycdvTg0tXOwz_aKK5Eu52pKGPcf2zbCOqltHkPsICRTxS0x7axGwWQTWh3wH112QMMGUciYTZ6ovk82xS87OvGRJR
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1559055
x-served-by: cache-iad-kjyo7100140-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:26 GMT
server: UploadServer
x-timer: S1673445216.526401,VS0,VE143
etag: "c74fd882c7d1aa3bf84989bf99280564"
x-goog-generation: 1667396726248985
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=fTY/PA==, md5=x0/YgsfRqjv4SYm/mSgFZA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1559055
accept-ranges: bytes
x-cache-hits: 300, 0

GET
H3 200 s_4.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 46 KB
47 KB 22ms
21ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_4.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e42f6b33db242867f2607350ea7b8804f4cf55e0fa6c677ebf11ee3cf92a9e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:38 GMT
date: Wed, 11 Jan 2023 13:53:35 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624477
x-guploader-uploadid: ADPycdtWTcGq82hjjYVHJ5UzZ7MsXZR_SoNwInH232nguK42T4mbcdHzTxYEnOv6hIbGNWN0N9cp6wX6OtZuaj6PDzYpLw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47559
x-served-by: cache-iad-kiad7000174-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:40 GMT
server: UploadServer
x-timer: S1673445216.713754,VS0,VE15
etag: "52254416c3e8d1bb3d82d6c38ade92aa"
x-goog-generation: 1667396739962161
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=nOl6lw==, md5=UiVEFsPo0bs9gtbDit6Sqg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47559
accept-ranges: bytes
x-cache-hits: 268, 1

GET
H3 200 s_4.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 415ms
415ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_4.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5feec43b429c8bf5dd438e182313a7b3224d9b249db5406f56b891d76de54958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:38 GMT
date: Wed, 11 Jan 2023 13:53:36 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624477
x-guploader-uploadid: ADPycdu2wTdug7HqvpHIGqrZzD0QhZxrKj3NLFK20mFoYW1QH_bDa-tnD2UoBcohesk12H-jYVKena2mWHhi05OnoeA8IQ
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1563052
x-served-by: cache-iad-kjyo7100121-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:37 GMT
server: UploadServer
x-timer: S1673445216.743862,VS0,VE391
etag: "a0920fef7eed1433c25290a5b46f99f1"
x-goog-generation: 1667396737587931
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=DUu+VA==, md5=oJIP737tFDPCUpCltG+Z8Q==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1563052
accept-ranges: bytes
x-cache-hits: 301, 0

GET
H3 200 s_5.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 47 KB
47 KB 14ms
13ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_5.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ff4b1286e2e445c650dc2d3e315c4294511b9a66de21dfa073d766adee740343

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:39 GMT
date: Wed, 11 Jan 2023 13:53:36 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624477
x-guploader-uploadid: ADPycdtqTwFUuZyRZBCc0KJlwxzZUd0GGs5QA7qJNKgkw8GsWOvrPnL56itSx9Zb1aPq4aoNsmobiIdUQFF_iNIHOmCEPXXOEHpK
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47774
x-served-by: cache-iad-kjyo7100059-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:40 GMT
server: UploadServer
x-timer: S1673445216.322465,VS0,VE6
etag: "69a3db45d573c7234179eadc2a8b883d"
x-goog-generation: 1667396740160104
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=ABxFgA==, md5=aaPbRdVzxyNBeercKouIPQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47774
accept-ranges: bytes
x-cache-hits: 92, 1

GET
H3 200 s_5.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 103ms
102ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_5.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e7a34208232010ebe36deed1cf0b80549b1f7e8fed47bbe37a7635721dac65f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:39 GMT
date: Wed, 11 Jan 2023 13:53:36 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624476
x-guploader-uploadid: ADPycdvk_rMFjSVim3KW5LQjq3LCSbGn5g3AvEu-5LLNq3yNpWDP3pJc5JBugqvzCXVkMpHxl0DQxDmB8ZcXdGg449jkRQ
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1492247
x-served-by: cache-iad-kiad7000165-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:38 GMT
server: UploadServer
x-timer: S1673445216.343894,VS0,VE95
etag: "3d7e1fe1d319fd85d325d1246f31f5bc"
x-goog-generation: 1667396737937126
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=Vjd2pg==, md5=PX4f4dMZ/YXTJdEkbzH1vA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1492247
accept-ranges: bytes
x-cache-hits: 298, 0

GET
H3 200 s_6.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 46 KB
47 KB 12ms
10ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_6.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7bd06558684581b5c99aab47ebeea622a7eeb4d12db214fdde14985d44f74337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:39 GMT
date: Wed, 11 Jan 2023 13:53:36 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624476
x-guploader-uploadid: ADPycdugny4DDCqoZnASVoRgHZgbgzQPBaSBuNLsJd1wDfnobJ5LhLhNbafy7TIOqrvc7deGHsGKkUAzE_b3XgcEIy-UOZFSBOwG
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47367
x-served-by: cache-iad-kiad7000072-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:40 GMT
server: UploadServer
x-timer: S1673445217.654099,VS0,VE2
etag: "d92db29fa571ce2aad9c31b8cb99d7c6"
x-goog-generation: 1667396740376827
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=VsCUXQ==, md5=2S2yn6VxziqtnDG4y5nXxg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47367
accept-ranges: bytes
x-cache-hits: 268, 1

GET
H3 200 s_6.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 134ms
133ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_6.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 31febed20e1492520e873f5b8388f368682744db0d2aa0f31b413501de9eb113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 04 Jan 2024 11:30:03 GMT
date: Wed, 11 Jan 2023 13:53:36 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 181414
x-guploader-uploadid: ADPycdujK0kr02As5jFC14iAiB7vYn5lVkZc34RRpUOXL620icBtjShud2q0BbNTGo0aApvKNqcco4c_R-fLFxVYRqcrOg
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1523372
x-served-by: cache-iad-kcgs7200072-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:25 GMT
server: UploadServer
x-timer: S1673445217.715805,VS0,VE114
etag: "5cad53938e303153e26b7d5112565cad"
x-goog-generation: 1667396725457480
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=P1CBfA==, md5=XK1Tk44wMVPia31RElZcrQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1523372
accept-ranges: bytes
x-cache-hits: 153, 0

GET
H3 200 s_7.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 47 KB
47 KB 36ms
36ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_7.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a34be781aa9311e3c5703d709bcc2acf352b080a90c7930ba50f3601521394d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:40 GMT
date: Wed, 11 Jan 2023 13:53:37 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624476
x-guploader-uploadid: ADPycdt0LUadmTApf4GaPe0mwnC_PEHAol1hM4Aeyu2ixO1e2HI3zTl_lJmMnTnWsVYLuCPVpAgmAvy70iaCzNJP5ajS4UEzSp1h
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47785
x-served-by: cache-iad-kcgs7200103-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:40 GMT
server: UploadServer
x-timer: S1673445217.116212,VS0,VE27
etag: "ea0b153395311de898b4719520e0562f"
x-goog-generation: 1667396740527783
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=loJ3Uw==, md5=6gsVM5UxHeiYtHGVIOBWLw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47785
accept-ranges: bytes
x-cache-hits: 88, 1

GET
H3 200 s_7.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 349ms
342ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_7.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a488dd21005f3ba90862a3e44fedb62565091ae2e0aa15f9cbdcfedb2cd2b535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 04 Jan 2024 16:20:28 GMT
date: Wed, 11 Jan 2023 13:53:37 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 163989
x-guploader-uploadid: ADPycduqyh6pIvLFn-Q4LBtphUJplN-bJqIDXw3_FcsqtXgDiNAf4KQ2w4_N6ldzG9LmgqEyJ2IkziFTqv2t-bL2HEN3rFQtdIRr
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1476286
x-served-by: cache-iad-kcgs7200159-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:27 GMT
server: UploadServer
x-timer: S1673445217.314334,VS0,VE322
etag: "84b9f4132481998bd8ef596ff13ee159"
x-goog-generation: 1667396727014511
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=488E1Q==, md5=hLn0EySBmYvY71lv8T7hWQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1476286
accept-ranges: bytes
x-cache-hits: 149, 0

GET
H3 200 s_8.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 46 KB
47 KB 17ms
11ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_8.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cfabe42281ed2f09322871a326b54dace5174cdb28264838d90df52cc7e5e79b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:41 GMT
date: Wed, 11 Jan 2023 13:53:37 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624476
x-guploader-uploadid: ADPycduSEShfYN3LAKpLHVN_r4x8RZoLbReaERmR5Yz5ZF74lQLzBOzS1JwarJIvhMR1JP_EysHVM5yhQoeOwZdco2T-ftYnJhy7
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47445
x-served-by: cache-iad-kiad7000103-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:40 GMT
server: UploadServer
x-timer: S1673445218.825983,VS0,VE1
etag: "d71ce9fba6a6b5b9ec0d7e1c6c8e03a9"
x-goog-generation: 1667396740674631
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=0eyPmQ==, md5=1xzp+6amtbnsDX4cbI4DqQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47445
accept-ranges: bytes
x-cache-hits: 87, 1

GET
H3 200 s_8.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 119ms
117ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_8.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3359f475c1345c41415837616ae6f43dc19537f2737d474745871c2a0ecb5d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:41 GMT
date: Wed, 11 Jan 2023 13:53:37 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 542819
x-guploader-uploadid: ADPycdvJItMlKbZPP5Do7fsiCVLkNJ9sfVj3DrAaaK-C3Ik5-7avJWHuS6ijDkwOVEXmvldxkXuIabO2wJ9QAFPt3s1Pashi4F_9
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1516416
x-served-by: cache-iad-kjyo7100097-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:36 GMT
server: UploadServer
x-timer: S1673445218.857605,VS0,VE109
etag: "f776f672bf867afb7e7032b94bf21ea6"
x-goog-generation: 1667396736861977
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=clO5wQ==, md5=93b2cr+Gevt+cDK5S/Iepg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1516416
accept-ranges: bytes
x-cache-hits: 248, 0

GET
H3 200 s_9.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 47 KB
47 KB 10ms
10ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_9.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3de72f5e8a70a2b35ecc16f84c129ade0bfc2f0988062c8c80565f407f71a3af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:25:41 GMT
date: Wed, 11 Jan 2023 13:53:38 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624477
x-guploader-uploadid: ADPycdsDPiBqSscRJAnKSWLR56ko3li9l2oFPVhI7n68NEB78VA3yoRTflIHtqlC5CBdAKgs8f4rWu7juMYk2GnSW7BcwxfGtxWf
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47676
x-served-by: cache-iad-kjyo7100165-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:40 GMT
server: UploadServer
x-timer: S1673445218.097647,VS0,VE1
etag: "2d6fce07985004e8a1f629229072961a"
x-goog-generation: 1667396740881135
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=PAfcGQ==, md5=LW/OB5hQBOih9ikikHKWGg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47676
accept-ranges: bytes
x-cache-hits: 83, 1

GET
H3 200 s_9.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 109ms
109ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_9.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a56ef0ad1eecde5a537436c91740317983cec5ffaf99ba41d900f255f3fb9a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 05 Jan 2024 09:45:13 GMT
date: Wed, 11 Jan 2023 13:53:38 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 101304
x-guploader-uploadid: ADPycdsvBzTPpdUqM1cKlFhT-iS8O_-MFxlsVRFaskrF9InKwthdlwkmF64UFbLUwJxK6kkQNyH8ECYcvWUEjGljqHODwGclGtV6
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1528064
x-served-by: cache-iad-kiad7000023-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:26 GMT
server: UploadServer
x-timer: S1673445218.111066,VS0,VE101
etag: "b6ad507b7eec76805c3e296175970d69"
x-goog-generation: 1667396726907853
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=l8cmCg==, md5=tq1Qe37sdoBcPilhdZcNaQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1528064
accept-ranges: bytes
x-cache-hits: 146, 0

GET
H3 200 s_10.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 46 KB
47 KB 9ms
9ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_10.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7218678bd6af304a3e66df37b924fa34d332037f7e789c3f1b4ce9d26ef196fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 11:45:50 GMT
date: Wed, 11 Jan 2023 13:53:38 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 612467
x-guploader-uploadid: ADPycdsMLU6DVl8_TonlJp2WSU_DNLI0VWt_2RUu6Om0uAu92GXsUHc96Kh1fW5Emec_nvfW5GiQqWsllaaQrrqpjc6INXcyaHUD
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47511
x-served-by: cache-iad-kcgs7200057-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:41 GMT
server: UploadServer
x-timer: S1673445218.296289,VS0,VE1
etag: "5d9daf571947cb12600ffe8f1dfc1312"
x-goog-generation: 1667396741047551
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=sCXLiA==, md5=XZ2vVxlHyxJgD/6PHfwTEg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47511
accept-ranges: bytes
x-cache-hits: 69, 1

GET
H3 200 s_10.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 10ms
10ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_10.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f1e8bc38dfa2bb744c8ed13452150b2bc62a5d81ce0ccff5a047743d1d58733e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 09:52:26 GMT
date: Wed, 11 Jan 2023 13:53:38 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 619272
x-guploader-uploadid: ADPycduGlZT4K9l44FMhts51yMK2pzRPED6Kdq8ANvx_8Zcs82Cd_vniYP8Z07_wX5SNUhDIcj6-yuLjLxD4_gp-mQp1
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1491665
x-served-by: cache-iad-kjyo7100066-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:36 GMT
server: UploadServer
x-timer: S1673445218.308480,VS0,VE3
etag: "8287da5e1e4778944ae53a9dccfb1b20"
x-goog-generation: 1667396736772362
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=DzMb1A==, md5=gofaXh5HeJRK5TqdzPsbIA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1491665
accept-ranges: bytes
x-cache-hits: 219, 1

GET
H3 200 s_11.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/ 47 KB
47 KB 14ms
14ms XHR
audio/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/audio/h265_96000/s_11.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1426a2059871d4cd46b4b82bdd2e06e34992a3e4cd79c8b526b781ee6974928b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 08:28:03 GMT
date: Wed, 11 Jan 2023 13:53:38 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 624334
x-guploader-uploadid: ADPycdtWUMZIj0iLyu4nTW5xCGDlIc5Jvdk6lLXFgxSrIigYuR09xuR3GMsSEVQTYATKNY9XLTGxgA01hi0tO7t6VoifGA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47759
x-served-by: cache-iad-kcgs7200035-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:41 GMT
server: UploadServer
x-timer: S1673445218.389105,VS0,VE4
etag: "60d7b622ce800c68e5b6d0072cf4f012"
x-goog-generation: 1667396741179106
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=cg8TlQ==, md5=YNe2Is6ADGjlttAHLPTwEg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47759
accept-ranges: bytes
x-cache-hits: 72, 1

GET
H3 200 s_11.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 11ms
11ms XHR
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/MKjqQbhG3AykVDWB/78595/68386/fmp4/video/1920x1080_h264_3000000/s_11.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 33ea441d87a01c83d6c31a3c8a834fb9753647093f2df816a03aea1bba53b6bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 30 Dec 2023 09:58:38 GMT
date: Wed, 11 Jan 2023 13:53:38 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 618899
x-guploader-uploadid: ADPycduGdRQu4d4ZcpWAQX66h-wZEtSdA5ezpLJgw0-bfxPd6tfXQHy0fVWoqf-tE4b37jn4vkI39_4uCapqeoMQgbz4cQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1365746
x-served-by: cache-iad-kjyo7100077-IAD, cache-hhn-etou8220051-HHN
last-modified: Wed, 02 Nov 2022 13:45:26 GMT
server: UploadServer
x-timer: S1673445218.408217,VS0,VE4
etag: "6647faba7d55e469bc9b2c45baf15d18"
x-goog-generation: 1667396726636301
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=ofsQRg==, md5=Zkf6un1V5Gm8myxFuvFdGA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1365746
accept-ranges: bytes
x-cache-hits: 185, 1

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 24ms
21ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 13:53:38 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 25ms
23ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 13:53:37 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
78 B 128ms
128ms XHR
application/json 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1058&s1=haysfloraspring0110&s2=&s3=&s4=&o=83&r=f0c8d46a34ba416caa0eb04ce5b4e5fc&cr=&campid=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 11 Jan 2023 13:53:38 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 16
access-control-allow-methods: POST,OPTIONS
content-type: application/json

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 45ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JM1YLT9HG3&gtm=2oe190&_p=971777974&cid=2030394647.1673445213&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&sid=1673445213&sct=1&seg=0&dt=Free%20Video%20-%20Limited%20Time%20Only!&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 13:53:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
229.mp2201.com/	1970-01-20 08:51:28	Name: _session_id Value: 72426e9009739bd858f81e50004f3376
www.pm4trk.com/	1970-01-20 08:52:11	Name: uniqueClick_548B3D Value: d4258246-3cca-4141-b3b0-abf7267be853:1673445211
www.pm4trk.com/	1970-01-20 11:00:21	Name: transaction_id Value: f0c8d46a34ba416caa0eb04ce5b4e5fc
floraspring.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2n7rpocemkshoc44mopc7srmgc
floraspring.com/	1970-01-20 09:55:33	Name: affid Value: 1058
floraspring.com/	1970-01-20 11:00:21	Name: fraff1 Value: yeahaff20
.floraspring.com/	1970-01-20 17:37:47	Name: _vwo_uuid_v2 Value: DD39E4F7072D81759B56A43A824D38FB0\|69ca5818b5ae01a662395d648b6ec8cb
.floraspring.com/	1970-01-20 11:14:45	Name: _vis_opt_s Value: 1%7C
.floraspring.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.floraspring.com/	1970-01-20 11:00:21	Name: _gcl_au Value: 1.1.1711224155.1673445213
.floraspring.com/	1970-01-20 18:26:45	Name: _vwo_uuid Value: DD39E4F7072D81759B56A43A824D38FB0
.floraspring.com/	1970-01-20 11:00:21	Name: _vwo_ds Value: 3%241673445212%3A85.53337352%3A%3A
.floraspring.com/	1970-01-20 08:50:47	Name: _vwo_sn Value: 0%3A1
.bing.com/	1970-01-20 18:12:21	Name: MUID Value: 108B2FD0F4C76A371DC63D46F5C76BCD
.floraspring.com/	1970-01-20 08:52:11	Name: _uetsid Value: 563d833091b711eda94ac140e3d828d3
.floraspring.com/	1970-01-20 18:12:21	Name: _uetvid Value: 563d8cd091b711ed8199df6623f54ccf
.mfadsrvr.com/	1970-01-20 18:26:45	Name: tuuid Value: c53d7399-16a2-4fb7-a80d-d8d63142f568
.mfadsrvr.com/	1970-01-20 18:26:45	Name: c Value: 1673445213
.mfadsrvr.com/	1970-01-20 18:26:45	Name: tuuid_lu Value: 1673445213
.floraspring.com/	1970-01-20 18:26:45	Name: _ga Value: GA1.2.2030394647.1673445213
.floraspring.com/	1970-01-20 08:52:11	Name: _gid Value: GA1.2.1187291293.1673445213
.floraspring.com/	1970-01-20 08:50:45	Name: _gat_UA-113385709-1 Value: 1
.criteo.com/	1970-01-20 18:12:21	Name: uid Value: 183bcc81-1382-494a-a813-be026670f40e
.quantserve.com/	1970-01-20 18:20:59	Name: mc Value: 63bebf5d-34c38-8c204-b3d06
.floraspring.com/	1970-01-20 18:15:14	Name: __qca Value: P0-1168670286-1673445213062
floraspring.com/	1970-01-20 18:26:45	Name: bitmovin_analytics_uuid Value: d69edc84-ee82-44c6-a07f-0fbe9133c797
.floraspring.com/	1970-01-20 11:00:21	Name: _fbp Value: fb.1.1673445213591.896534603
.floraspring.com/	1970-01-20 18:20:09	Name: cto_bundle Value: -K24vF95ODRvRWpOZ2FtJTJGbUZXU1NwRWgyNnZTRTNveExFbHJ3YUtKSkElMkJRb2lIdEdpdEdUTyUyQlVRTndQenc0MUUwY0pFYWM1cVlvR3NGTmtjWU1lSkFWR1hoQ2t5TDFMWUglMkJBUG9NZ1RodEVwUVlxbmtCMyUyRmswQkpvTGZINmFVRTZwNlk0dHZLcjdidlIzMnBpQVUzOE1yUU53JTNEJTNE
.mfadsrvr.com/	1970-01-20 18:26:45	Name: ssh Value: !revcontent,1673445213
.floraspring.com/	1970-01-20 18:26:45	Name: _ga_JM1YLT9HG3 Value: GS1.1.1673445213.1.0.1673445214.59.0.0
.bidswitch.net/	1970-01-20 17:36:21	Name: tuuid Value: d44a6f6e-ec16-4f62-af1c-db70321396c6
.bidswitch.net/	1970-01-20 17:36:21	Name: c Value: 1673445214
.bidswitch.net/	1970-01-20 17:36:21	Name: tuuid_lu Value: 1673445214
.adnxs.com/	1970-01-20 11:00:21	Name: uuid2 Value: 5857772299788703702
.yahoo.com/	1970-01-20 17:36:42	Name: A3 Value: d=AQABBF6_vmMCEDxf_nkSaatmI46C1Cx9ICwFEgEBAQEQwGPIYwAAAAAA_eMAAA&S=AQAAAqk5qMql8JwurHjE4IXJLTw
.analytics.yahoo.com/	1970-01-20 17:36:21	Name: IDSYNC Value: 18zh~29d1
.360yield.com/	1970-01-20 11:00:21	Name: tuuid Value: ba808224-ce27-4b36-867e-ab2537a018aa
.360yield.com/	1970-01-20 11:00:21	Name: tuuid_lu Value: 1673445214
.360yield.com/	1970-01-20 11:00:21	Name: um Value: !38,z0fLEtv9R8.egexkoAchN7hhoD-GX3sFmqJjky-hBP9jacFAHwPn6y66YuoOKd5JqrpRHxAS,1681221214
.360yield.com/	1970-01-20 11:00:21	Name: umeh Value: !38,0,1735653214,-1
.doubleclick.net/	1970-01-20 18:12:21	Name: IDE Value: AHWqTUklV9X3RzCUdE-lxVDrlKTcu-OxfYTAuHOtF2kiBN38SGTJWlRmSxEPTwrqmyY
.id5-sync.com/	1970-01-20 08:50:45	Name: cf Value:
.id5-sync.com/	1970-01-20 08:50:45	Name: cip Value:
.id5-sync.com/	1970-01-20 08:50:45	Name: cnac Value:
.id5-sync.com/	1970-01-20 08:50:45	Name: car Value:
.id5-sync.com/	1970-01-20 08:50:45	Name: gdpr Value:
.id5-sync.com/	1970-01-20 08:50:45	Name: callback Value:
.pubmatic.com/	1970-01-20 09:33:57	Name: KRTBCOOKIE_97 Value: 3385-uid:k-l1upvbvnMNBQHM2E-kFSExvh9TFTrbVxJaKQgQ&KRTB&23144-uid:k-l1upvbvnMNBQHM2E-kFSExvh9TFTrbVxJaKQgQ&KRTB&23286-uid:k-l1upvbvnMNBQHM2E-kFSExvh9TFTrbVxJaKQgQ&KRTB&23287-uid:k-l1upvbvnMNBQHM2E-kFSExvh9TFTrbVxJaKQgQ
.pubmatic.com/	1970-01-20 09:33:57	Name: PugT Value: 1673445212
exchange.mediavine.com/	1970-01-20 09:10:54	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22571092a0-91b7-11ed-a37f-51cf63509e53%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:10:54	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22571092a0-91b7-11ed-a37f-51cf63509e53%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:10:54	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22571092a0-91b7-11ed-a37f-51cf63509e53%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:10:54	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22571092a0-91b7-11ed-a37f-51cf63509e53%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:10:54	Name: criteo Value: %7B%22id%22%3A%22k-1id4i7vnMNBQHM2E-kFSExvh9THi5tAnYdC0_Q%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/	1970-01-20 17:36:21	Name: CMID Value: Y76-Xh6Ubt2TIthkY2ns2AAA
.casalemedia.com/	1970-01-20 11:00:21	Name: CMPS Value: 1199
.casalemedia.com/	1970-01-20 11:00:21	Name: CMPRO Value: 1199
.media.net/	1970-01-20 17:36:21	Name: visitor-id Value: 3164468141492261000V10
.media.net/	1970-01-20 09:33:57	Name: data-c-ts Value: 1673445214
.media.net/	1970-01-20 09:33:57	Name: data-c Value: k-ooqicbvnMNBQHM2E-kFSExvh9THlpIwVHV7Lsw~~3
.demdex.net/	1970-01-20 13:09:57	Name: demdex Value: 87846008399366262180383493264293085427
.casalemedia.com/	1970-01-20 11:00:21	Name: CMTS Value: 3200
.dpm.demdex.net/	1970-01-20 13:09:57	Name: dpm Value: 87846008399366262180383493264293085427
.krxd.net/	1970-01-20 13:09:57	Name: _kuid_ Value: PT_eSKDG

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://treach-tutters.com/d/.js?lpref=&lpurl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1058%26s1%3Dhaysfloraspring0110%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3Df0c8d46a34ba416caa0eb04ce5b4e5fc%26cr%3D%26campid%3D83&lpt=Free%20Video%20-%20Limited%20Time%20Only!&vtm=1673445212935 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

229.mp2201.com
a.twiago.com
ad.360yield.com
ad.yieldlab.net
analytics-ingress-global.bitmovin.com
bat.bing.com
beacon.krxd.net
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dev.visualwebsiteoptimizer.com
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
floraspring.com
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
licensing.bitmovin.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.quantserve.com
pixel.rubiconproject.com
quick.vidalytics.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb-eu.mfadsrvr.com
rtb.mfadsrvr.com
rules.quantcount.com
s.thebrighttag.com
s3.amazonaws.com
secure.quantserve.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
stats.vidalytics.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
treach-tutters.com
trends.revcontent.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.pm4trk.com
x.bidswitch.net
104.70.110.28
104.96.128.226
107.178.211.97
13.248.245.213
141.226.228.48
142.250.180.194
149.28.34.111
151.101.193.91
162.19.138.83
172.64.154.237
178.250.0.157
178.250.0.163
178.250.2.151
18.156.0.31
18.156.32.70
18.192.108.151
18.195.181.132
184.51.8.30
185.255.84.153
185.64.189.110
185.86.139.106
185.89.210.90
2001:4860:4802:34::36
2600:1901:0:df23::
2600:1f18:612b:4216:59f0:7d1c:f2a3:a394
2600:9000:206e:3800:6:44e3:f8c0:93a1
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:c11::200
2a00:1450:4001:827::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9c
2a00:1450:400d:804::2002
2a00:1450:400d:806::200a
2a00:1450:400d:806::200e
2a00:1450:400d:80c::2004
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.120.166.248
3.122.34.238
3.141.114.230
34.117.157.22
34.120.219.72
34.96.102.137
35.156.193.170
35.190.27.197
35.238.129.105
37.157.5.142
52.17.182.43
52.208.157.7
52.217.174.184
52.28.89.159
52.58.161.171
54.155.179.95
64.202.112.95
69.173.144.165
74.119.119.150
85.215.5.31
99.81.25.188
0258a5a4c0ef9a9fb39ed3ea40c13ac2d47e3c7609045023158ee31233e1aaa9
037d45cf2b4598357315ca0f6246787f92b9c522378f610272d3f82ac3bde4c2
1426a2059871d4cd46b4b82bdd2e06e34992a3e4cd79c8b526b781ee6974928b
16356413bcc5c5d4366a5b4f690fe0182fa7a242cb1cf7496e042b28d428c662
1d1974b2deb775a420838749b71e19bb7824e685a28fa1a50e21907c5fd7e7d0
31febed20e1492520e873f5b8388f368682744db0d2aa0f31b413501de9eb113
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3359f475c1345c41415837616ae6f43dc19537f2737d474745871c2a0ecb5d43
33ea441d87a01c83d6c31a3c8a834fb9753647093f2df816a03aea1bba53b6bc
380919a0c16f25b028a2e44f877d787b202cfd399cafea700d62efe005a65158
3b3e1102a657cdc2a06b62903826baa8175eddb14addf67131bf71d93a0a0b7d
3c65bdfc2abfbd0fae472de30dad571f2d61bb2b91125f4637a9c75f398b88b2
3de72f5e8a70a2b35ecc16f84c129ade0bfc2f0988062c8c80565f407f71a3af
411226d65b1f2d52d634a32a1df97297c6bc9696fbe21565e731033432902523
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac
4469009ea5a9afd7a865fc77d1f50af984a04457eb295ae43feaa221d4352757
464e04531be64cf30598b32fc766a69d93ac24f547a0de715f62c872b77804a2
4de78f7ae6064851c4a6d700dff1e471596d28d44518f81e2cc91b07817267f6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58e85ec5782a9ddd2bdb1398acd024726fbf206df3ddb6745b10f2a4224fa187
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5c7358b97d06c77f1641108420df9b72caf8353bf02c1e7545c12ffe8ff20bb5
5ed5ee7d2f88513a21b105e38900681e30de2b40d2ff5d97d20b14bde1f2a87b
5feec43b429c8bf5dd438e182313a7b3224d9b249db5406f56b891d76de54958
66d523efb17292737d95e34475948c85facbb12050e9c864b5cafb7d82896fc6
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a
6a56ef0ad1eecde5a537436c91740317983cec5ffaf99ba41d900f255f3fb9a5
6abd50163996bdea7a9bcc9516e17a17ca3a61d517554a78b8b9acf1748a9251
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
718121661570f5f415d5b2e7e2b41a30cfd9ab301728f48c8cc473155af18e05
71d7577a1e8ec552b7408e07fb6fb88216d05b9b810514f2a6c297be85c711b9
7218678bd6af304a3e66df37b924fa34d332037f7e789c3f1b4ce9d26ef196fc
7bb6f8d830e2966c643de4d22f7727a848d8c688491ddcee8348412f866ad1fe
7bd06558684581b5c99aab47ebeea622a7eeb4d12db214fdde14985d44f74337
7e7a34208232010ebe36deed1cf0b80549b1f7e8fed47bbe37a7635721dac65f
80f0ff5df68404c17521389ff337db2b21d693873582033fc0fb857474eb9506
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a499140a79ac3304b37b301174d1ed36de46214af7db2d5951ed5d585edd8d0
927036504c779f7a78fb34bc622bfc0935cec3fbd8e9a9be684cab78f9502ae5
92e6022d42312950aeedc36b29eda97978f3a7f56189ee32a8557a4785e9d1e1
97343db10774f87a60e4c76c6fc51da9f1165e52d036694328bbb6dee539ae2f
97f2aae05698136e460333f1919da58d0a92df73d9cdc5dc40041b5bfef5acb6
994e7cba872b1835499be600f85f99d12ae61b38d81ac0429ef39e2f587fd3f0
99a7957476dd3f8516e01c007f07c59922a1301778ea83b764d0b7946de809a7
9b74d2f14ef944e54f55eff5c743d9593330791fa4d4db5e40b4d3ee5ac98907
9d7daba2671a1cb3aa750ea2636543b44a0ced52c7a87608ac6a6b9b4341716d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a34be781aa9311e3c5703d709bcc2acf352b080a90c7930ba50f3601521394d4
a488dd21005f3ba90862a3e44fedb62565091ae2e0aa15f9cbdcfedb2cd2b535
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
b8da56041e89fd42f694e6adeeeeb1dec747002cb2df3a1b110ba0f842dcb1b2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc97cdd00c9cc923def5d0ae0ace79b533eaf7d770bad8d85ea2190e3bacae7d
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a
cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f
cfabe42281ed2f09322871a326b54dace5174cdb28264838d90df52cc7e5e79b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2084d75b3c0eb466db964b4b65fc91d7f4aa7baff4eb6f7b4e94e553c0ffb18
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42f6b33db242867f2607350ea7b8804f4cf55e0fa6c677ebf11ee3cf92a9e4a
e9450d27ab8fbfe46b98a01d97071bb7e1613720a67c7e01e3a9ce66862bcd80
ea18565a7caf6a465d9b9eb73d217f9c1942c2e9b86f4e985c9de2ab4e810fa3
edd7d8d4427a3d17e311a9463909736ff7cad6ca819bda82d2e540a9d082c061
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e8bc38dfa2bb744c8ed13452150b2bc62a5d81ce0ccff5a047743d1d58733e
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f47e9f7f2e9c4ec05f86a82619d6c487110bc34703658a68345545e96b9e7b2a
f49d2e6651e1beb2614c3b7a822059fedaee99a9ee275720be55cc6d68df76c7
fb54f1df3dbfb82debf4426bc08cea88f059b07ff32ea01fbc6ab027a3243b2c
ff4b1286e2e445c650dc2d3e315c4294511b9a66de21dfa073d766adee740343

floraspring.com Open in urlscan Pro 149.28.34.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

90 %HTTPS

28 %IPv6

50 Domains

61 Subdomains

54 IPs

9 Countries

17998 kBTransfer

21011 kBSize

64 Cookies

3 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

floraspring.com Open in urlscan Pro
149.28.34.111 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

90 %
HTTPS

28 %
IPv6

50
Domains

61
Subdomains

54
IPs

9
Countries

17998 kB
Transfer

21011 kB
Size

64
Cookies

126 HTTP transactions
2 data transactions