urlscan.io logo urlscan.io
SecurityTrails logo

mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com Open in urlscan Pro
66.231.91.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.em.farmersgroupselect.com/?qs=ca3bda0b0d59a4e75f1b53bafaee37e483eb0644022c1b3e30e302a137ecb826811684dacdbdf4d0a983ddcc48e5...
Effective URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84....
Submission: On February 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 52 HTTP transactions. The main IP is 66.231.91.26, located in United States and belongs to SALESFORCE, US. The main domain is mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 1st 2023. Valid for: a year.
This is the only time mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    13.111.210.234 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.em.farmersgroupselect.com
click.em.farmersgroupselect.com
1    66.231.91.36 (United States)

ASN14340 (SALESFORCE, US)
pub.s1.exacttarget.com
2    66.231.91.26 (United States)

ASN14340 (SALESFORCE, US)
mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
2    104.126.37.144 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-144.deploy.static.akamaitechnologies.com
www.farmers.com
2    34.230.234.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-234-159.compute-1.amazonaws.com
10969108.collect.igodigital.com
nova.collect.igodigital.com
7    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    108.138.32.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-75.muc50.r.cloudfront.net
c.amazon-adsystem.com
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
4482121.fls.doubleclick.net
1    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
pt.ispot.tv
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
9 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 86
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
4482121.fls.doubleclick.net — Cisco Umbrella Rank: 173767
ad.doubleclick.net — Cisco Umbrella Rank: 154
12 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 100
1 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
587 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 6575
818 B
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 373
14 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 303
s.amazon-adsystem.com — Cisco Umbrella Rank: 325
5 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
69 KB
2 igodigital.com
10969108.collect.igodigital.com — Cisco Umbrella Rank: 360758
nova.collect.igodigital.com — Cisco Umbrella Rank: 6833
3 KB
2 farmers.com
www.farmers.com — Cisco Umbrella Rank: 131686
2 sfmc-content.com
mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
4 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 103
185 B
1 ispot.tv
pt.ispot.tv — Cisco Umbrella Rank: 2588
315 B
1 exacttarget.com
pub.s1.exacttarget.com
366 B
1 farmersgroupselect.com
click.em.farmersgroupselect.com
327 B
52 15
Domain Requested by
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
7 www.googletagmanager.com mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
www.googletagmanager.com
6 www.google.de mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
6 www.google.com mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
5 bat.bing.com mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
bat.bing.com
5 googleads.g.doubleclick.net www.googletagmanager.com
2 s.amazon-adsystem.com 1 redirects
2 4482121.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.farmers.com mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
2 mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
1 www.facebook.com mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
1 ad.doubleclick.net 4482121.fls.doubleclick.net
1 adservice.google.com 4482121.fls.doubleclick.net
1 pt.ispot.tv mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
1 c.amazon-adsystem.com www.googletagmanager.com
1 nova.collect.igodigital.com mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
1 stats.g.doubleclick.net www.google-analytics.com
1 10969108.collect.igodigital.com mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
1 pub.s1.exacttarget.com 1 redirects
1 click.em.farmersgroupselect.com 1 redirects
52 21

This site contains no links.

Subject Issuer Validity Valid
*.pub.sfmc-content.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-01 -
2024-05-01		 a year crt.sh
www.farmers.com
DigiCert EV RSA CA G2		 2023-12-21 -
2024-12-20		 a year crt.sh
*.collect.igodigital.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-02 -
2024-03-01		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.ispot.tv
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Frame ID: B3969E0265D5EB920B46B464F199DBAC
Requests: 49 HTTP requests in this frame

Frame: https://4482121.fls.doubleclick.net/activityi;dc_pre=CNO1g8DZwYQDFaFgHgIdUIMLEA;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1
Frame ID: A9ACF489B567F4F7C0C78A5E40B3F726
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.em.farmersgroupselect.com/?qs=ca3bda0b0d59a4e75f1b53bafaee37e483eb0644022c1b3e30e302a137ecb826811684da... HTTP 302
    https://pub.s1.exacttarget.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC... HTTP 301
    https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

52
Requests

98 %
HTTPS

50 %
IPv6

15
Domains

21
Subdomains

18
IPs

3
Countries

717 kB
Transfer

2276 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.em.farmersgroupselect.com/?qs=ca3bda0b0d59a4e75f1b53bafaee37e483eb0644022c1b3e30e302a137ecb826811684dacdbdf4d0a983ddcc48e56557465b1cf7597e2331 HTTP 302
    https://pub.s1.exacttarget.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158 HTTP 301
    https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://4482121.fls.doubleclick.net/activityi;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1 HTTP 302
  • https://4482121.fls.doubleclick.net/activityi;dc_pre=CNO1g8DZwYQDFaFgHgIdUIMLEA;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1
Request Chain 23
  • https://s.amazon-adsystem.com/iu3?pid=304e88ae-c43e-4715-a84d-61b51c4caed9&event=PageView&gtmVersion=3.3&ts=1708699454307 HTTP 302
  • https://s.amazon-adsystem.com/iu3?pid=304e88ae-c43e-4715-a84d-61b51c4caed9&event=PageView&gtmVersion=3.3&ts=1708699454307&dcc=t

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ijislf0ocwc
mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/
Redirect Chain
  • https://click.em.farmersgroupselect.com/?qs=ca3bda0b0d59a4e75f1b53bafaee37e483eb0644022c1b3e30e302a137ecb826811684dacdbdf4d0a983ddcc48e56557465b1cf7597e2331
  • https://pub.s1.exacttarget.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
  • https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.231.91.26 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
Software
/
Resource Hash
8ca03587db4e3a5fc09c6eba330453d93be84480a6ff1b8ff619f5732226f3ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Length
3467
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Feb 2024 14:44:13 GMT
Expires
-1
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
close
Content-Length
304
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Feb 2024 14:44:12 GMT
Location
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Farmers_Logo.jpg
www.farmers.com/content/dam/farmers/marketing/digital/ccm_email_assets/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farmers.com/content/dam/farmers/marketing/digital/ccm_email_assets/Farmers_Logo.jpg
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers
Save_button.png
www.farmers.com/content/dam/farmers/marketing/digital/ccm_email_assets/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farmers.com/content/dam/farmers/marketing/digital/ccm_email_assets/Save_button.png
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers
collect.js
10969108.collect.igodigital.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://10969108.collect.igodigital.com/collect.js
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.234.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-234-159.compute-1.amazonaws.com
Software
/
Resource Hash
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
gzip
last-modified
Thu, 22 Feb 2024 12:01:57 GMT
vary
Accept-Encoding
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		426 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJ8XW6
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9877923ab9f55cefb42601cb31100dac3581b5ee47743894af12e98c6fcf198a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 14:44:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112038
x-xss-protection
0
last-modified
Fri, 23 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Feb 2024 14:44:13 GMT
_t
mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc/ 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc/_t?eventType=CLOUDPAGESVISIT
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.231.91.26 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
Software
/
Resource Hash
7a3829ab689107132e51a31a407eca7a4ecb7050d6b9ee83137b6b142c931a73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Fri, 23 Feb 2024 14:44:13 GMT
Cache-Control
private
Connection
close
Content-Length
35
Content-Type
text/html
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ8XW6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Feb 2024 13:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3364
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 23 Feb 2024 15:48:09 GMT
collect
www.google-analytics.com/j/ 		3 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1669267791&t=pageview&_s=1&dl=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&dp=%2Frizd1tz4023%2Fijislf0ocwc&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=1769516955&gjid=898460962&cid=582782252.1708699454&tid=UA-42992352-1&_gid=1775257782.1708699454&_slc=1&gtm=45He42l0n71WJ8XW6v6194669za200&cd43=%3FEmailAddress%3DREDACTED%26EmailName%3DREDACTED%26JobId%3D1121158&cd82=0.1521242048134217_1708699453898&cd101=null&cd102=null&cd103=null&cd104=null&cd105=null&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=828040325
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42992352-1&cid=582782252.1708699454&jid=1769516955&gjid=898460962&_gid=1775257782.1708699454&_u=YGBAiEABBAAAAGAAI~&z=1524403724
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 23 Feb 2024 14:44:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42992352-1&cid=582782252.1708699454&jid=1769516955&_u=YGBAiEABBAAAAGAAI~&z=309746682
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42992352-1&cid=582782252.1708699454&jid=1769516955&_u=YGBAiEABBAAAAGAAI~&z=309746682
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track_page_view
nova.collect.igodigital.com/c2/10969108/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/10969108/track_page_view?payload=%7B%22title%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158%22%2C%22referrer%22%3A%22%22%7D
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.234.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-234-159.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

x-runtime
0.001590
date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
x-xss-protection
1; mode=block
x-request-id
7b06f10c-cbf1-4682-997f-7174ba75ed60
gtm.js
www.googletagmanager.com/ 		409 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W2ZTCM
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1d0b940ec1a1905fa3f7223f2a5b5d24bbbcf01773de6e985e766e9d1675b46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108390
x-xss-protection
0
last-modified
Fri, 23 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Feb 2024 14:44:14 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/842971997/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842971997/?random=1708699454195&cv=11&fst=1708699454195&bg=ffffff&guid=ON&async=1&gtm=45He42l0v6305878za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1423068553.1708699454&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2ZTCM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fcde577ec54e5e278ed23e3b81a8376382f1671f519f747378e108495feec8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1378
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2ZTCM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 23 Feb 2024 14:44:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
KEFGB1BekxCMMxD9f4LXqggK9rZnY/MVOlS9A+6tNGNvRUBzelvorEUaXnqC4Of+GCDxMGPtm2KFJCRnYZigPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
amzn.js
c.amazon-adsystem.com/aat/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aat/amzn.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2ZTCM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cb35082d6a802080d0ea55089bad34f3d5036578e97e492d9f3f90c6efb2bfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

x-amz-version-id
myKIKSHhuxUOe6Ir_Cr9kO4xtQA.QTNp
content-encoding
gzip
via
1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront), 1.1 a79cccd642ddc0038c3b0c4a9e7fcd6c.cloudfront.net (CloudFront)
date
Thu, 22 Feb 2024 17:46:17 GMT
last-modified
Mon, 19 Feb 2024 17:40:50 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2, MUC50-P2
x-amz-server-side-encryption
AES256
etag
W/"44af3ccb30636a57bb1b7a9c1abd75ef"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
kGqgcqqWdJil4Dz7kpG-v1wJ2gJVVZnl1fopScuqNtHR56vJ0BURGA==
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45396b8359112c614d4aab3fcb716deaabc47e477078f675d7bf69f5791c8f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 23 Feb 2024 14:44:14 GMT
last-modified
Thu, 22 Feb 2024 21:00:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3623F3D069C349E2BB8B69378C8AEFEF Ref B: FRA31EDGE0213 Ref C: 2024-02-23T14:44:14Z
etag
"0adee36d265da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13197
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10987180
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2ZTCM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
323505ced2f3fd8ae88ca951e384368fb2d0bcee3be77b49cf7a0b8c435a0509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70061
x-xss-protection
0
last-modified
Fri, 23 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Feb 2024 14:44:14 GMT
activityi;dc_pre=CNO1g8DZwYQDFaFgHgIdUIMLEA;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1
4482121.fls.doubleclick.net/ Frame A9AC
Redirect Chain
  • https://4482121.fls.doubleclick.net/activityi;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1?
  • https://4482121.fls.doubleclick.net/activityi;dc_pre=CNO1g8DZwYQDFaFgHgIdUIMLEA;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4482121.fls.doubleclick.net/activityi;dc_pre=CNO1g8DZwYQDFaFgHgIdUIMLEA;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2ZTCM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
f04d7a7e499c3246c3694eb6ba17deebdf047d80e9364991b39380647ee5c2a2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
854
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Feb 2024 14:44:14 GMT
expires
Fri, 23 Feb 2024 14:44:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Feb 2024 14:44:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4482121.fls.doubleclick.net/activityi;dc_pre=CNO1g8DZwYQDFaFgHgIdUIMLEA;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
TC-4257-2.gif
pt.ispot.tv/v2/ 		43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pt.ispot.tv/v2/TC-4257-2.gif?app=web&type=visit
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
43
expires
0
js
www.googletagmanager.com/gtag/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-684072587&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ8XW6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e8972ebf7e61e92e53fff03e3a02d4048e2856b384ffa9931f6a37fc94bb1aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77792
x-xss-protection
0
last-modified
Fri, 23 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Feb 2024 14:44:14 GMT
js
www.googletagmanager.com/gtag/ 		207 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-753446219&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ8XW6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
453ef39dccc8cd13b1be9350724a619d25f7c419305c5cb5348c48531f1460cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76612
x-xss-protection
0
last-modified
Fri, 23 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Feb 2024 14:44:14 GMT
js
www.googletagmanager.com/gtag/ 		214 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-753465663&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ8XW6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d41e67f745d407ac1cfa49b4996bdc157fc6a7fb9ec7de2423741975d4d28fba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78099
x-xss-protection
0
last-modified
Fri, 23 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Feb 2024 14:44:14 GMT
js
www.googletagmanager.com/gtag/ 		209 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-870787566&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ8XW6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b2d36e4bfe1582272b5400d98b44f9d62786127e63939da46f4d5199201337b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77504
x-xss-protection
0
last-modified
Fri, 23 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Feb 2024 14:44:14 GMT
iu3
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?pid=304e88ae-c43e-4715-a84d-61b51c4caed9&event=PageView&gtmVersion=3.3&ts=1708699454307
  • https://s.amazon-adsystem.com/iu3?pid=304e88ae-c43e-4715-a84d-61b51c4caed9&event=PageView&gtmVersion=3.3&ts=1708699454307&dcc=t
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?pid=304e88ae-c43e-4715-a84d-61b51c4caed9&event=PageView&gtmVersion=3.3&ts=1708699454307&dcc=t
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 23 Feb 2024 14:44:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4EKPRRYP7XB4WW118E0J
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?pid=304e88ae-c43e-4715-a84d-61b51c4caed9&event=PageView&gtmVersion=3.3&ts=1708699454307&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/842971997/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/842971997/?random=1708699454195&cv=11&fst=1708696800000&bg=ffffff&guid=ON&async=1&gtm=45He42l0v6305878za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&frm=0&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_xp6LQW7pCCrr3LK69IbMfMtafNe-cw&random=3099899556&rmt_tld=0&ipr=y
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/842971997/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/842971997/?random=1708699454195&cv=11&fst=1708696800000&bg=ffffff&guid=ON&async=1&gtm=45He42l0v6305878za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&frm=0&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_xp6LQW7pCCrr3LK69IbMfMtafNe-cw&random=3099899556&rmt_tld=1&ipr=y
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
583975030273065
connect.facebook.net/signals/config/ 		53 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/583975030273065?v=2.9.147&r=stable&domain=mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1769166f71178c3022e46ba0d152b559bb0dcb861d31d57b36d0521eaeabaa13
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 23 Feb 2024 14:44:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
1uSPFlTzGpoZ+UIqmaVI0UhBy2OSFZgMSwVzNLKjFMjVCoQz5uzN3p90gq2hKXaH5P9j7HNJErAmqe9NeruhUg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
135000010.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/135000010.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 23 Feb 2024 14:44:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 42917AD587164A3AB487D70088D00F7D Ref B: FRA31EDGE0213 Ref C: 2024-02-23T14:44:14Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=135000010&Ver=2&mid=cb08f589-e31d-402b-a1ad-66729fa6e253&sid=038ccac0d25a11eeab5fafe97f67f431&vid=038d0570d25a11ee8fd2bb1dd21ca2f7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&r=&lt=3049&evt=pageLoad&sv=1&rn=806773
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 23 Feb 2024 14:44:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 65801ACE4FDB47519243DAA09563F0C1 Ref B: FRA31EDGE0213 Ref C: 2024-02-23T14:44:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
5714859.js
bat.bing.com/p/action/ 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5714859.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 23 Feb 2024 14:44:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2C9B6BDAAF0449D096F93C6306EB9896 Ref B: FRA31EDGE0213 Ref C: 2024-02-23T14:44:14Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5714859&Ver=2&mid=fa8bd9bf-e81c-46f4-a9b7-c9204baf818d&sid=038ccac0d25a11eeab5fafe97f67f431&vid=038d0570d25a11ee8fd2bb1dd21ca2f7&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&r=&lt=3049&evt=pageLoad&sv=1&rn=759576
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 23 Feb 2024 14:44:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DAA1AF383B3E4B9EBDDC274DA5300D8F Ref B: FRA31EDGE0213 Ref C: 2024-02-23T14:44:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/753465663/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/753465663/?random=1708699454371&cv=11&fst=1708699454371&bg=ffffff&guid=ON&async=1&gtm=45be42l0v9162021293za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1423068553.1708699454&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-753465663&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21140aa4b147756bc0e37cd41246a051930a773977f049bf5ba33d5be5fb4abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1415
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/870787566/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/870787566/?random=1708699454387&cv=11&fst=1708699454387&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1423068553.1708699454&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-870787566&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2616d84d8dabedb6a1e70485d72738ba7b3c874cd213ae3e72fbf8ef131b6b23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1408
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/753446219/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/753446219/?random=1708699454398&cv=11&fst=1708699454398&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1423068553.1708699454&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-753446219&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d30d1db0efc7d0bd4795321decfb33dc2a3a4790969f3fa77dcde387c5646198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1403
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/684072587/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/684072587/?random=1708699454410&cv=11&fst=1708699454410&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1423068553.1708699454&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-684072587&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbbfbc38a2963cd379b300fd8a2301a0663c3ae95c389a5e7391ab7016090ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1406
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CNO1g8DZwYQDFaFgHgIdUIMLEA;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1
adservice.google.com/ddm/fls/z/ Frame A9AC 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNO1g8DZwYQDFaFgHgIdUIMLEA;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1
Requested by
Host: 4482121.fls.doubleclick.net
URL: https://4482121.fls.doubleclick.net/activityi;dc_pre=CNO1g8DZwYQDFaFgHgIdUIMLEA;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4482121.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDQ0ODIxMjEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3NmbWMtY29udGVudC5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVn...
ad.doubleclick.net/ddm/activity/ Frame A9AC 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDQ0ODIxMjEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3NmbWMtY29udGVudC5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVnX2tleTogMzY5MTEzNjQzMzgzMDU3NDA3MgpjdGNfY29udmVyc2lvbl9idWNrZXQ6IDEKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMjg5MDIwOQogIH0KfQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9DT05WRVJTSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0yMyIKICB9Cn0KYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDU3MDQyNTM0NApnY2xpZDogIiIKdHJpZ2dlcl9kZWR1cGxpY2F0aW9uX2tleTogMTM4NDY3NTU4NTk4MDM5MTQwOTUK
Requested by
Host: 4482121.fls.doubleclick.net
URL: https://4482121.fls.doubleclick.net/activityi;dc_pre=CNO1g8DZwYQDFaFgHgIdUIMLEA;src=4482121;type=segme0;cat=segme0;match_id=undefined;u3=[url];u11=[kasyap1];u12=[kasyap2];u13=[kasyap3];u14=[kasyap4];u15=[kasyap5];ord=1?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4482121.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"13846755859803914095"}],"aggregatable_trigger_data":[{"filters":{"14":["12890209"]},"key_piece":"0xac5b62b47b0d2567","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x3abadf87809b90e9","not_filters":{"14":["12890209"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["12890209"]},"key_piece":"0xd7c38f34cbc95eb0","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x10a5dbe0f8a76412","not_filters":{"14":["12890209"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"3691136433830574072","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"13846755859803914095","filters":{"14":["12890209"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"13846755859803914095","filters":{"14":["12890209"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"13846755859803914095","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"13846755859803914095","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["4482121"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=583975030273065&ev=PageView&dl=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com&rl=&if=false&ts=1708699454467&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1708699454466.657993693&pm=1&hrl=374237&ler=empty&cdl=API_unavailable&it=1708699454341&coo=false&tm=1&cs_cc=1&exp=e1&rqm=GET
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 23 Feb 2024 14:44:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/753465663/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/753465663/?random=1708699454371&cv=11&fst=1708696800000&bg=ffffff&guid=ON&async=1&gtm=45be42l0v9162021293za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf__hCzLUDvX06bPZxKUQNS9U01jkS4kVJ24NuGf2EQpBMI_rsP&random=1217985614&rmt_tld=0&ipr=y
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/753465663/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/753465663/?random=1708699454371&cv=11&fst=1708696800000&bg=ffffff&guid=ON&async=1&gtm=45be42l0v9162021293za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf__hCzLUDvX06bPZxKUQNS9U01jkS4kVJ24NuGf2EQpBMI_rsP&random=1217985614&rmt_tld=1&ipr=y
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/753446219/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/753446219/?random=1708699454398&cv=11&fst=1708696800000&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_1ZQ4p2ZefwV24aJqwUqX7K42wx5O2B8cpnSMSxavpGeKDbJw&random=1209931111&rmt_tld=0&ipr=y
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/753446219/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/753446219/?random=1708699454398&cv=11&fst=1708696800000&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_1ZQ4p2ZefwV24aJqwUqX7K42wx5O2B8cpnSMSxavpGeKDbJw&random=1209931111&rmt_tld=1&ipr=y
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/870787566/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/870787566/?random=1708699454387&cv=11&fst=1708696800000&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_I77jqTWitbgxpeqh7Oq835WCLKb9CpjnRJsJtNNghEB3RPGB&random=3779338556&rmt_tld=0&ipr=y
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/870787566/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/870787566/?random=1708699454387&cv=11&fst=1708696800000&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_I77jqTWitbgxpeqh7Oq835WCLKb9CpjnRJsJtNNghEB3RPGB&random=3779338556&rmt_tld=1&ipr=y
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/684072587/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/684072587/?random=1708699454410&cv=11&fst=1708696800000&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_OJtija9YQHgDodT54cL39KqBerID7pULqYfN3W4mJONsja1U&random=806723592&rmt_tld=0&ipr=y
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/684072587/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/684072587/?random=1708699454410&cv=11&fst=1708696800000&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_OJtija9YQHgDodT54cL39KqBerID7pULqYfN3W4mJONsja1U&random=806723592&rmt_tld=1&ipr=y
Requested by
Host: mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2024 14:44:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1669267791&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&dp=%2Frizd1tz4023%2Fijislf0ocwc&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Identifier&ea=GA%20Visitor%20ID&_u=aHDAiEABBAAAAGAAI~&jid=&gjid=&cid=582782252.1708699454&tid=UA-42992352-1&_gid=1775257782.1708699454&gtm=45He42l0n71WJ8XW6v6194669za200&cd43=%3FEmailAddress%3DREDACTED%26EmailName%3DREDACTED%26JobId%3D1121158&cd82=0.1521242048134217_1708699453898&cd101=null&cd102=null&cd103=null&cd104=null&cd105=null&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd5=582782252.1708699454&z=1863981687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Feb 2024 19:52:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1669267791&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&dp=%2Frizd1tz4023%2Fijislf0ocwc&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=F.com&ea=Scrolled&el=25%25&_u=aHDAiEABBAAAAGAAI~&jid=&gjid=&cid=582782252.1708699454&tid=UA-42992352-1&_gid=1775257782.1708699454&gtm=45He42l0n71WJ8XW6v6194669za200&cd43=%3FEmailAddress%3DREDACTED%26EmailName%3DREDACTED%26JobId%3D1121158&cd82=0.1521242048134217_1708699453898&cd101=null&cd102=null&cd103=null&cd104=null&cd105=null&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=752209722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Feb 2024 19:52:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1669267791&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&dp=%2Frizd1tz4023%2Fijislf0ocwc&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=F.com&ea=Scrolled&el=50%25&_u=aHDAiEABBAAAAGAAI~&jid=&gjid=&cid=582782252.1708699454&tid=UA-42992352-1&_gid=1775257782.1708699454&gtm=45He42l0n71WJ8XW6v6194669za200&cd43=%3FEmailAddress%3DREDACTED%26EmailName%3DREDACTED%26JobId%3D1121158&cd82=0.1521242048134217_1708699453898&cd101=null&cd102=null&cd103=null&cd104=null&cd105=null&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=763171399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Feb 2024 19:52:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1669267791&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&dp=%2Frizd1tz4023%2Fijislf0ocwc&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=F.com&ea=Scrolled&el=75%25&_u=aHDAiEABBAAAAGAAI~&jid=&gjid=&cid=582782252.1708699454&tid=UA-42992352-1&_gid=1775257782.1708699454&gtm=45He42l0n71WJ8XW6v6194669za200&cd43=%3FEmailAddress%3DREDACTED%26EmailName%3DREDACTED%26JobId%3D1121158&cd82=0.1521242048134217_1708699453898&cd101=null&cd102=null&cd103=null&cd104=null&cd105=null&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1523094221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Feb 2024 19:52:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1669267791&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158&dp=%2Frizd1tz4023%2Fijislf0ocwc&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=F.com&ea=Scrolled&el=100%25&_u=aHDAiEABBAAAAGAAI~&jid=&gjid=&cid=582782252.1708699454&tid=UA-42992352-1&_gid=1775257782.1708699454&gtm=45He42l0n71WJ8XW6v6194669za200&cd43=%3FEmailAddress%3DREDACTED%26EmailName%3DREDACTED%26JobId%3D1121158&cd82=0.1521242048134217_1708699453898&cd101=null&cd102=null&cd103=null&cd104=null&cd105=null&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=240581832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Feb 2024 19:52:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| TogglePreference function| ToggleAllPreference object| checkArray object| prefArray object| loadArray function| DTMFunction object| google_tag_manager object| google_tag_data object| _uxa string| GoogleAnalyticsObject function| ga function| dlPush object| els object| gaplugins object| gaGlobal object| gaData object| _etmc object| _etmc_temp string| func_name object| args string| collect_url object| GooglebQhCsO function| fbq function| _fbq object| _fbq_gtm_ids function| amzn object| uetq object| uetqfws function| gtag function| renewToken function| updateToken function| deleteToken function| UET function| UET_init function| UET_push object| ueto_268b3eae54 object| ueto_4c2478a2b5

15 Cookies

Domain/Path Name / Value
.sfmc-content.com/ Name: _cs_mk
Value: 0.1521242048134217_1708699453898
.sfmc-content.com/ Name: _ga
Value: GA1.2.582782252.1708699454
.sfmc-content.com/ Name: _gid
Value: GA1.2.1775257782.1708699454
.sfmc-content.com/ Name: _dc_gtm_UA-42992352-1
Value: 1
.sfmc-content.com/ Name: _gcl_au
Value: 1.1.1423068553.1708699454
.ispot.tv/ Name: pt
Value: v2:13e4de9f745fe0e020748b6c1c5f37b7997f32de4d33193919185accbf85cd7f|c67a78818db5a9342a757eecf2002559ed7608a90bcef464bc9977dc41cb4972
.sfmc-content.com/ Name: _uetsid
Value: 038ccac0d25a11eeab5fafe97f67f431
.sfmc-content.com/ Name: _uetvid
Value: 038d0570d25a11ee8fd2bb1dd21ca2f7
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.sfmc-content.com/ Name: _fbp
Value: fb.1.1708699454466.657993693
.doubleclick.net/ Name: IDE
Value: AHWqTUk9OPuVSUXRoymiZTAZFD2E-2Q5AHfCLhQsZ5DB8gH-91px-gwUSKA63P2p
.bing.com/ Name: MUID
Value: 35BB309C967161173DB724B297FA6009
.doubleclick.net/ Name: ar_debug
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: AzivhQ2MLkBfqf7ZNzuxWXc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

30 Console Messages

Source Level URL
Text
network error URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc/_t?eventType=CLOUDPAGESVISIT
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://www.farmers.com/content/dam/farmers/marketing/digital/ccm_email_assets/Farmers_Logo.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.farmers.com/content/dam/farmers/marketing/digital/ccm_email_assets/Save_button.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nova.collect.igodigital.com/c2/10969108/track_page_view?payload=%7B%22title%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fmcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com%2Frizd1tz4023%2Fijislf0ocwc%3FEmailAddress%3DJimmy.Thigpen%408451.com%26EmailName%3DEMP_SC_PROGFORU_FS_EM1_84.51_20240220%26JobId%3D1121158%22%2C%22referrer%22%3A%22%22%7D
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/583975030273065?v=2.9.147&r=stable&domain=mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 85)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com/rizd1tz4023/ijislf0ocwc?EmailAddress=Jimmy.Thigpen@8451.com&EmailName=EMP_SC_PROGFORU_FS_EM1_84.51_20240220&JobId=1121158
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10969108.collect.igodigital.com
4482121.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
bat.bing.com
c.amazon-adsystem.com
click.em.farmersgroupselect.com
connect.facebook.net
googleads.g.doubleclick.net
mcw1lpytz5p9fm0cpjpfjr8q-r70.pub.sfmc-content.com
nova.collect.igodigital.com
pt.ispot.tv
pub.s1.exacttarget.com
s.amazon-adsystem.com
stats.g.doubleclick.net
www.facebook.com
www.farmers.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.126.37.144
108.138.32.75
13.111.210.234
142.250.185.102
142.250.186.70
151.101.2.132
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c1d::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.230.234.159
52.46.128.147
66.231.91.26
66.231.91.36
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0fcde577ec54e5e278ed23e3b81a8376382f1671f519f747378e108495feec8e
1769166f71178c3022e46ba0d152b559bb0dcb861d31d57b36d0521eaeabaa13
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21140aa4b147756bc0e37cd41246a051930a773977f049bf5ba33d5be5fb4abc
2616d84d8dabedb6a1e70485d72738ba7b3c874cd213ae3e72fbf8ef131b6b23
323505ced2f3fd8ae88ca951e384368fb2d0bcee3be77b49cf7a0b8c435a0509
3b2d36e4bfe1582272b5400d98b44f9d62786127e63939da46f4d5199201337b
3e8972ebf7e61e92e53fff03e3a02d4048e2856b384ffa9931f6a37fc94bb1aa
45396b8359112c614d4aab3fcb716deaabc47e477078f675d7bf69f5791c8f53
453ef39dccc8cd13b1be9350724a619d25f7c419305c5cb5348c48531f1460cb
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
7a3829ab689107132e51a31a407eca7a4ecb7050d6b9ee83137b6b142c931a73
7cb35082d6a802080d0ea55089bad34f3d5036578e97e492d9f3f90c6efb2bfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ca03587db4e3a5fc09c6eba330453d93be84480a6ff1b8ff619f5732226f3ab
9877923ab9f55cefb42601cb31100dac3581b5ee47743894af12e98c6fcf198a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
b1d0b940ec1a1905fa3f7223f2a5b5d24bbbcf01773de6e985e766e9d1675b46
d30d1db0efc7d0bd4795321decfb33dc2a3a4790969f3fa77dcde387c5646198
d41e67f745d407ac1cfa49b4996bdc157fc6a7fb9ec7de2423741975d4d28fba
dbbfbc38a2963cd379b300fd8a2301a0663c3ae95c389a5e7391ab7016090ca9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04d7a7e499c3246c3694eb6ba17deebdf047d80e9364991b39380647ee5c2a2