my.xcentricmold.com Open in urlscan Pro
2606:4700:10::6816:21b5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.xcentricmold.com/e2t/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04
Effective URL:
https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2AN...
Submission: On May 19 via api (May 19th 2021, 2:25:35 pm UTC) from US

Summary HTTP 122 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 58 IPs in 6 countries across 50 domains to perform 122 HTTP transactions. The main IP is 2606:4700:10::6816:21b5, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.xcentricmold.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 5th 2020. Valid for: a year.

This is the only time my.xcentricmold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.228 199.60.103.228	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
24	2606:4700:10:... 2606:4700:10::6816:21b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b8::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	69.16.192.79 69.16.192.79	32244 (LIQUIDWEB) (LIQUIDWEB)
1 3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.197.34.29 34.197.34.29	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.95.81 13.224.95.81	16509 (AMAZON-02) (AMAZON-02)
4	13.224.95.14 13.224.95.14	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.95.46 13.224.95.46	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	209.128.119.223 209.128.119.223	7151 (BAYAREA-AS) (BAYAREA-AS)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	13.224.95.74 13.224.95.74	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.185.0.231 199.185.0.231	21592 (MULTIVIEW) (MULTIVIEW)
1 2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
1 6	2a02:26f0:6c0... 2a02:26f0:6c00::210:baab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 10	54.220.59.51 54.220.59.51	16509 (AMAZON-02) (AMAZON-02)
16 22	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4264:262e:5ecd:5178:9f8	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	52.56.111.113 52.56.111.113	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.172.136 18.195.172.136	16509 (AMAZON-02) (AMAZON-02)
2	143.204.202.107 143.204.202.107	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	34.205.51.230 34.205.51.230	14618 (AMAZON-AES) (AMAZON-AES)
1	23.79.143.202 23.79.143.202	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.48.137.92 52.48.137.92	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4 4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	18.195.54.133 18.195.54.133	16509 (AMAZON-02) (AMAZON-02)
122	58

2 199.60.103.228 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.xcentricmold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:10::6816:21b5 (United States)

ASN13335 (CLOUDFLARENET, US)

my.xcentricmold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b8::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.192.79 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.varchannelmarketing.com

www.xcentricmold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.34.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-34-29.compute-1.amazonaws.com

track.gaconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-81.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.95.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-14.zrh50.r.cloudfront.net

yjriln3iwl.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-46.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.128.119.223 (United States)

ASN7151 (BAYAREA-AS, US)
PTR: 209-128-119-223.bayarea.net

twin-iq.kickfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-74.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.185.0.231 (United States)

ASN21592 (MULTIVIEW, US)

www.rumiview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

10117150.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:baab (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.220.59.51 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-59-51.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 169.50.137.190 (United States) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:262e:5ecd:5178:9f8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.56.111.113 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.172.136 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-107.fra53.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.51.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-51-230.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.143.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-202.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.137.92 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.54.133 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	xcentricmold.com 1 redirects info.xcentricmold.com my.xcentricmold.com www.xcentricmold.com	1 MB
24	simpli.fi 16 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	14 KB
15	adroll.com 8 redirects s.adroll.com d.adroll.com	26 KB
10	doubleclick.net 6 redirects googleads.g.doubleclick.net stats.g.doubleclick.net 10117150.fls.doubleclick.net cm.g.doubleclick.net	5 KB
5	google.com 1 redirects www.google.com adservice.google.com	606 B
5	googletagmanager.com www.googletagmanager.com	189 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	2 KB
4	google.de www.google.de	343 B
4	amazonaws.com yjriln3iwl.execute-api.us-east-1.amazonaws.com	17 KB
4	fontawesome.com use.fontawesome.com	88 KB
3	openx.net 1 redirects us-u.openx.net	586 B
3	adnxs.com 1 redirects ib.adnxs.com	3 KB
3	hubspot.com api.hubspot.com track.hubspot.com	2 KB
3	google-analytics.com www.google-analytics.com	55 KB
3	bing.com bat.bing.com	9 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	googleadservices.com 1 redirects www.googleadservices.com	30 KB
2	bidswitch.net 1 redirects x.bidswitch.net	876 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	rlcdn.com idsync.rlcdn.com	108 B
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	978 B
2	pro-market.net 2 redirects fei.pro-market.net	877 B
2	intentiq.com sync.intentiq.com
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	964 B
2	tapad.com 1 redirects pixel.tapad.com	908 B
2	kickfire.com twin-iq.kickfire.com	1 KB
2	licdn.com snap.licdn.com	4 KB
2	jquery.com code.jquery.com	130 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	36 KB
1	yahoo.com ads.yahoo.com	446 B
1	facebook.net connect.facebook.net	24 KB
1	rubiconproject.com pixel.rubiconproject.com	775 B
1	bluekai.com stags.bluekai.com	745 B
1	bfmio.com sync.bfmio.com	421 B
1	exelator.com loadm.exelator.com	324 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	hubapi.com api.hubapi.com	950 B
1	rumiview.com www.rumiview.com	58 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hs-banner.com js.hs-banner.com	14 KB
1	usemessages.com js.usemessages.com	19 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	taboola.com cdn.taboola.com	22 KB
1	gaconnector.com track.gaconnector.com	3 KB
1	hs-scripts.com js.hs-scripts.com	738 B
1	jsdelivr.net cdn.jsdelivr.net	2 KB
1	adobedtm.com assets.adobedtm.com	18 KB
122	50

	Domain	Requested by
24	my.xcentricmold.com	info.xcentricmold.com my.xcentricmold.com
22	um.simpli.fi	16 redirects
9	d.adroll.com	7 redirects
6	s.adroll.com	1 redirects my.xcentricmold.com s.adroll.com d.adroll.com
5	www.googletagmanager.com	my.xcentricmold.com assets.adobedtm.com js.hsadspixel.net www.googletagmanager.com
4	cm.g.doubleclick.net	4 redirects
4	www.google.de	my.xcentricmold.com
4	www.google.com	1 redirects my.xcentricmold.com
4	yjriln3iwl.execute-api.us-east-1.amazonaws.com	my.xcentricmold.com
4	use.fontawesome.com	my.xcentricmold.com use.fontawesome.com
3	us-u.openx.net	1 redirects
3	ib.adnxs.com	1 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	my.xcentricmold.com bat.bing.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	www.googleadservices.com	1 redirects my.xcentricmold.com www.googletagmanager.com
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	idsync.rlcdn.com
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com
2	pixel.tapad.com	1 redirects
2	10117150.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	api.hubspot.com	js.usemessages.com
2	px.ads.linkedin.com	2 redirects
2	twin-iq.kickfire.com	assets.adobedtm.com my.xcentricmold.com
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	code.jquery.com	my.xcentricmold.com
2	cdnjs.cloudflare.com	my.xcentricmold.com cdnjs.cloudflare.com
2	stackpath.bootstrapcdn.com	my.xcentricmold.com
2	info.xcentricmold.com	1 redirects
1	ads.yahoo.com
1	connect.facebook.net	d.adroll.com
1	pixel.rubiconproject.com
1	stags.bluekai.com
1	sync.bfmio.com
1	loadm.exelator.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	d.adroll.mgr.consensu.org	1 redirects
1	track.hubspot.com
1	i.simpli.fi	tag.simpli.fi
1	api.hubapi.com	js.hsadspixel.net
1	adservice.google.com	10117150.fls.doubleclick.net
1	www.rumiview.com	info.xcentricmold.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	my.xcentricmold.com
1	www.linkedin.com	1 redirects
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	tag.simpli.fi	www.googletagmanager.com
1	cdn.taboola.com	info.xcentricmold.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	my.xcentricmold.com
1	track.gaconnector.com	my.xcentricmold.com
1	js.hs-scripts.com	my.xcentricmold.com
1	www.xcentricmold.com	my.xcentricmold.com
1	cdn.jsdelivr.net	my.xcentricmold.com
1	assets.adobedtm.com	my.xcentricmold.com
122	65

This site contains links to these domains. Also see Links.

Domain
www.xcentricmold.com

Subject Issuer	Validity	Valid
info.xcentricmold.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
www.xcentricmold.com R3	`2021-04-01` - `2021-06-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gaconnector.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-06` - `2021-08-05`	2 years	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2020-10-30` - `2021-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
twin-iq.kickfire.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-17` - `2022-02-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
www.rumiview.com Go Daddy Secure Certificate Authority - G2	`2021-02-09` - `2022-03-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
adroll.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-11` - `2021-06-30`	2 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Frame ID: 232868892B28C510ABCDCE375D5E15CD
Requests: 117 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 6C1B4531C95A0CAF7367B2F88A0151AC
Requests: 1 HTTP requests in this frame

Frame: https://10117150.fls.doubleclick.net/activityi;dc_pre=CM-E4sT51fACFY2D1QodUqoJGQ;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=1887672899.1621434318;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Frame ID: 1AFE35D0F2FB860BF3C41832FDF36375
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.xcentricmold.com/e2t/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04 Page URL
https://info.xcentricmold.com/events/public/v1/track/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXp... HTTP 307
https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=1... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

122
Requests

100 %
HTTPS

47 %
IPv6

50
Domains

65
Subdomains

58
IPs

6
Countries

2092 kB
Transfer

6849 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xcentricmold.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.xcentricmold.com/e2t/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04 Page URL
https://info.xcentricmold.com/events/public/v1/track/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04?_ud=a6e7c2d9-1a50-4e96-a101-1863f79e8354&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1621434318081&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8%23%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1230514%26time%3D1621434318081%26url%3Dhttps%253A%252F%252Fmy.xcentricmold.com%252Fquote.php%253Futm_source%253Dhs_email%2526utm_medium%253Demail%2526utm_content%253D127987300%2526_hsmi%253D127987300%2526_hsenc%253Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8%2523%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1621434318081&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8%23%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1621434318081&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8%23%2F&liSync=true&e_ipv6=AQLE1w3Wbt2kwwAAAXmFBD8AeZFA_Lib08UngXW4pB1ITrCdvRZzAQePB2lfGcDwfxsoSI8C

Request Chain 75

https://10117150.fls.doubleclick.net/activityi;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=1887672899.1621434318;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8 HTTP 302
https://10117150.fls.doubleclick.net/activityi;dc_pre=CM-E4sT51fACFY2D1QodUqoJGQ;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=1887672899.1621434318;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8

Request Chain 81

https://s.adroll.com/j/exp/HVGJFLP3UFFGVOCJHA63RP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 83

https://d.adroll.mgr.consensu.org/consent/iabcheck/HVGJFLP3UFFGVOCJHA63RP?_s=26a198ff24d4f5e2eebd4741b2eb725b&_b=2 HTTP 302
https://d.adroll.com/consent/check/HVGJFLP3UFFGVOCJHA63RP/?_s=26a198ff24d4f5e2eebd4741b2eb725b&_b=2

Request Chain 84

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=938B2477F90E40AC91DA123EF9A5995B

Request Chain 85

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=938B2477F90E40AC91DA123EF9A5995B HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=938B2477F90E40AC91DA123EF9A5995B

Request Chain 86

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=938B2477F90E40AC91DA123EF9A5995B HTTP 302
https://d.agkn.com/pixel/10751/?che=1621434319&ip=212.102.36.146&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164920503791000625538 HTTP 302
https://um.simpli.fi/aa_px?sk=164920503791000625538

Request Chain 88

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=938B2477F90E40AC91DA123EF9A5995B

Request Chain 91

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=938B2477F90E40AC91DA123EF9A5995B;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=938B2477F90E40AC91DA123EF9A5995B;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=8322311711458348006

Request Chain 92

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=938B2477F90E40AC91DA123EF9A5995B&j=0

Request Chain 94

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=938B2477F90E40AC91DA123EF9A5995B

Request Chain 95

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=938B2477F90E40AC91DA123EF9A5995B

Request Chain 96

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=938B2477F90E40AC91DA123EF9A5995B HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=938B2477F90E40AC91DA123EF9A5995B

Request Chain 97

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=938B2477F90E40AC91DA123EF9A5995B HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=938B2477F90E40AC91DA123EF9A5995B&dnr=1

Request Chain 98

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=938B2477F90E40AC91DA123EF9A5995B

Request Chain 99

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1621434319565&cv=7&fst=1621434319565&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1467812715&cv=7&fst=1621434319565&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=zx-lYIK0JcPG7_UP6PW54Ag&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1467812715&cv=7&fst=1621434319565&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zx-lYIK0JcPG7_UP6PW54Ag&random=810366579 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1467812715&cv=7&fst=1621434319565&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zx-lYIK0JcPG7_UP6PW54Ag&random=810366579&ipr=y

Request Chain 100

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=938B2477F90E40AC91DA123EF9A5995B HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=938B2477F90E40AC91DA123EF9A5995B&__user_check__=1&sync_id=0a187af9-b8ae-11eb-928d-152b84bd0306

Request Chain 101

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=938B2477F90E40AC91DA123EF9A5995B HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D938B2477F90E40AC91DA123EF9A5995B

Request Chain 102

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=938B2477F90E40AC91DA123EF9A5995B&expires=365

Request Chain 103

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=938B2477F90E40AC91DA123EF9A5995B HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=938B2477F90E40AC91DA123EF9A5995B

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEEQ8KM-EQCfhFHhxEpyGxko&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=938B2477F90E40AC91DA123EF9A5995B HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 109

https://d.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&xid_ch=f&pv=12924806026.224588&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/UMRHNEJ4K5BGJHIYYMDOFH.js

Request Chain 115

https://d.adroll.com/cm/r/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 116

https://d.adroll.com/cm/b/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZTkzMjM1NzcyZTZkZjg5NjUyMTA4MWI2MGJhMDViYzQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTkzMjM1NzcyZTZkZjg5NjUyMTA4MWI2MGJhMDViYzQ

Request Chain 117

https://d.adroll.com/cm/x/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=ZTkzMjM1NzcyZTZkZjg5NjUyMTA4MWI2MGJhMDViYzQ

Request Chain 118

https://d.adroll.com/cm/l/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=e93235772e6df896521081b60ba05bc4

Request Chain 119

https://d.adroll.com/cm/o/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=e93235772e6df896521081b60ba05bc4

Request Chain 120

https://d.adroll.com/cm/g/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=6TI1dy5t-JZSEIG2C6BbxA HTTP 302
https://d.adroll.com/cm/g/in

122 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04 Show response
info.xcentricmold.com/e2t/sc2/ 8 KB
3 KB 179ms
123ms Document
text/html 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.xcentricmold.com/e2t/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662c1691cb14259f9025be818b1e243b3f9ad3631c0973b727b6807915b55a71

Request headers

:method: GET
:authority: info.xcentricmold.com
:scheme: https
:path: /e2t/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:16 GMT
content-type: text/html;charset=utf-8
cf-ray: 651dfe5c9f96cc42-ZRH
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a269d4de40000cc42250aa000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: cd0a222a-86bf-4d8c-9b84-1bcfe49f84b2
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ILUIFH6p80WjwXZCM3wYIQaN6F2QWcSGxd%2FNL1BCSOTAIkYwXMttDq3c6zlHcTHiMS9Lh6yU%2B43Ky2AK4yTGaWCcOa9F9PIJ2ws2yxbGYOV7fsDOohc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=862b81d260f20b2b7ed55c1c364ef6e7b4dd6680-1621434316; path=/; domain=.info.xcentricmold.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request quote.php Show response
my.xcentricmold.com/
Redirect Chain

https://info.xcentricmold.com/events/public/v1/track/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04?_ud=a6e7c2d9-1a50-4e96-a101-1863f79e8354&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p
https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDE...

11 KB
5 KB

436ms
405ms

Document
text/html

2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8

Requested by

Host: info.xcentricmold.com
URL: https://info.xcentricmold.com/e2t/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.5.9-1ubuntu4.29

Resource Hash

88e30c6482762921accebf555b8468cefb43a545e3365981ea6a53cc9a95dc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:method: GET
:authority: my.xcentricmold.com
:scheme: https
:path: /quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://info.xcentricmold.com/e2t/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-powered-by: PHP/5.5.9-1ubuntu4.29
set-cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
cf-request-id: 0a269d5005000005bfbb90d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 651dfe600f0705bf-FRA
content-encoding: gzip

Redirect headers

date: Wed, 19 May 2021 14:25:16 GMT
location: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8#/
cf-ray: 651dfe5d7951cc42-ZRH
link: <https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8#/>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a269d4e680000cc42250bc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: f9db9748-1b61-4697-9950-527146b1f408
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8EmvE1iEj3dCHoRnthXfjY6xlgGH0N0jLGm2iMKfWwLJTe4%2FarNwQajoe4QZr9F3gMqZSGlAmd2H8tBV7YmIZa4pFpNBVs%2BIqcUcaefaprVqizvsUYQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.97aa265a.css
my.xcentricmold.com/css/ 11 KB
3 KB 12ms
11ms Stylesheet
text/css 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/css/app.97aa265a.css

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5310396b2c75064cc2d201930de5e4553f8ecee6b12dd5f588e58a905989b304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /css/app.97aa265a.css
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 248790
content-length: 2754
cf-request-id: 0a269d51a1000005bffb004000000001
last-modified: Fri, 26 Feb 2021 18:14:05 GMT
server: cloudflare
etag: "2b20-5bc413bc51819-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe629e5d05bf-FRA
expires: Tue, 15 Jun 2021 17:18:47 GMT

GET
H2 200 chunk-vendors.4f80b3ce.css
my.xcentricmold.com/css/ 253 KB
34 KB 16ms
16ms Stylesheet
text/css 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/css/chunk-vendors.4f80b3ce.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5789c10147e1c2f98d13a90e691b49540e94f3ab314594beeeddbb51f17cc8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /css/chunk-vendors.4f80b3ce.css
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 248790
content-length: 35041
cf-request-id: 0a269d51a2000005bfdc16f000000001
last-modified: Fri, 26 Feb 2021 18:14:05 GMT
server: cloudflare
etag: "3f26e-5bc413bcde21f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe629e6005bf-FRA
expires: Tue, 15 Jun 2021 17:18:47 GMT

GET
H2 200 app.f077827f.js Show response
my.xcentricmold.com/js/ 447 KB
88 KB 22ms
21ms Script
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/app.f077827f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7ce5504d79b0b75e6b0966df89777730d09839d1795c2a9f40240f7d64459af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/app.f077827f.js
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Feb 2021 18:14:10 GMT
server: cloudflare
age: 248790
etag: "6fbd5-5bc413c174f32-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-ray: 651dfe629e6205bf-FRA
cf-request-id: 0a269d51a2000005bfc9a0d000000001
expires: Sat, 14 Aug 2021 17:18:47 GMT

GET
H2 200 chunk-vendors.22e1a159.js Show response
my.xcentricmold.com/js/ 2 MB
544 KB 33ms
32ms Script
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/chunk-vendors.22e1a159.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd1d14a92a8831b1f6e34a51690dae7fe6ffb875701a19a5d4f979409b672690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/chunk-vendors.22e1a159.js
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Feb 2021 18:14:12 GMT
server: cloudflare
age: 248790
etag: "1ca2dd-5bc413c39004a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-ray: 651dfe629e6505bf-FRA
cf-request-id: 0a269d51a2000005bf0981d000000001
expires: Sat, 14 Aug 2021 17:18:47 GMT

GET
H2 200 launch-513a6858baea.min.js Show response
assets.adobedtm.com/175f7caa2b90/9c890159ef9e/ 60 KB
18 KB 22ms
5ms Script
application/x-javascript 2a02:26f0:6c00:2b8::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/175f7caa2b90/9c890159ef9e/launch-513a6858baea.min.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b8::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 70b6c4af67b324cebae064a53a2e662ee4168295bc8c3c91036598d7bd6c7e80

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
last-modified: Fri, 09 Oct 2020 14:43:54 GMT
server: AkamaiNetStorage
etag: "38f1ef784951222c4e5f8cab3ab8233b:1602254634.153646"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://my.xcentricmold.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 18425
expires: Wed, 19 May 2021 15:25:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 35ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2746449-2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4013879faa4198826074d21f09ff1c414a1646d4281ef7a71d9581cc13e5545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35728
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 May 2021 14:25:17 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
21 KB 40ms
24ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 4987071
cdn-cachedat: 2021-03-11 11:57:54
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a269d51b300000ebba682a000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: dcdee09e0424662ab2f23fa5a2fdac32
cf-ray: 651dfe62bbfb0ebb-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 18ms
15ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2318304
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 0a269d51a40000324cb416b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iJouNTYvnFRfykqSXkCxdCMQ6bCCN8%2B63fSzo8d15hv899JHMTgLfoBE%2Bojr1yxO9dXwxdfViV0n91DBfaFDpbdPE6JHsRLkEmoUL4wB4z%2BPSAwlVocX15QD7IA%2B8LAdiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 651dfe62af2e324c-FRA
expires: Mon, 09 May 2022 14:25:17 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 28ms
8ms Stylesheet
text/css 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-8c85"
vary: Accept-Encoding
x-hw: 1621434317.dop161.fr8.t,1621434317.cds232.fr8.hc,1621434317.cds272.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2 200 select2.min.css
cdn.jsdelivr.net/npm/select2@4.0.13/dist/css/ 15 KB
2 KB 9ms
6ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.0.13/dist/css/select2.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3500504
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1994
etag: W/"3a76-rlc1Vi+qvRotmAO7179MUCteT1E"
x-served-by: cache-fra19156-FRA, cache-hhn4033-HHN
date: Wed, 19 May 2021 14:25:17 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
my.xcentricmold.com/xcentric-css/ 35 KB
6 KB 24ms
21ms Stylesheet
text/css 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/xcentric-css/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2839b46c20c66edda55dd2a9afdaba6116e89e82ff3ba4f063eff1718bd251c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /xcentric-css/style.css
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 74117
content-length: 6064
cf-request-id: 0a269d51a5000005bff6810000000001
last-modified: Thu, 30 Jul 2020 15:18:43 GMT
server: cloudflare
etag: "8ac3-5abaa3017c754-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe62ae6e05bf-FRA
expires: Thu, 17 Jun 2021 17:50:00 GMT

GET
H2 200 dropzone.css
my.xcentricmold.com/xcentric-css/ 12 KB
2 KB 31ms
29ms Stylesheet
text/css 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/xcentric-css/dropzone.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd213e433d91bc86b980e1d2352e743144d3cd100e611100e7e0ce98c3453d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /xcentric-css/dropzone.css
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 74117
content-length: 1795
cf-request-id: 0a269d51a5000005bfec9a2000000001
last-modified: Thu, 30 Jul 2020 15:18:37 GMT
server: cloudflare
etag: "31ec-5abaa2fc6cbe9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe62ae7205bf-FRA
expires: Thu, 17 Jun 2021 17:50:00 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
my.xcentricmold.com/xcentric-js/ 86 KB
30 KB 38ms
36ms Script
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/xcentric-js/jquery-3.4.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /xcentric-js/jquery-3.4.1.min.js
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 248790
content-length: 30597
cf-request-id: 0a269d51a5000005bfae9a9000000001
last-modified: Thu, 30 Jul 2020 15:18:48 GMT
server: cloudflare
etag: "15850-5abaa306a2a12-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe62ae7305bf-FRA
expires: Sat, 14 Aug 2021 17:18:47 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 28ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-7f20a"
vary: Accept-Encoding
x-hw: 1621434317.dop161.fr8.t,1621434317.cds232.fr8.hc,1621434317.cds269.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 59 KB
16 KB 36ms
21ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 4987416
cdn-cachedat: 2021-03-11 11:57:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a269d51b400000ebb9304d000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8da1ce295248c6a4ae36ffa7725f4510
cf-ray: 651dfe62bbfc0ebb-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 custom.js Show response
my.xcentricmold.com/xcentric-js/ 1 KB
685 B 22ms
20ms Script
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/xcentric-js/custom.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd36a140799c0addac5cb2b2787a416d0af8769790b0be7d303898c4416fd800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /xcentric-js/custom.js
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 74117
content-length: 524
cf-request-id: 0a269d51a6000005bfa3205000000001
last-modified: Thu, 30 Jul 2020 15:18:47 GMT
server: cloudflare
etag: "473-5abaa306008b1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe62ae7605bf-FRA
expires: Mon, 16 Aug 2021 17:50:00 GMT

GET
H2 200 dropzone.min.js Show response
my.xcentricmold.com/xcentric-js/ 47 KB
13 KB 16ms
14ms Script
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/xcentric-js/dropzone.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /xcentric-js/dropzone.min.js
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 248790
content-length: 13569
cf-request-id: 0a269d51a6000005bfe90ee000000001
last-modified: Thu, 30 Jul 2020 15:18:48 GMT
server: cloudflare
etag: "bc15-5abaa306586bd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe62ae7805bf-FRA
expires: Sat, 14 Aug 2021 17:18:47 GMT

GET
H2 200 cc1f455218.js Show response
use.fontawesome.com/ 9 KB
4 KB 72ms
23ms Script
text/javascript 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/cc1f455218.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a14de730c9ef0042af2d62f509232c21d50c26f3f15b37c13245775c8b66fddf

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
last-modified: Thu, 15 Aug 2019 20:18:54 GMT
server: NetDNA-cache/2.2
x-amz-request-id: ZRB71J48F1AWEZTF
etag: W/"72d2b4f5f035440c8607c755c84661eb"
x-cache: HIT
content-type: text/javascript
cache-control: max-age=0, private, must-revalidate
x-amz-id-2: n4qi2KrUfwqztRl30KukRdlPg6ieblCepwlCuFKCxcf+7gfWbfXhA9OAHtJqDiZ8cQ86vS5I8/E=

GET
H2 200 logo.png
www.xcentricmold.com/wp-content/uploads/2020/02/ 7 KB
7 KB 421ms
138ms Image
image/png 69.16.192.79
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xcentricmold.com/wp-content/uploads/2020/02/logo.png
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.192.79 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.varchannelmarketing.com
Software: Apache/2.4.46 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: c0ad438be933312363a10b5de50018c8f1a398b833857c217b00eeac9f562cd2

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
last-modified: Wed, 05 Feb 2020 11:58:48 GMT
server: Apache/2.4.46 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 6976
expires: Thu, 16 Sep 2021 14:25:17 GMT

GET
H2 200 xeogl.js Show response
my.xcentricmold.com/js/ 1 MB
189 KB 12ms
11ms Script
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/xeogl.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13d40fd2c71c7a45298b0dbb1afdb0c0143de83f6619625eb22950f500627764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/xeogl.js
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Feb 2021 18:14:17 GMT
server: cloudflare
age: 74116
etag: "1295b0-5bc413c7d1dfa-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-ray: 651dfe63381505bf-FRA
cf-request-id: 0a269d5203000005bfd7ab4000000001
expires: Mon, 16 Aug 2021 17:50:01 GMT

GET
H2 200 glTFModel.js Show response
my.xcentricmold.com/js/ 63 KB
12 KB 10ms
10ms Script
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/glTFModel.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4236ee2bb45d537519d85737b4ae332cf8182a36686144e110ef6d18b702659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/glTFModel.js
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 248789
content-length: 11747
cf-request-id: 0a269d5203000005bfa320f000000001
last-modified: Fri, 26 Feb 2021 18:14:14 GMT
server: cloudflare
etag: "fb4f-5bc413c52451c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe63381805bf-FRA
expires: Sat, 14 Aug 2021 17:18:48 GMT

GET
H2 200 axisHelper.js Show response
my.xcentricmold.com/js/ 10 KB
2 KB 19ms
14ms Script
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/axisHelper.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d630bbe7973e178d37c77da1a8252d1599867b390fc2b9d4dab35ea93e48c61e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/axisHelper.js
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 248789
content-length: 2011
cf-request-id: 0a269d520d000005bf0ead6000000001
last-modified: Fri, 26 Feb 2021 18:14:11 GMT
server: cloudflare
etag: "27f4-5bc413c22e7fa-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe63483705bf-FRA
expires: Sat, 14 Aug 2021 17:18:48 GMT

GET
H2 200 aabbHelper.js Show response
my.xcentricmold.com/js/ 2 KB
999 B 17ms
12ms Script
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/aabbHelper.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa5664e8f4b3930099bde87b1dfa0a122f12cc98ca2b541b315f03e48f90c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/aabbHelper.js
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 248789
content-length: 828
cf-request-id: 0a269d520d000005bf9f0cf000000001
last-modified: Fri, 26 Feb 2021 18:14:11 GMT
server: cloudflare
etag: "8fa-5bc413c209639-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe63483a05bf-FRA
expires: Sat, 14 Aug 2021 17:18:48 GMT

GET
H2 200 vectorTextGeometry.js Show response
my.xcentricmold.com/js/ 47 KB
4 KB 25ms
21ms Script
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/vectorTextGeometry.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb0576b8242d1af9c686479e912f199022b4eb97440bb7e557725d864fb437f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/vectorTextGeometry.js
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 248789
content-length: 4409
cf-request-id: 0a269d520e000005bfa8819000000001
last-modified: Fri, 26 Feb 2021 18:14:16 GMT
server: cloudflare
etag: "bc65-5bc413c69e40c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe63483d05bf-FRA
expires: Sat, 14 Aug 2021 17:18:48 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 43 KB
16 KB 43ms
38ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

325fe3b5a9d659efe33a7c3b6efd4a361bf4823895d49f81bf9aaa893f6b35a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16634
x-xss-protection: 0
server: cafe
etag: 4412582579092058430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 May 2021 14:25:17 GMT

GET
H2 200 5260542.js Show response
js.hs-scripts.com/ 2 KB
738 B 399ms
395ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5260542.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34da68f0c68e9bb39a158890b2e5d92609c644244318a0a3b3210884608ff0cf

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 2b0d952a-8f7a-4887-8bbf-b4e9faf241aa
cf-request-id: 0a269d520f00002b35d0a68000000001
server: cloudflare
x-trace: 2B058A8BA3EB0ABF334936FA7EA05B5E129E1B811D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://my.xcentricmold.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 651dfe634c782b35-FRA
expires: Wed, 19 May 2021 14:26:17 GMT

GET
H2 200 gaconnector.js Show response
track.gaconnector.com/ 8 KB
3 KB 342ms
114ms Script
text/plain 34.197.34.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/gaconnector.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.34.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-34-29.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
access-control-request-method: *
server: nginx/1.18.0
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
access-control-allow-headers: *
content-length: 3080
expires: Wed, 19 May 2021 15:25:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
54 KB 37ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NT2P3DN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed6ec57ad1150f2db996101a4d46881cf80edbde731683fff1824aff5e26a618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55401
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 May 2021 14:25:17 GMT

GET
H2 200 hotjar-891230.js Show response
static.hotjar.com/c/ 4 KB
2 KB 103ms
59ms Script
application/javascript 13.224.95.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-891230.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.95.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-95-81.zrh50.r.cloudfront.net

Software

Resource Hash

e77b8f6ef1c7997655ae2f3fad1300d3fcf663d8a6fbb7eb28a78e4432fda540

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/297a776c67d1ace1754695a2e46cc2f5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1878
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
x-amz-cf-id: g_IHs4kCLqLA1uyANzudZD70IAhQkYeDRvm8o3rHuAhnWQGtIFekIw==

GET
H2 200 chunk-52aadb39.2be1aec3.css
my.xcentricmold.com/css/ 0
263 B 24ms
19ms Other
text/css 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/css/chunk-52aadb39.2be1aec3.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
:path: /css/chunk-52aadb39.2be1aec3.css
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 248789
content-length: 102
cf-request-id: 0a269d5212000005bfd61c5000000001
last-modified: Fri, 26 Feb 2021 18:14:05 GMT
server: cloudflare
etag: "61-5bc413bc8737b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe63584c05bf-FRA
expires: Tue, 15 Jun 2021 17:18:48 GMT

GET
H2 200 chunk-52aadb39.cf890450.js
my.xcentricmold.com/js/ 0
143 KB 18ms
13ms Other
application/javascript 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/chunk-52aadb39.cf890450.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
:path: /js/chunk-52aadb39.cf890450.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Feb 2021 18:14:11 GMT
server: cloudflare
age: 74116
etag: "90575-5bc413c270e7d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-ray: 651dfe63584e05bf-FRA
cf-request-id: 0a269d5213000005bfb1253000000001
expires: Mon, 16 Aug 2021 17:50:01 GMT

GET
H3-29 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 30ms
19ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://my.xcentricmold.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1786717
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 0a269d5214000005fd3c9ca000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g3EpO4lrmBi7cVodmNB7GKpssOczKsxk5ESrcr72efjh3owFUPbiuBxyAYFxwm%2BWIcBM0x9ZpygYcmtECfYBkH0H3coU49VnOusklF0sCjtDWyygE6T3ezWAHYWZt5pUSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 651dfe635fa205fd-FRA
expires: Mon, 09 May 2022 14:25:17 GMT

GET
H2 200 cc1f455218.css
use.fontawesome.com/ 1 KB
686 B 27ms
22ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/cc1f455218.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/cc1f455218.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0dfaf3831bf0dc1d82ceb28545afb555ee1fcc71ce40ca70e54aa3d960cbd4d6

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
last-modified: Thu, 15 Aug 2019 20:18:54 GMT
server: NetDNA-cache/2.2
x-amz-request-id: JBW2TE6K8CVRHRYJ
etag: W/"359d7543d04fd976e44c28ac02e1f5a7"
x-cache: HIT
content-type: text/css
cache-control: max-age=0, private, must-revalidate
x-amz-id-2: PgQLys9i2vtk15Py7/bLpy4QbQm6donEUC0SuKkGp+WziFmBLcACAUcaDybsYyZGLQANGk9Cjxc=

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
8 KB 26ms
24ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/cc1f455218.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer: https://use.fontawesome.com/cc1f455218.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2016 17:21:58 GMT
server: NetDNA-cache/2.2
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

OPTIONS
H2 200 getToken
yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/ Frame 0
0 358ms
304ms Preflight
application/json 13.224.95.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/getToken
Protocol: H2
Server: 13.224.95.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-14.zrh50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://my.xcentricmold.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 19 May 2021 14:25:17 GMT
x-amzn-requestid: 0b694275-a466-4359-8d61-6556ed99b423
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: flHoMFcnoAMF63w=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 a06cb72e779e366fcd004926eacd5b85.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Aj-EJbJV6WYnkU30kTgMxD6Rc6D1rGSePVt5nN5maRuqzDYOQbOTwA==

GET
H2 200 Icons_Settings.svg
my.xcentricmold.com/xcentric-images/ 2 KB
1 KB 30ms
29ms Image
image/svg+xml 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/xcentric-images/Icons_Settings.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d56578760cd77e5a75b0b96fa67d3ff7fae09959c2e44adf892f0d6eaf23ce95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /xcentric-images/Icons_Settings.svg
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 74113
content-length: 894
cf-request-id: 0a269d5376000005bfaca43000000001
last-modified: Thu, 30 Jul 2020 15:18:46 GMT
server: cloudflare
etag: "71c-5abaa3047035b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe658fb705bf-FRA
expires: Thu, 17 Jun 2021 17:50:04 GMT

GET
H2 200 logo_confirm.png
my.xcentricmold.com/xcentric-images/ 20 KB
20 KB 23ms
22ms Image
image/png 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/xcentric-images/logo_confirm.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b632b5f4d8ed2f2cc98c3b520e3de4fd34c3077dd7299192c573267ec319acfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /xcentric-images/logo_confirm.png
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 74113
content-length: 20210
cf-request-id: 0a269d537a000005bfc9a5b000000001
last-modified: Thu, 30 Jul 2020 15:18:47 GMT
server: cloudflare
etag: "4ef2-5abaa3052f96b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe658fba05bf-FRA
expires: Wed, 18 May 2022 17:50:04 GMT

GET
H2 200 injection_mold.png
my.xcentricmold.com/imgs/ 9 KB
10 KB 31ms
30ms Image
image/png 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/imgs/injection_mold.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5da64f1d0c705b7da038b311e984e6c81b35a48836e7034d97a15d3a48ef6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /imgs/injection_mold.png
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 74113
content-length: 9630
cf-request-id: 0a269d537d000005bfbb97d000000001
last-modified: Thu, 30 Jul 2020 14:43:12 GMT
server: cloudflare
etag: "259e-5aba9b11d0f1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe658fbb05bf-FRA
expires: Wed, 18 May 2022 17:50:04 GMT

GET
H2 200 overmolding.png
my.xcentricmold.com/imgs/ 9 KB
10 KB 20ms
19ms Image
image/png 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/imgs/overmolding.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81bdae18fbd87f036bf0eb41b79eb8c29ed940b557f2bc27a8923ca3bcf7a850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /imgs/overmolding.png
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 74113
content-length: 9553
cf-request-id: 0a269d5377000005bfeda57000000001
last-modified: Thu, 30 Jul 2020 14:43:13 GMT
server: cloudflare
etag: "2551-5aba9b11f7067"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe658fbc05bf-FRA
expires: Wed, 18 May 2022 17:50:04 GMT

GET
H2 200 cncmachining.png
my.xcentricmold.com/imgs/ 13 KB
13 KB 39ms
39ms Image
image/png 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/imgs/cncmachining.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb69546ce0ce193c0ace2243e3527d1cecab8bd81932f194f66625ffb9c951bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /imgs/cncmachining.png
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 74113
content-length: 13306
cf-request-id: 0a269d537f000005bfd7aea000000001
last-modified: Thu, 30 Jul 2020 14:43:12 GMT
server: cloudflare
etag: "33fa-5aba9b115fadf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe658fbd05bf-FRA
expires: Wed, 18 May 2022 17:50:04 GMT

GET
H2 200 3Dprinting.png
my.xcentricmold.com/imgs/ 12 KB
12 KB 24ms
24ms Image
image/png 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/imgs/3Dprinting.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9a7539ab9fb15ff60587736783a44002eba0ac372129f8190582ec2182d1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /imgs/3Dprinting.png
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 74113
content-length: 12602
cf-request-id: 0a269d537c000005bfeda58000000001
last-modified: Thu, 30 Jul 2020 14:43:11 GMT
server: cloudflare
etag: "313a-5aba9b10a52ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe658fc705bf-FRA
expires: Wed, 18 May 2022 17:50:04 GMT

GET
H2 200 casturetahne.png
my.xcentricmold.com/imgs/ 11 KB
11 KB 27ms
26ms Image
image/png 2606:4700:10::6816:21b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/imgs/casturetahne.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11ba9ed4c5e901324ceeca0ebc8d4cd4f074159c97c1055eeb5c8213dbaad7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /imgs/casturetahne.png
pragma: no-cache
cookie: PHPSESSID=a81l381oteld7vj5p8ne8dph50
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: my.xcentricmold.com
referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 420
content-length: 10916
cf-request-id: 0a269d537c000005bf1d9fe000000001
last-modified: Thu, 30 Jul 2020 14:43:12 GMT
server: cloudflare
etag: "2aa4-5aba9b11147eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 651dfe658fc805bf-FRA
expires: Thu, 19 May 2022 14:18:17 GMT

POST
H2 200 getToken Show response
yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/ 202 B
818 B 330ms
330ms XHR
application/json 13.224.95.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/getToken
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/js/chunk-vendors.22e1a159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-14.zrh50.r.cloudfront.net
Software: / Express
Resource Hash: ace514a772b5329fd47921d1b51dc15e135ddb0e875ec23e5e6e4353074fa8a8

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 19 May 2021 14:25:18 GMT
via: 1.1 a06cb72e779e366fcd004926eacd5b85.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 202
x-amzn-remapped-date: Wed, 19 May 2021 14:25:18 GMT
x-amz-cf-pop: ZRH50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: flHoPHJ_IAMF6aA=
content-length: 202
x-amzn-requestid: 69af4778-a860-4a69-b553-208a5701d570
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-amzn-remapped-server: Apache/2.4.29 (Ubuntu)
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept
x-amz-cf-id: RmhUgo1WhSr0kjByn6r1M6v1TTphIAKckNSzrjjfK0QEAb2A1b1yjg==
x-amzn-remapped-connection: Keep-Alive

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
33 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10117150

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/175f7caa2b90/9c890159ef9e/launch-513a6858baea.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1216c4816813f463350121f60b0f0d273ac5348cc9c7f0bb328749dc837fb954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33295
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 May 2021 14:25:17 GMT

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 85ms
35ms Font
application/font-woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/cc1f455218.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://my.xcentricmold.com
Referer: https://use.fontawesome.com/cc1f455218.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
last-modified: Mon, 17 Jul 2017 16:24:59 GMT
server: NetDNA-cache/2.2
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 77160

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1052707430/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1052707430/?random=1621434317920&cv=9&fst=1621434317920&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&tiba=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

818fb9da7d59e3f1710553cd401a617e0a44a3d65653a5532965c249898f7460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1192
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 52ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 17:21:02 GMT
x-msedge-ref: Ref A: 294C48C5D3FF4E44B42F4F137A9814C2 Ref B: FRAEDGE1306 Ref C: 2021-05-19T14:25:17Z
etag: "0d398608930d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8910

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2746449-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3321
date: Wed, 19 May 2021 13:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 19 May 2021 15:29:56 GMT

GET
H2 200 modules.0fd8b750824023792fba.js Show response
script.hotjar.com/ 220 KB
58 KB 62ms
23ms Script
application/javascript 13.224.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0fd8b750824023792fba.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-891230.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-95-46.zrh50.r.cloudfront.net

Software

Resource Hash

65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 629293
x-cache: Hit from cloudfront
content-length: 59191
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 07:37:04 GMT
etag: "cd11ca1a90eced753504203f173db976"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: oW0SXyry9Ny7g892_4GEsaOBqGtpUj1DaDNOz2g6qG7rcyjB-q68_Q==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT2P3DN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 14:25:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=46716
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1185545/ 65 KB
22 KB 174ms
127ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1185545/tfa.js
Requested by: Host: info.xcentricmold.com
URL: https://info.xcentricmold.com/e2t/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54f0c4a81ee2f3e6a0266117fa56ac989ed6ac71a824ec2a3a2fe78509ba039b

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Yslb70yJck63__IS1gNqytbno48.H6bz
content-encoding: gzip
etag: "2d4045167d87a1af15a83df9c9c15f05"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 22295
x-amz-id-2: RpdLSFFv4rEWQlvUryO+DOD3OMXPWigY9PrIv0THbbt3uKuN4AQtHXw7rndU2iAjYbgORUBv21Y=
x-served-by: cache-hhn11542-HHN
last-modified: Tue, 04 May 2021 16:20:32 GMT
server: AmazonS3
x-timer: S1621434318.035656,VS0,VE105
date: Wed, 19 May 2021 14:25:18 GMT
vary: Accept-Encoding
x-amz-request-id: NZPJ074AH5CWTZWS
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 26
x-cache-hits: 1

GET
H2 200 3f2d61e0-c13e-0137-5c6b-06659b33d47c Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 82ms
26ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/3f2d61e0-c13e-0137-5c6b-06659b33d47c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT2P3DN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

539e15791a15a8fc597095354306dc229c1fd1b0270f3135a674b3e1f3421805

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 19 May 2021 14:25:18 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: FoB96-l1dqWV7PgD6KKD
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
2 KB 20ms
18ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5260542.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b2305414c9bf43fa92261bef6e29c905907a74dac72bd4db0bc7c0564c2a1cf

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
via: 1.1 91541e88a15c80bced2ffb950f407c1e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 519
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.236/bundles/pixels-release.js&cfRay=651df1b57cb3d6f1-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0a269d54a800004de28b1e3000000001
last-modified: Wed, 19 May 2021 01:36:15 UTC
server: cloudflare
etag: W/"9bf4a7e463a03f7ef4d23adef96f0eb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 7qr9esS2QpE6nCtS.kIl1u2Oe.WmUioR
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 651dfe676c064de2-FRA
x-amz-cf-id: YKglHGM-tjLP-zNrtWKeTVgBCCRJe6ysz10pIrSMMpClEJsHy5l1xg==
x-hs-target-asset: adsscriptloaderstatic/static-1.236/bundles/pixels-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 81 KB
19 KB 26ms
25ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5260542.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3122ef66ff9e6b4de9cfaeb484881af52bded234f8bed33643f515e68f33ceff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:18 GMT
via: 1.1 156336391961f724345f6534c674b6eb.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 398
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8820/bundles/project.js&cfRay=651df4aa196dd729-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0a269d54a200004e321db35000000001
last-modified: Mon, 17 May 2021 06:57:52 UTC
server: cloudflare
etag: W/"b373692eef1fee419577ad498aa96201"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: cU6W2PpqfOpO_F40uZh.c4AX9rZjXHrX
cache-control: max-age=600
x-hs-cache-status: EXPIRED
x-amz-cf-pop: IAD89-C3
cf-ray: 651dfe676f324e32-FRA
x-amz-cf-id: ocQln4MXaji_qGLuLz0ULxVETWJyj-dzH0XK29tXO3oKMdbUEsOQqQ==
x-hs-target-asset: conversations-embed/static-1.8820/bundles/project.js

GET
H2 200 5260542.js Show response
js.hs-banner.com/ 59 KB
14 KB 23ms
23ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5260542.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5260542.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814f277da0aadf11f156f72dd16e194c30ce034e3c5ee85e2303bd4314750a7

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 26
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: 5Q8XJ9J8PDHDYZV9
x-amz-id-2: OdZBpqw9CQ6faT8dv477PBCi62vWqEHl+ZeT7L2PPdMNOqmMtNTvpXAwJONZt9+UeKVRwmnxoKQ=
timing-allow-origin: *
last-modified: Wed, 12 May 2021 19:45:13 GMT
server: cloudflare
etag: W/"84f5af0d0f91fa6608536bedc9b49bc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: xcrKD55Em08A3MMbo4aKoneLZphwi0dH
access-control-allow-origin: https://www.xcentricmold.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 0a269d54a30000dfe32aa7f000000001
cf-ray: 651dfe676bfddfe3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 19 May 2021 14:29:51 GMT

GET
H2 200 5260542.js Show response
js.hs-analytics.net/analytics/1621434300000/ 62 KB
18 KB 726ms
725ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1621434300000/5260542.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5260542.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ead3485b4907f1f177c0f9f0dcce861401b01b0c31a590ee4de645fdba10f06

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:18 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 6TCKR0NB92CBDK2R
x-amz-server-side-encryption: AES256
cf-ray: 651dfe6769bc05ed-FRA
x-amz-id-2: WZPEYUj9q2Jk4cLJxR7SGRPpVwNpP1EwEaCnrPGxq1JGsJXO/NoO9g5zpH4HrnJ2TDuHnPguKbE=
last-modified: Wed, 12 May 2021 19:51:23 GMT
server: cloudflare
etag: W/"88111e403d431b8750094aa8f2f1753c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 0a269d54a3000005ed29ab5000000001
content-type: text/javascript
expires: Wed, 19 May 2021 14:30:18 GMT

GET
H/1.1 200
OK twin.js Show response
twin-iq.kickfire.com/ 423 B
643 B 669ms
166ms Script
text/javascript 209.128.119.223
BAYAREA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://twin-iq.kickfire.com/twin.js?14192

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/175f7caa2b90/9c890159ef9e/launch-513a6858baea.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.128.119.223 , United States, ASN7151 (BAYAREA-AS, US),

Reverse DNS

209-128-119-223.bayarea.net

Software

Apache /

Resource Hash

0c105bd80cead6e558f7767a26457c0a031384fa4348787c7611e6004cab7fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 14:25:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 17:22:01 GMT
Server: Apache
ETag: "280029-1a7-593dc97244982"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 287

GET
H2 200 /
www.google.com/pagead/1p-user-list/1052707430/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1052707430/?random=1621434317920&cv=9&fst=1621432800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&tiba=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&fmt=3&is_vtc=1&random=4186518076&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1052707430/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1052707430/?random=1621434317920&cv=9&fst=1621432800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&tiba=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&fmt=3&is_vtc=1&random=4186518076&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4021665 Show response
bat.bing.com/p/action/ 0
127 B 30ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4021665
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 19 May 2021 14:25:17 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 5FC28CE23DD546749E4C68CC828379B1 Ref B: FRAEDGE1306 Ref C: 2021-05-19T14:25:18Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4021665&Ver=2&mid=1dc440f5-e6ef-421a-b687-d1ada73d2946&sid=0905b120b8ae11eba486db88e75228b4&vid=09061ba0b8ae11eb9bc1fdff9f8b3145&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&kw=injection%20molding,injection%20mold,%20plastic%20injection%20mold,%20plastic%20injection%20molding,%20injection%20molds,%20injection%20molded,%20injection%20molding%20parts,%20injection%20molded%20parts,%20injection%20molding%20companies,%20injection%20molding%20company,%20plastic%20manufacturing%20companies,%20plastic%20manufacturing%20company,%20plastic%20injection%20molds&p=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8%23%2F&r=&lt=1552&evt=pageLoad&msclkid=N&sv=1&rn=487446
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 19 May 2021 14:25:17 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 12562046858A43D2A44D0C6820FE3657 Ref B: FRAEDGE1306 Ref C: 2021-05-19T14:25:18Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=832649288&t=pageview&_s=1&dl=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&ul=en-us&de=UTF-8&dt=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUADQAAAAC~&jid=1460141131&gjid=340895974&cid=1433003534.1621434318&tid=UA-2746449-2&_gid=1084548826.1621434318&_r=1&gtm=2ou5c1&z=876678742

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.xcentricmold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 90 KB
35 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TFR3JRM&t=gtm8&cid=1433003534.1621434318

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b196417f94a41b0fe7ee471c3f47549da9fbb778b2eec25b435f14e49716b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36226
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 May 2021 14:25:18 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1621434318081&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D12798730...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1230514%26time%3D1621434318081%26url%3Dhttps%253A%252F%252Fmy.xcentricmold.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1621434318081&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D12798730...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1621434318081&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D1279873...

0
63 B

235ms
235ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1621434318081&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8%23%2F&liSync=true&e_ipv6=AQLE1w3Wbt2kwwAAAXmFBD8AeZFA_Lib08UngXW4pB1ITrCdvRZzAQePB2lfGcDwfxsoSI8C
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:18 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: PHARFOx9gBbgfcMazyoAAA==

Redirect headers

date: Wed, 19 May 2021 14:25:18 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1621434318081&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8%23%2F&liSync=true&e_ipv6=AQLE1w3Wbt2kwwAAAXmFBD8AeZFA_Lib08UngXW4pB1ITrCdvRZzAQePB2lfGcDwfxsoSI8C
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: G91gCOx9gBYAYCAevioAAA==

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame 6C1B 1 KB
1 KB 73ms
33ms Document
text/html 13.224.95.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-891230.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-74.zrh50.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://my.xcentricmold.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://my.xcentricmold.com/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 0bsFJCW4DyT66-0_BVZQtKXGjoTzRJtigZ41SVjvAwXemmvciGPgnA==
age: 4313686

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2746449-2&cid=1433003534.1621434318&jid=1460141131&gjid=340895974&_gid=1084548826.1621434318&_u=YEBAAUACQAAAAC~&z=188628113

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 19 May 2021 14:25:18 GMT
content-type: text/plain
access-control-allow-origin: https://my.xcentricmold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 477 B
1 KB 182ms
171ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=5260542&conversations-embed=static-1.8820&mobile=false&messagesUtk=862686df4eb9447797448485b6e4f31a&traceId=862686df4eb9447797448485b6e4f31a

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf240027035099f32767a6099eb4c9b5de0e0a91befdec3ec0a7b4e463d1c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8#/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://my.xcentricmold.com/

Response headers

date: Wed, 19 May 2021 14:25:18 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a0741077-b6a5-4e18-9893-dee4c3e11f42
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 372
cf-request-id: 0a269d55ef00001786b2966000000001
server: cloudflare
x-trace: 2B38B04A9806112EB7480818271A5E4D7D5874ADD7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dOnfHJ4bl9HoHuDFbrpS387kKBdXUzVyEaPQCWqcDk6N2IN3EOEeuc%2FlpjLVqpG1GljHniYHPPbdTOGmcv1K4x5erWS1xU4iEmTtY%2FfeWiR31t%2FE6UkR8wutpnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://my.xcentricmold.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 651dfe697ee41786-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 201ms
199ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://my.xcentricmold.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 19 May 2021 14:25:18 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 651dfe683cfbc2b8-FRA
access-control-allow-origin: https://my.xcentricmold.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-request-id: 0a269d55200000c2b82aa8e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: e17db17f-18ef-4648-b886-8e0bef7c69c0
x-trace: 2BDA4DA79563E209F591527C3DC1D99273F9AF8A1E000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4POb4yn1mYqBqCMxumKppbXsY6Z6bPCBLkfGisHV6zjSlvA9F9ghGl4Okueg%2FdlgbNoFtuew3TOUzHq2fWiwrwTnpeCHfsvpPhO4Vfo5AhK0CM8Ypj7oZmfowpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2746449-2&cid=1433003534.1621434318&jid=1460141131&_u=YEBAAUACQAAAAC~&z=700119661

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 30ms
29ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2746449-2&cid=1433003534.1621434318&jid=1460141131&_u=YEBAAUACQAAAAC~&z=700119661

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 grades Show response
yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/materials/ 15 KB
16 KB 409ms
408ms XHR
application/json 13.224.95.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/materials/grades?token=d2373a5e3194e42bf4d39fbd860d4b272eec94a50d4a05f8d8aacd67d3f2ba24&query=materialprocessid&against=1
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/js/chunk-vendors.22e1a159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-14.zrh50.r.cloudfront.net
Software: /
Resource Hash: 9d271330d5211ccc08eaa45a14eecf7639b11adef90127e3807c3357ba764467

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:18 GMT
via: 1.1 a06cb72e779e366fcd004926eacd5b85.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amzn-requestid: 75df18b1-d2ef-4242-9ec7-054091c2c10f
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60a51fce-7771bb914667215c73bf40fb
x-amz-apigw-id: flHoTEgMIAMFR_w=
content-length: 15864
x-amz-cf-id: jpwHomDKz6QRCKpMM1GHfbDpXWIT1zr78x0aZN8wItAekXw5H2fyow==

GET
H2 200 gethelperids Show response
yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/ 293 B
651 B 131ms
131ms XHR
application/json 13.224.95.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/gethelperids?token=d2373a5e3194e42bf4d39fbd860d4b272eec94a50d4a05f8d8aacd67d3f2ba24
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/js/chunk-vendors.22e1a159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-14.zrh50.r.cloudfront.net
Software: /
Resource Hash: 4fbf1bfa27a5eb1421fd91b08d3c7e7fa1854582d3fdb1b9ca57bd0290f79e18

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:18 GMT
via: 1.1 a06cb72e779e366fcd004926eacd5b85.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amzn-requestid: e2831738-f316-43ec-b97f-8757b4da2bdf
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60a51fce-121af87c1003cb0e32c71c18
x-amz-apigw-id: flHoRHzMIAMFyPg=
content-length: 293
x-amz-cf-id: roG2CuMMAjV04qB2KC0aFwoIWciRxcMyC3bhlxMRzX6e4JpTT3ia-w==

GET
H/1.1 200
OK twin.php
twin-iq.kickfire.com/ 95 B
426 B 510ms
178ms Image
image/png 209.128.119.223
BAYAREA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twin-iq.kickfire.com/twin.php?TWIQ=14192&kftwiqpg=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8%23%2F&Hst=my.xcentricmold.com&r=0.6885576760429906

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.128.119.223 , United States, ASN7151 (BAYAREA-AS, US),

Reverse DNS

209-128-119-223.bayarea.net

Software

Apache /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 14:25:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: IMAGE/PNG
Content-Length: 102

GET
H/1.1 200
OK aef324fb-06b8-4fe5-90da-80e93280efa3.js Show response
www.rumiview.com/containers/ 208 KB
58 KB 556ms
145ms Script
application/javascript 199.185.0.231
MULTIVIEW

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rumiview.com/containers/aef324fb-06b8-4fe5-90da-80e93280efa3.js
Requested by: Host: info.xcentricmold.com
URL: https://info.xcentricmold.com/e2t/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.185.0.231 , United States, ASN21592 (MULTIVIEW, US),
Reverse DNS
Software: /
Resource Hash: 7944400c467fbe25387f66c69e72ebcd43998f9248aa1463ad9f2e3b1b01956c

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Cookie
cache-control: public, must-revalidate, max-age=360
x-robots-tag: none
transfer-encoding: chunked
content-type: application/javascript; charset=utf-8

GET
H3-29

200

activityi;dc_pre=CM-E4sT51fACFY2D1QodUqoJGQ;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=1887672899.1621434318;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_s... Show response
10117150.fls.doubleclick.net/ Frame 1AFE
Redirect Chain

https://10117150.fls.doubleclick.net/activityi;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=1887672899.1621434318;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Fut...
https://10117150.fls.doubleclick.net/activityi;dc_pre=CM-E4sT51fACFY2D1QodUqoJGQ;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=1887672899.1621434318;~oref=https%3A%2F%2Fmy...

629 B
521 B

42ms
41ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10117150.fls.doubleclick.net/activityi;dc_pre=CM-E4sT51fACFY2D1QodUqoJGQ;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=1887672899.1621434318;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10117150

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

7bb4ff40618ead503819d1161658ec1da99167cd0d4dbb9584bd2236f240129c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10117150.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CM-E4sT51fACFY2D1QodUqoJGQ;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=1887672899.1621434318;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://my.xcentricmold.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 19 May 2021 14:25:18 GMT
expires: Wed, 19 May 2021 14:25:18 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 496
x-xss-protection: 0
set-cookie: IDE=AHWqTUnQJgBNZDR2K_B4lwb6DGZgrBrOZhBqVq9eJIajfDNADqeOlDHdBjZWcFC1e7s; expires=Mon, 13-Jun-2022 14:25:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 19 May 2021 14:25:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10117150.fls.doubleclick.net/activityi;dc_pre=CM-E4sT51fACFY2D1QodUqoJGQ;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=1887672899.1621434318;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CM-E4sT51fACFY2D1QodUqoJGQ;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=*;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%...
adservice.google.com/ddm/fls/z/ Frame 1AFE 42 B
118 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM-E4sT51fACFY2D1QodUqoJGQ;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=*;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8

Requested by

Host: 10117150.fls.doubleclick.net
URL: https://10117150.fls.doubleclick.net/activityi;dc_pre=CM-E4sT51fACFY2D1QodUqoJGQ;src=10117150;type=siter0;cat=siter0;ord=5659577415668;gtm=2od5c1;auiddc=1887672899.1621434318;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10117150.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 133 B
950 B 198ms
139ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5260542

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b895a080d3275d85eb3b61bce127f331efb4fa417f06c4c7ef2170984191e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 18c03e14-91e7-4344-bf6e-67ea0f26cc34
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a269d5ac8000096feee0e4000000001
server: cloudflare
x-trace: 2B687E4B55C5286FA1292E52287FE6356972828442000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q0uN4ccTqqjSCOCWxbktoGCl1dhzmpx%2BbeNju6BiPSfpy5tI3PjF63acLmEJPg1sMJGRFjotIZG%2FRSg4U18f1o%2Bz%2BxeJDOgRwDQvw9zdBeUbFnobU8AXy6F7tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://my.xcentricmold.com
access-control-allow-credentials: false
cf-ray: 651dfe71386296fe-FRA
access-control-allow-headers: *

GET
H2 200 p Show response
i.simpli.fi/ 744 B
2 KB 84ms
27ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=230868&cb=sifi_att_826._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/3f2d61e0-c13e-0137-5c6b-06659b33d47c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

2e2ac7d89f1c7209c165c2b082ff21e69ae4e572c85bcbaf5032d2475d0cb7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
396 B 35ms
35ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=5260542&rcu=https%3A%2F%2Fmy.xcentricmold.com%2F&pu=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8%23%2F&t=Get+a+Quote+%7C+Xcentric+Mold+%26+Engineering&cts=1621434319510&vi=783b322397ae3327947ee5921bc8fe3f&nc=true&u=84242054.783b322397ae3327947ee5921bc8fe3f.1621434319505.1621434319505.1621434319505.1&b=84242054.1.1621434319505&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: bf41c1d6-a197-44e7-ad8a-b149ef755255
cf-ray: 651dfe70fef20614-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0a269d5a99000006145cb53000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5gbNyK5hTuF8IHbiksnXXnCWKJC4o8kAl5CvAuN5LCRlAl9oKJ0DFuWqem%2BrRmY%2BI1fIbN0SAd1XliTifB3pSmgOCMUVqRyyHZ%2ByL9fjEmGFOgdBnrN5alxCUw5TUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 41 KB
13 KB 20ms
6ms Script
text/javascript 2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote.php?utm_source=hs_email&utm_medium=email&utm_content=127987300&_hsmi=127987300&_hsenc=p2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RbvMQlISgmBBsnMKx1p.bqgidE6ZF3W8
Content-Encoding: gzip
ETag: "4748055dbdd5649bb8f3f2a9b89f85b1"
x-amz-request-id: 0TYC7TY00BPM4X39
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12978
x-amz-id-2: xC3iFrWUEgHG0SuvuCH6nQBOaU1a4splR14HQ6mRp3SvQuveQvqOiaFUYYgTfWzs3RoZtaGAtsk=
Last-Modified: Wed, 14 Apr 2021 13:35:10 GMT
Server: AmazonS3
Date: Wed, 19 May 2021 14:25:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HVGJFLP3UFFGVOCJHA63RP/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

6ms
6ms

Script
application/javascript

2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A6E4D842C4F3666B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified: Tue, 19 Jan 2021 16:25:36 GMT
Server: AmazonS3
Date: Wed, 19 May 2021 14:25:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Wed, 19 May 2021 14:25:19 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/ 0
773 B 20ms
6ms Script
text/javascript 2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Kb5R6eO5Q2TssvBS7tmHeWvbLHNPY.NZ
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: PWAXHMCWGN1X8F9P
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: 1SNFTgqd5suS446iMuB330UKJxsbXB/IirHDdjKK6S1mRFv2/wt+8X6poXLcKnmlPZ3bUf2DMGM=
Last-Modified: Wed, 19 May 2021 06:50:37 GMT
Server: AmazonS3
Date: Wed, 19 May 2021 14:25:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/HVGJFLP3UFFGVOCJHA63RP/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/HVGJFLP3UFFGVOCJHA63RP?_s=26a198ff24d4f5e2eebd4741b2eb725b&_b=2
https://d.adroll.com/consent/check/HVGJFLP3UFFGVOCJHA63RP/?_s=26a198ff24d4f5e2eebd4741b2eb725b&_b=2

394 B
862 B

47ms
44ms

Script
application/javascript

54.220.59.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVGJFLP3UFFGVOCJHA63RP/?_s=26a198ff24d4f5e2eebd4741b2eb725b&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.59.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-59-51.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 9a211dc743c4b96e0a9aa983afac1cee4c29966f5a50586b26d023f1893d8ec4

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: application/javascript
content-length: 394
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/HVGJFLP3UFFGVOCJHA63RP/?_s=26a198ff24d4f5e2eebd4741b2eb725b&_b=2
date: Wed, 19 May 2021 14:25:19 GMT
server: nginx/1.18.0
content-length: 105

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=938B2477F90E40AC91DA123EF9A5995B

43 B
183 B

292ms
94ms

Image
image/gif

2600:1f18:612b:4264:262e:5ecd:5178:9f8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=938B2477F90E40AC91DA123EF9A5995B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:262e:5ecd:5178:9f8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=938B2477F90E40AC91DA123EF9A5995B
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=938B2477F90E40AC91DA123EF9A5995B
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=938B2477F90E40AC91DA123EF9A5995B

95 B
427 B

35ms
34ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=938B2477F90E40AC91DA123EF9A5995B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Wed, 19 May 2021 14:25:19 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=938B2477F90E40AC91DA123EF9A5995B
alt-svc: clear
content-length: 0

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=938B2477F90E40AC91DA123EF9A5995B
https://d.agkn.com/pixel/10751/?che=1621434319&ip=212.102.36.146&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164920503791000625538
https://um.simpli.fi/aa_px?sk=164920503791000625538

43 B
409 B

24ms
24ms

Image
image/gif

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164920503791000625538

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 18 May 2021 14:25:19 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 May 2021 14:25:19 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164920503791000625538
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 88ms
24ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=938B2477F90E40AC91DA123EF9A5995B

0
0

80ms
21ms

Image
text/html

143.204.202.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=938B2477F90E40AC91DA123EF9A5995B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-107.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=938B2477F90E40AC91DA123EF9A5995B
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 88ms
25ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 27ms
23ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=938B2477F90E40AC91DA123EF9A5995B;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=938B2477F90E40AC91DA123EF9A5995B;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=8322311711458348006

0
0

24ms
24ms

Image
text/html

143.204.202.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=8322311711458348006
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-107.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=8322311711458348006
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=938B2477F90E40AC91DA123EF9A5995B&j=0

0
324 B

69ms
21ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=938B2477F90E40AC91DA123EF9A5995B&j=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=938B2477F90E40AC91DA123EF9A5995B&j=0
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 28ms
24ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=938B2477F90E40AC91DA123EF9A5995B

0
421 B

478ms
115ms

Image
text/plain

34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=938B2477F90E40AC91DA123EF9A5995B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 19 May 2021 14:25:20 GMT

Redirect headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=938B2477F90E40AC91DA123EF9A5995B
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=938B2477F90E40AC91DA123EF9A5995B

62 B
745 B

219ms
169ms

Image
image/gif

23.79.143.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=938B2477F90E40AC91DA123EF9A5995B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 14:25:19 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 35bd
Content-Type: image/gif

Redirect headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=938B2477F90E40AC91DA123EF9A5995B
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H2

200

tpid=938B2477F90E40AC91DA123EF9A5995B
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=938B2477F90E40AC91DA123EF9A5995B
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=938B2477F90E40AC91DA123EF9A5995B

49 B
714 B

52ms
51ms

Image
image/gif

52.48.137.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=938B2477F90E40AC91DA123EF9A5995B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.34
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=938B2477F90E40AC91DA123EF9A5995B
cache-control: no-cache
x-server: 10.45.7.250
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=938B2477F90E40AC91DA123EF9A5995B
https://ce.lijit.com/merge?pid=2&3pid=938B2477F90E40AC91DA123EF9A5995B&dnr=1

0
433 B

33ms
32ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=938B2477F90E40AC91DA123EF9A5995B&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 14:25:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 May 2021 14:25:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=938B2477F90E40AC91DA123EF9A5995B&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=938B2477F90E40AC91DA123EF9A5995B

0
66 B

102ms
34ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=938B2477F90E40AC91DA123EF9A5995B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=938B2477F90E40AC91DA123EF9A5995B
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1621434319565&cv=7&fst=1621434319565&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1467812715&cv=7&fst=1621434319565&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1467812715&cv=7&fst=1621434319565&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1467812715&cv=7&fst=1621434319565&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
108 B

23ms
22ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1467812715&cv=7&fst=1621434319565&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zx-lYIK0JcPG7_UP6PW54Ag&random=810366579&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1467812715&cv=7&fst=1621434319565&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zx-lYIK0JcPG7_UP6PW54Ag&random=810366579&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=938B2477F90E40AC91DA123EF9A5995B
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=938B2477F90E40AC91DA123EF9A5995B&__user_check__=1&sync_id=0a187af9-b8ae-11eb-928d-152b84bd0306

43 B
548 B

34ms
34ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=938B2477F90E40AC91DA123EF9A5995B&__user_check__=1&sync_id=0a187af9-b8ae-11eb-928d-152b84bd0306
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 14:25:19 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 91
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 19 May 2021 14:25:19 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=938B2477F90E40AC91DA123EF9A5995B&__user_check__=1&sync_id=0a187af9-b8ae-11eb-928d-152b84bd0306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 80
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=938B2477F90E40AC91DA123EF9A5995B
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D938B2477F90E40AC91DA123EF9A5995B

43 B
1 KB

32ms
31ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D938B2477F90E40AC91DA123EF9A5995B

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 14:25:19 GMT
X-Proxy-Origin: 212.102.36.146; 212.102.36.146; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.76:80
AN-X-Request-Uuid: 3d651f4e-36ae-43d1-9323-f87a4654920e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 May 2021 14:25:19 GMT
X-Proxy-Origin: 212.102.36.146; 212.102.36.146; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.210:80
AN-X-Request-Uuid: c4055f60-e4ad-4e66-a02b-510c7466c61b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D938B2477F90E40AC91DA123EF9A5995B
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=938B2477F90E40AC91DA123EF9A5995B&expires=365

42 B
775 B

116ms
29ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=938B2477F90E40AC91DA123EF9A5995B&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=938B2477F90E40AC91DA123EF9A5995B&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 18 May 2021 14:25:19 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=938B2477F90E40AC91DA123EF9A5995B
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=938B2477F90E40AC91DA123EF9A5995B

43 B
180 B

29ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=938B2477F90E40AC91DA123EF9A5995B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=938B2477F90E40AC91DA123EF9A5995B
date: Wed, 19 May 2021 14:25:19 GMT
via: 1.1 google
server: OXGW/16.207.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEEQ8KM-EQCfhFHhxEpyGxko&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=938B2477F90E40AC91DA123EF9A5995B
https://um.simpli.fi/g_match?id=

0
320 B

26ms
24ms

Image
text/plain

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 18 May 2021 14:25:19 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1052707430

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9754e5b876ee518404e8517f2953684f538bcfdaa12c9d4ac58ea84a1ebac22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34315
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 May 2021 14:25:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1052707430&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2746449-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

224e92bae843e2eadb23f44a693db2e034d9aaed4369b607720c9982e6d09cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34342
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 May 2021 14:25:19 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 17ms
16ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 14:25:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=46714
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 48ms
47ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1052707430

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 7512236244504453440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 May 2021 14:25:19 GMT

GET
H/1.1

200
OK

UMRHNEJ4K5BGJHIYYMDOFH.js Show response
s.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/
Redirect Chain

https://d.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%...
https://s.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/UMRHNEJ4K5BGJHIYYMDOFH.js

3 KB
2 KB

6ms
6ms

Script
text/javascript

2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/UMRHNEJ4K5BGJHIYYMDOFH.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92561972af3ce2657fd6cdf205fa3b09f2441983aab63ef57cb7370252dd82b

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BjC.7UCpkTh0dev.mcfqtw8LcgG6IKwJ
Content-Encoding: gzip
ETag: "81e968bbffbea97c43fb67cf5b9303e1"
x-amz-request-id: 6DY5DC29J1PQESYN
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1200
x-amz-id-2: WJAgtBVFUc1N5ySPsF/wIbB6jyeSdwmTPdMKFSyL2uLkOR2d+GrvLLp2HLxsj8hiirnSlMO/MQI=
Last-Modified: Tue, 16 Feb 2021 23:05:57 GMT
Server: AmazonS3
Date: Wed, 19 May 2021 14:25:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *
date: Wed, 19 May 2021 14:25:19 GMT
x-segment-eid: UMRHNEJ4K5BGJHIYYMDOFH
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/UMRHNEJ4K5BGJHIYYMDOFH.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: Visitors to Unsegmented Pages
x-pixel-eid: SETETOF5DRFLHBDVXCRJPC
x-segment-name: *
x-advertisable-eid: HVGJFLP3UFFGVOCJHA63RP
content-length: 0
x-conversion-currency

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1052707430/ 3 KB
1 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1052707430/?random=1621434319805&cv=9&fst=1621434319805&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&tiba=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eae21a14dfac1f179fddfc60e695c0fe09a0262609c56880a1f28f9795add425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1234
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1052707430/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1052707430/?random=1621434319805&cv=9&fst=1621432800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&tiba=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&async=1&fmt=3&is_vtc=1&random=4208217826&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1052707430/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1052707430/?random=1621434319805&cv=9&fst=1621432800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&tiba=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&async=1&fmt=3&is_vtc=1&random=4208217826&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 14ms
14ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&xid_ch=f&pv=12924806026.224588&cookie=&adroll_s_ref=&keyw=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: lbEg/tljaBHmcxV28W7y/+rB9sC01S4dlojRpmvs/+hi1RXM/GHUQiTCuWpiWYQwLXrhJGtrtu66Gh3Vlxaasw==
x-fb-trip-id: 2074150462
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 19 May 2021 14:25:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 11 KB
3 KB 7ms
6ms Script
text/javascript 2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127987300%26_hsmi%3D127987300%26_hsenc%3Dp2ANqtz-9WdAkgjbH7OzoyiZUNLeVqFZZkG5bX4BxLc5Gpnm0Klf1sn-wvjSbHsj6ozVVoX6PWLDEJlZmZFuqm0CiFxWYeu9JNw6K_9wlwmp9Z33B1C0FqCY8&xid_ch=f&pv=12924806026.224588&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 982366f1ad02914ee8f64b7b11ac8a7f9902b6050e10c269b171cd2e51db3dee

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tQK.8O6BVoMHCwgMVNcErQ7MnVG8WEaE
Content-Encoding: gzip
ETag: "5c44da3d0ddeac28ae4c1facdfbfa217"
x-amz-request-id: 984153BGSYVA52D6
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2719
x-amz-id-2: 2v/J9n8eakMgyTGht/4eZljxSF44ohr4jyA2pTi5ypI49y0megy0kx4OO7Ehkthgx2cQGYz54jE=
Last-Modified: Wed, 19 May 2021 13:59:44 GMT
Server: AmazonS3
Date: Wed, 19 May 2021 14:25:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_conte...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
446 B

22ms
6ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_conte...
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZTkzMjM1NzcyZTZkZjg5NjUyMTA4MWI2MGJhMDViYzQ
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTkzMjM1NzcyZTZkZjg5NjUyMTA4MWI2MGJhMDViYzQ

43 B
345 B

23ms
23ms

Image
image/gif

18.195.54.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTkzMjM1NzcyZTZkZjg5NjUyMTA4MWI2MGJhMDViYzQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.54.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTkzMjM1NzcyZTZkZjg5NjUyMTA4MWI2MGJhMDViYzQ
date: Wed, 19 May 2021 14:25:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_conte...
https://ib.adnxs.com/setuid?entity=172&code=ZTkzMjM1NzcyZTZkZjg5NjUyMTA4MWI2MGJhMDViYzQ

43 B
1 KB

25ms
24ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=ZTkzMjM1NzcyZTZkZjg5NjUyMTA4MWI2MGJhMDViYzQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 14:25:19 GMT
X-Proxy-Origin: 212.102.36.146; 212.102.36.146; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.58:80
AN-X-Request-Uuid: cb6a163b-1b67-49f4-b5bc-185ce0f64ec3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=172&code=ZTkzMjM1NzcyZTZkZjg5NjUyMTA4MWI2MGJhMDViYzQ
pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 93
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

451

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_conte...
https://idsync.rlcdn.com/377928.gif?partner_uid=e93235772e6df896521081b60ba05bc4

0
42 B

33ms
33ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=e93235772e6df896521081b60ba05bc4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:25:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/377928.gif?partner_uid=e93235772e6df896521081b60ba05bc4
pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 86
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_conte...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=e93235772e6df896521081b60ba05bc4

43 B
106 B

28ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=e93235772e6df896521081b60ba05bc4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=e93235772e6df896521081b60ba05bc4
pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 87
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=7397f99a5e9c4c8290b25f57686804d8-1621434319778&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote.php%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_conte...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=6TI1dy5t-JZSEIG2C6BbxA
https://d.adroll.com/cm/g/in

42 B
536 B

45ms
45ms

Image
image/gif

54.220.59.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.59.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-59-51.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://my.xcentricmold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Wed, 19 May 2021 14:25:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xcentricmold.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.xcentricmold.com/	1970-01-20 03:45:30	Name: hubspotutk Value: 783b322397ae3327947ee5921bc8fe3f
.xcentricmold.com/	1970-01-19 18:23:56	Name: __hssc Value: 84242054.1.1621434319505
.xcentricmold.com/	1970-01-20 03:45:30	Name: __hstc Value: 84242054.783b322397ae3327947ee5921bc8fe3f.1621434319505.1621434319505.1621434319505.1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.xcentricmold.com/e2t/sc2/MmZ-8yj-0sbW5fVf2m8PGtLPW98s-d55wksh_V65_4L8t3ZXpdBzP8W04(Line 13) Message: toS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10117150.fls.doubleclick.net
aa.agkn.com
ads.yahoo.com
adservice.google.com
api.hubapi.com
api.hubspot.com
assets.adobedtm.com
bat.bing.com
bcp.crwdcntrl.net
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
d.agkn.com
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
info.xcentricmold.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
loadm.exelator.com
my.xcentricmold.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
script.hotjar.com
simplifi.partners.tremorhub.com
snap.licdn.com
stackpath.bootstrapcdn.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
track.gaconnector.com
track.hubspot.com
twin-iq.kickfire.com
um.simpli.fi
us-u.openx.net
use.fontawesome.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.rumiview.com
www.xcentricmold.com
x.bidswitch.net
yjriln3iwl.execute-api.us-east-1.amazonaws.com
108.174.10.14
13.224.95.14
13.224.95.46
13.224.95.74
13.224.95.81
142.250.185.130
143.204.202.107
169.50.137.176
169.50.137.179
169.50.137.190
172.217.16.134
172.217.23.98
18.195.172.136
18.195.54.133
18.198.69.109
185.94.180.125
199.185.0.231
199.232.137.44
199.60.103.228
2001:4de0:ac18::1:a:2b
209.128.119.223
216.52.2.39
23.111.9.35
23.79.143.202
2600:1901:0:8eee::
2600:1f18:612b:4264:262e:5ecd:5178:9f8
2606:4700:10::6816:21b5
2606:4700::6810:135e
2606:4700::6811:44b0
2606:4700::6811:71b0
2606:4700::6811:cbcc
2606:4700::6811:d5cc
2606:4700::6811:efcc
2606:4700::6812:14bf
2606:4700::6812:acf
2606:4700::6813:9b53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9a
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:2b8::1e80
2a02:26f0:6c00::210:baab
2a03:2880:f045:10:face:b00c:0:3
2a04:4e42:1b::621
34.197.34.29
34.205.51.230
34.98.64.218
35.227.248.159
35.244.174.68
37.252.172.38
52.48.137.92
52.56.111.113
54.220.59.51
69.16.192.79
69.173.144.138
056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c105bd80cead6e558f7767a26457c0a031384fa4348787c7611e6004cab7fd0
0dfaf3831bf0dc1d82ceb28545afb555ee1fcc71ce40ca70e54aa3d960cbd4d6
11ba9ed4c5e901324ceeca0ebc8d4cd4f074159c97c1055eeb5c8213dbaad7c4
1216c4816813f463350121f60b0f0d273ac5348cc9c7f0bb328749dc837fb954
13d40fd2c71c7a45298b0dbb1afdb0c0143de83f6619625eb22950f500627764
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
1b895a080d3275d85eb3b61bce127f331efb4fa417f06c4c7ef2170984191e9b
224e92bae843e2eadb23f44a693db2e034d9aaed4369b607720c9982e6d09cf1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e2ac7d89f1c7209c165c2b082ff21e69ae4e572c85bcbaf5032d2475d0cb7de
2ead3485b4907f1f177c0f9f0dcce861401b01b0c31a590ee4de645fdba10f06
2eb0576b8242d1af9c686479e912f199022b4eb97440bb7e557725d864fb437f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3122ef66ff9e6b4de9cfaeb484881af52bded234f8bed33643f515e68f33ceff
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299
325fe3b5a9d659efe33a7c3b6efd4a361bf4823895d49f81bf9aaa893f6b35a7
34da68f0c68e9bb39a158890b2e5d92609c644244318a0a3b3210884608ff0cf
386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036
3b196417f94a41b0fe7ee471c3f47549da9fbb778b2eec25b435f14e49716b58
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
4fbf1bfa27a5eb1421fd91b08d3c7e7fa1854582d3fdb1b9ca57bd0290f79e18
506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4
5310396b2c75064cc2d201930de5e4553f8ecee6b12dd5f588e58a905989b304
539e15791a15a8fc597095354306dc229c1fd1b0270f3135a674b3e1f3421805
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f0c4a81ee2f3e6a0266117fa56ac989ed6ac71a824ec2a3a2fe78509ba039b
5789c10147e1c2f98d13a90e691b49540e94f3ab314594beeeddbb51f17cc8d0
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5aa5664e8f4b3930099bde87b1dfa0a122f12cc98ca2b541b315f03e48f90c21
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5b9a7539ab9fb15ff60587736783a44002eba0ac372129f8190582ec2182d1f1
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be
662c1691cb14259f9025be818b1e243b3f9ad3631c0973b727b6807915b55a71
6814f277da0aadf11f156f72dd16e194c30ce034e3c5ee85e2303bd4314750a7
70b6c4af67b324cebae064a53a2e662ee4168295bc8c3c91036598d7bd6c7e80
7944400c467fbe25387f66c69e72ebcd43998f9248aa1463ad9f2e3b1b01956c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b2305414c9bf43fa92261bef6e29c905907a74dac72bd4db0bc7c0564c2a1cf
7bb4ff40618ead503819d1161658ec1da99167cd0d4dbb9584bd2236f240129c
818fb9da7d59e3f1710553cd401a617e0a44a3d65653a5532965c249898f7460
81bdae18fbd87f036bf0eb41b79eb8c29ed940b557f2bc27a8923ca3bcf7a850
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88e30c6482762921accebf555b8468cefb43a545e3365981ea6a53cc9a95dc72
9754e5b876ee518404e8517f2953684f538bcfdaa12c9d4ac58ea84a1ebac22c
982366f1ad02914ee8f64b7b11ac8a7f9902b6050e10c269b171cd2e51db3dee
9a211dc743c4b96e0a9aa983afac1cee4c29966f5a50586b26d023f1893d8ec4
9d271330d5211ccc08eaa45a14eecf7639b11adef90127e3807c3357ba764467
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14de730c9ef0042af2d62f509232c21d50c26f3f15b37c13245775c8b66fddf
a2839b46c20c66edda55dd2a9afdaba6116e89e82ff3ba4f063eff1718bd251c
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
ace514a772b5329fd47921d1b51dc15e135ddb0e875ec23e5e6e4353074fa8a8
adf240027035099f32767a6099eb4c9b5de0e0a91befdec3ec0a7b4e463d1c5c
b4013879faa4198826074d21f09ff1c414a1646d4281ef7a71d9581cc13e5545
b4236ee2bb45d537519d85737b4ae332cf8182a36686144e110ef6d18b702659
b632b5f4d8ed2f2cc98c3b520e3de4fd34c3077dd7299192c573267ec319acfa
bb69546ce0ce193c0ace2243e3527d1cecab8bd81932f194f66625ffb9c951bb
bd1d14a92a8831b1f6e34a51690dae7fe6ffb875701a19a5d4f979409b672690
c0ad438be933312363a10b5de50018c8f1a398b833857c217b00eeac9f562cd2
c5da64f1d0c705b7da038b311e984e6c81b35a48836e7034d97a15d3a48ef6a3
cd36a140799c0addac5cb2b2787a416d0af8769790b0be7d303898c4416fd800
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d56578760cd77e5a75b0b96fa67d3ff7fae09959c2e44adf892f0d6eaf23ce95
d630bbe7973e178d37c77da1a8252d1599867b390fc2b9d4dab35ea93e48c61e
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d92561972af3ce2657fd6cdf205fa3b09f2441983aab63ef57cb7370252dd82b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd213e433d91bc86b980e1d2352e743144d3cd100e611100e7e0ce98c3453d89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e77b8f6ef1c7997655ae2f3fad1300d3fcf663d8a6fbb7eb28a78e4432fda540
eae21a14dfac1f179fddfc60e695c0fe09a0262609c56880a1f28f9795add425
ed6ec57ad1150f2db996101a4d46881cf80edbde731683fff1824aff5e26a618
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7ce5504d79b0b75e6b0966df89777730d09839d1795c2a9f40240f7d64459af

my.xcentricmold.com Open in urlscan Pro 2606:4700:10::6816:21b5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

100 %HTTPS

47 %IPv6

50 Domains

65 Subdomains

58 IPs

6 Countries

2092 kBTransfer

6849 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

my.xcentricmold.com Open in urlscan Pro
2606:4700:10::6816:21b5 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

100 %
HTTPS

47 %
IPv6

50
Domains

65
Subdomains

58
IPs

6
Countries

2092 kB
Transfer

6849 kB
Size

4
Cookies

122 HTTP transactions
0 data transactions