express-simple.com Open in urlscan Pro
2606:4700:20::681a:cd8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.hibid.com/u/click?_t=4827b48020284910967230e053dcd587&_m=a080350031014a6c9e4cbdf82f7ba727&_e=ji_J9...
Effective URL:
https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iter...
Submission: On January 30 via manual (January 30th 2023, 5:07:54 pm UTC) from FR — Scanned from FR

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 12 domains to perform 38 HTTP transactions. The main IP is 2606:4700:20::681a:cd8, located in United States and belongs to CLOUDFLARENET, US. The main domain is express-simple.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2022. Valid for: a year.

This is the only time express-simple.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.3.41 104.18.3.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:20:... 2606:4700:20::681a:cd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	65.9.66.20 65.9.66.20	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a02:26f0:11a... 2a02:26f0:11a::217:9a48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a4b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
38	13

1 104.18.3.41 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

link.hibid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:cd8 (United States)

ASN13335 (CLOUDFLARENET, US)

express-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-20.fra56.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:11a::217:9a48 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a4b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	21 KB
8	express-simple.com express-simple.com	344 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 436 p.typekit.net — Cisco Umbrella Rank: 598	73 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	257 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 351	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	136 KB
2	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 361	55 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	146 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	348 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 64	17 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14540	40 KB
1	hibid.com 1 redirects link.hibid.com — Cisco Umbrella Rank: 430646	1 KB
38	12

	Domain	Requested by
8	express-simple.com	express-simple.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com express-simple.com
5	use.typekit.net	express-simple.com use.typekit.net
3	www.facebook.com	express-simple.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com express-simple.com
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	express-simple.com connect.facebook.net
2	maps.googleapis.com	express-simple.com maps.googleapis.com
2	www.googletagmanager.com	express-simple.com www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	lh3.googleusercontent.com	express-simple.com
1	p.typekit.net	use.typekit.net
1	cdn.plaid.com	express-simple.com
1	link.hibid.com	1 redirects
38	14

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-09` - `2023-02-07`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
Frame ID: D0516788F97624B752A711A906223F0B
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Financing by Currency

Page URL History Show full URLs

https://link.hibid.com/u/click?_t=4827b48020284910967230e053dcd587&_m=a080350031014a6c9e4cbdf82... HTTP 303
https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsle... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

38
Requests

100 %
HTTPS

86 %
IPv6

12
Domains

14
Subdomains

13
IPs

6
Countries

843 kB
Transfer

2654 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.hibid.com/u/click?_t=4827b48020284910967230e053dcd587&_m=a080350031014a6c9e4cbdf82f7ba727&_e=ji_J9qNttiw1M9UdOzur2qvIaKoxPNwHEnOzcgQ-rk2DLNUZum3-PcqNApDlhNlNRyC7HwtnYS0wpCT7PV-DijuKZLAQdCyd5X_5as_mNW21U4W07BlWSVUL9OYKNPAjxEy3xIAN92ilbpfxIGcl5Jm0bkzb__Plih2EEVIKHAt5S-SZRpuYNatMQBGBCVnoZ_rDaJNpqfyasnuQNK4kCOVN0F5DA6Rgwaiu1MupiCXBk81pfrAXU8Y2-xS-3zm5mjs2Ooh0-Jj7cen98F19gSDYtZM1jOEtYo2AHkkHFgJMvUGI_3tAR6xZq7xgnGg9W6ZHlN0ov9YDebU_LfeMcnsw4txGMKIQELGtQGZsESviaqnsJ0aZz1QExKFmCLtLucs_9cgI9OgVm0xTdfft3tcYEgk7u7w7myM-P0aX7R5eJyhNJxXDh9jvUTH5Pcsj HTTP 303
https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
express-simple.com/hibid/
Redirect Chain

https://link.hibid.com/u/click?_t=4827b48020284910967230e053dcd587&_m=a080350031014a6c9e4cbdf82f7ba727&_e=ji_J9qNttiw1M9UdOzur2qvIaKoxPNwHEnOzcgQ-rk2DLNUZum3-PcqNApDlhNlNRyC7HwtnYS0wpCT7PV-...
https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23

39 KB
10 KB

922ms
830ms

Document
text/html

2606:4700:20::681a:cd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f9c8df6af8d0a6e7d2bacf49fbe4b352dc87d0f81986c1464faef6c57ed0d07f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 791bce4e9d6dd6ca-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 30 Jan 2023 17:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2haiCV0%2FVmX8KHd15NxF%2Bc%2BX26kZ7YaSJfkrU1FTx7Iel3hpzXMkvPT8DvHJUl2JCFke9zHh1t0%2BVmLF4eExeFTCxMzg26EClW5e6BNGtXmlRVhPUm9ERKt2%2BQ7BUJqySb7B%2FQUYn1q3Md9zRcIDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 791bce4bbef299e7-CDG
content-length: 0
content-security-policy: base-uri 'none'; worker-src 'self' blob:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub46dd5cf52153d917fc1d5e91ff3a600d&dd-evp-origin=content-security-policy&ddsource=csp-report; frame-ancestors 'self' https://links.iterable.com; script-src 'none'; object-src 'none'
date: Mon, 30 Jan 2023 17:07:47 GMT
location: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
request-time: 1
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
70 KB 131ms
66ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TK847ZP

Requested by

Host: express-simple.com
URL: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e21932ec9f0be9777d2073a3d2598d7588d985c428793d79efd28efe6949114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71006
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Jan 2023 17:07:48 GMT

GET
H2 200 ec-bundle.0.bbbdf8b9c77cbd21cd58.css
express-simple.com/ 2 KB
932 B 522ms
521ms Stylesheet
text/css 2606:4700:20::681a:cd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://express-simple.com/ec-bundle.0.bbbdf8b9c77cbd21cd58.css
Requested by: Host: express-simple.com
URL: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 47a007a04dc6c9481de97fb2d068c775bc1e748bf3f5787259927e57e84ab265

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:49 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 18 Jan 2023 18:42:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"670-185c630c8a0"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaO3bP8L8psgLIcGcuDZ2%2BAafS8iVmuixJ09vZu6ykVJRQ1HqEuKEmCHhxqSbNpP8I4F4dN5H7GiovGwvUDPFz7L0YERjw0eLTJYu2dQkEYEsKj%2FOxT87Wee4L75HkruDAf4EEbYYLQHpn%2BtZRh4IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 791bce548f33d6ca-CDG

GET
H2 200 ec-bundle.1.bbbdf8b9c77cbd21cd58.css
express-simple.com/ 2 KB
882 B 558ms
557ms Stylesheet
text/css 2606:4700:20::681a:cd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://express-simple.com/ec-bundle.1.bbbdf8b9c77cbd21cd58.css
Requested by: Host: express-simple.com
URL: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 719caaffa480baa6fbe687d7b38cfb098d0482ce9a1a68aaba666f7f9e3159ae

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:49 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 18 Jan 2023 18:42:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6aa-185c630c8a0"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMiv4HOMz1FzJjy8J4kL9y1Tpp7kmZ6O60zjofoBBhq85N11WAPU8zTwUembsIs6CB%2BXBCc6S4GmMzL9LWHZ5jexfzY%2B99QH2xUgmrEuDmHr5DSENvpb4DlO9tC8gXPQ4pM4Ej45%2BiUPbR3V11Ry9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 791bce548f36d6ca-CDG

GET
H2 200 ec-bundle.generic.bbbdf8b9c77cbd21cd58.css
express-simple.com/ 63 KB
12 KB 768ms
767ms Stylesheet
text/css 2606:4700:20::681a:cd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://express-simple.com/ec-bundle.generic.bbbdf8b9c77cbd21cd58.css
Requested by: Host: express-simple.com
URL: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5f112db3d2031681b755e6af0c53daf6ce3d0dc1bb24ad67e4e2a84cab162cc2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:49 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 18 Jan 2023 18:42:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"fde7-185c630c8a0"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CrsPACmskC2xI7EBwur%2B3U891keL%2FI%2Bd%2BH0oCVSm7azY%2Bd6Sllf2KiHmBmH%2BEv5BfDjmdYrTGMfeFIjn6FTiDQ73DsnH1maN51PWezUl8P%2FDWUkY8DZne%2FgkmKilOwUL8VLLWSa020pGDuQgRuaGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 791bce548f37d6ca-CDG

GET
H2 200 email-decode.min.js Show response
express-simple.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 25ms
25ms Script
application/javascript 2606:4700:20::681a:cd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express-simple.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:cd8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ce6a10-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1%2FgGBOBPvEDL301yY8Z3gKHHnwv4rYxI1BYFTuc319dU%2BaVwr%2FO0H6DWG33zNtFhiZ0EyZRjTWkOdzXiohDtQmeFvKiDGNNSTjKziCjamztQohj5xuuznPRqcQG98gIqQTivcuKdBrversH1EKfQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 791bce548f39d6ca-CDG
expires: Wed, 01 Feb 2023 17:07:48 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 127 KB
40 KB 148ms
48ms Script
application/javascript 65.9.66.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: express-simple.com
URL: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b3c5d889df342043b51f2548a827a0dc28c4729f425811d4d997e8403cb2e2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 13:48:34 GMT
x-amz-version-id: Tpp7xk8GthYtMNnKhBWhgk3zxRCHMaeT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
x-amz-request-id: NT33FZ4BZK9EWAY5
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 11955
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: QtxitBiLmyL4MNRXrnDtKNzjdjHHIThq3tbCQ02N9cpbY16vsVmjnhCvBpMYrQZZ93wLIYyDwu8=
last-modified: Mon, 30 Jan 2023 13:26:07 GMT
server: AmazonS3
etag: W/"dd413053dcd5baf8d0ed007e05fc153b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: 5766AYe8PqfDS1zJG5g899cq91ICRY6KwXDAH2CFVeOqKJQe7Old5w==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 167 KB
55 KB 152ms
60ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyBTZkPIJGH5xdf0_oGeXzUN_PAo4SeLn8o&v=quarterly

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

c52d92f0eca4e522c1c9a62853277bb05b6ed385aba30b51b31dcad5980e0e41

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:48 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=33
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55842
x-xss-protection: 0
expires: Mon, 30 Jan 2023 17:37:48 GMT

GET
H2 200 ec-bundle.vendor.077376a09f9e85dd47d9.js Show response
express-simple.com/ 669 KB
203 KB 1353ms
1352ms Script
application/javascript 2606:4700:20::681a:cd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://express-simple.com/ec-bundle.vendor.077376a09f9e85dd47d9.js
Requested by: Host: express-simple.com
URL: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e4e7a6a719b1e0cd09692d35a2c426c076b0cb872151f573a3e229c9dadc96ef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:49 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 18 Jan 2023 18:42:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a753f-185c630c8a0"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjGnI2PDAH8AXYwHA8WFS7Uk7jbzYAlG1ckJ27I%2BXur6anSz%2Bz2axhJD%2FnkfhxyhfD7WLgxaNYTlW0UvcsVst5aJ66rZXtk7Xw3BD2ilppvHSKjN9nUeOzdTgOx%2F5DPPWy8ZSSw5UORsgO1gUvVLrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 791bce548f3ad6ca-CDG

GET
H2 200 ec-bundle.core.779e37efba3e521cd998.js Show response
express-simple.com/ 412 KB
95 KB 1136ms
1135ms Script
application/javascript 2606:4700:20::681a:cd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://express-simple.com/ec-bundle.core.779e37efba3e521cd998.js
Requested by: Host: express-simple.com
URL: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 04b885d4e7b3563473cd456555f39fe4ad22c7ad07806d8307c5b37f73181ae7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:49 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 18 Jan 2023 18:42:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"67017-185c630c8a0"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxlp2it5sw9%2F2AVJEFPKYXvT2f4FpAwdrYqmj42RS93YfiKFscBA1KiI5bRY9WpBLPrNhf1xzYIAqfroffwh2NqAdE0Q3weI851u6GJm0wJLspUYjhLiL%2FVCRvENMruTbeC%2F11W2BssfXjSsrrKhHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 791bce548f3cd6ca-CDG

GET
H2 200 ec-bundle.generic.eda5c64c3ac6f359b180.js Show response
express-simple.com/ 69 KB
21 KB 773ms
772ms Script
application/javascript 2606:4700:20::681a:cd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://express-simple.com/ec-bundle.generic.eda5c64c3ac6f359b180.js
Requested by: Host: express-simple.com
URL: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 93c7f965d3a5d494afd4fbea3944d5e4cdb906f9203ec4ee3e5b6267b0cfef4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_medium=banner&utm_campaign=hibid-newsletter&utm_source=Iterable&utm_medium=email&utm_campaign=newsletter&utm_content=friday_1/27/23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:49 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 18 Jan 2023 18:42:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"11598-185c630c8a0"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DH5CHSIPTcl5ekn%2BzR24yl84tB0Y84vi%2BsZuhVJjCWGQUE%2Bdrq8JDZX3RwKfXBa9IGU9Z19ASP5xbmP9U4%2BUDSFv8u%2FP56QPdj5pTEdjRij6EKOtyuzIhuleusPl9lvHvlnxDY4fSi8FEsISBggnmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 791bce548f3dd6ca-CDG

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 154ms
49ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK847ZP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 16:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2764
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 30 Jan 2023 18:21:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 81ms
26ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Jan 2023 17:07:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gvjkiYFX793eQrwMEWKL+p/SiCVfe9toydq0aFoYDlIRCrqpi2KFaFUcY3Y4QxF+dfzdNGBqu9FubcMTukkS9A==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 82ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK847ZP

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 30 Jan 2023 17:07:48 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E8BB4FC86204803AEBEA7696454BC6E Ref B: LON04EDGE0706 Ref C: 2023-01-30T17:07:48Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2P4YQKW342&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK847ZP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22757916240e89294b9fbd1cf05acfdf42e81d3a07d23e63beca4ef17afd833b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Jan 2023 17:07:48 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 83ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2P4YQKW342&gtm=2oe1p0&_p=189530401&cid=693994523.1675098469&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675098468&sct=1&seg=0&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_medium%3Dbanner%26utm_campaign%3Dhibid-newsletter%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%2F27%2F23&dt=Financing%20by%20Currency&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2P4YQKW342&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 17:07:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://express-simple.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 141980866484966 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 29ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/141980866484966?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

872d6f93ec1d6eeb3443f8d3035ce856e03a3b9a0b6fe568c55f3812e9c29ada

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Jan 2023 17:07:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110172
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: PSBymDK7c8oMG0E73M+P/ZCFn3TwttdsnIL4PnZya0/lxM28hLgVYWCLDtH74eSSPVo2UBd+/ieeoJ/ZIFtH3w==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 16019260.js Show response
bat.bing.com/p/action/ 0
117 B 107ms
107ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/16019260.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 30 Jan 2023 17:07:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B61715ED95F24603AA23D06C8A852D9A Ref B: LON04EDGE0706 Ref C: 2023-01-30T17:07:48Z
x-cache: CONFIG_NOCACHE

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 60ms
59ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=189530401&t=pageview&_s=1&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_medium%3Dbanner%26utm_campaign%3Dhibid-newsletter%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%2F27%2F23&dp=%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_medium%3Dbanner%26utm_campaign%3Dhibid-newsletter%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%2F27%2F23&ul=en-us&de=UTF-8&dt=Financing%20by%20Currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACgBI~&jid=556347537&gjid=2145988750&cid=693994523.1675098469&tid=UA-136956044-1&_gid=388064588.1675098469&_r=1&_slc=1&gtm=2wg1p0TK847ZP&z=1705892881

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://express-simple.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 17:07:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://express-simple.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 78ms
26ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=141980866484966&ev=PageView&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_medium%3Dbanner%26utm_campaign%3Dhibid-newsletter%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%2F27%2F23&rl=&if=false&ts=1675098468953&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675098468951.2130822685&it=1675098468862&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Jan 2023 17:07:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ewr0uym.css
use.typekit.net/ 17 KB
2 KB 286ms
174ms Stylesheet
text/css 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ewr0uym.css

Requested by

Host: express-simple.com
URL: https://express-simple.com/ec-bundle.generic.bbbdf8b9c77cbd21cd58.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ef6fe77279652a0f7bc1765b39e84371e7d921eaf4f3597e0bedca48d59d1dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 30 Jan 2023 17:07:49 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1548

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 446ms
45ms Stylesheet
text/css 2a02:26f0:11a::217:9a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ewr0uym&ht=tk&f=1069.1070.1071.1072.1073.1074.1075.1076.24349.24350.24351.24352.24353.24354.24355.24356.43307.43308.43309.43310.43311.43312.43313.43314&a=20940133&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ewr0uym.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a4b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:50 GMT
last-modified: Sun, 01 May 2022 15:58:42 GMT
server: nginx
etag: "626eae32-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/e18217/00000000000000003b9b3876/27/ 17 KB
17 KB 158ms
40ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e18217/00000000000000003b9b3876/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ewr0uym.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 010a2e14ae5270dda51ace31c665fa54a572e89a763019d2083333931fe6a5e4

Request headers

Referer: https://use.typekit.net/ewr0uym.css
Origin: https://express-simple.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:50 GMT
server: nginx
etag: "a326869c6c747484a07d4b5c4a3d13c708d57b90"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17216

GET
H2 200 l
use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/ 17 KB
17 KB 161ms
43ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ewr0uym.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e90e02d29074efb04094d678eab9b1cadb5d01b4979f847c3e2f69803e46b92c

Request headers

Referer: https://use.typekit.net/ewr0uym.css
Origin: https://express-simple.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:50 GMT
server: nginx
etag: "d565fbd7462cbd43bdd44d30e039bca2154e8b6d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17176

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 93ms
39ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyBTZkPIJGH5xdf0_oGeXzUN_PAo4SeLn8o&v=quarterly

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://express-simple.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 60ms
59ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=189530401&t=event&_s=1&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_medium%3Dbanner%26utm_campaign%3Dhibid-newsletter%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%2F27%2F23&ul=en-us&de=UTF-8&dt=Financing%20by%20Currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ForkFlow&ea=flowInitialized&_u=aCDACEABBAAAACgBI~&jid=801009708&gjid=1824620733&cid=693994523.1675098469&tid=UA-64962845-17&_gid=388064588.1675098469&_r=1&_slc=1&cd2=693994523.1675098469&cd1=1799b93e-19a2-4d3a-82dd-1c9c67e38b72&cd3=Sandhills&z=1022429306

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://express-simple.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 17:07:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://express-simple.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 60ms
60ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=189530401&t=event&_s=1&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_medium%3Dbanner%26utm_campaign%3Dhibid-newsletter%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%2F27%2F23&ul=en-us&de=UTF-8&dt=Financing%20by%20Currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ForkFlow&ea=flowInitialized&_u=aCDACEABBAAAACgBI~&jid=1324626265&gjid=657482364&cid=693994523.1675098469&tid=UA-136956044-1&_gid=388064588.1675098469&_r=1&cd2=693994523.1675098469&cd1=1799b93e-19a2-4d3a-82dd-1c9c67e38b72&cd3=Sandhills&z=687863196

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://express-simple.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 17:07:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://express-simple.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
41ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=189530401&t=pageview&_s=1&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_medium%3Dbanner%26utm_campaign%3Dhibid-newsletter%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%2F27%2F23&dp=%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_source%3DIterable%26utm_medium%3Dbanner%26utm_medium%3Demail%26utm_campaign%3Dhibid-newsletter%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%252F27%252F23&ul=en-us&de=UTF-8&dt=Financing%20by%20Currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABBAAAACgBI~&jid=&gjid=&cid=693994523.1675098469&tid=UA-136956044-1&_gid=388064588.1675098469&gtm=2wg1p0TK847ZP&z=1625657261

Requested by

Host: express-simple.com
URL: https://express-simple.com/hibid/?utm_source=merchant-owned&utm_source=Iterable&utm_medium=banner&utm_medium=email&utm_campaign=hibid-newsletter&utm_campaign=newsletter&utm_content=friday_1%2F27%2F23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 07:47:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33592
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 27ms
25ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=141980866484966&ev=PageView&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_source%3DIterable%26utm_medium%3Dbanner%26utm_medium%3Demail%26utm_campaign%3Dhibid-newsletter%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%252F27%252F23&rl=&if=false&ts=1675098470207&sw=1600&sh=1200&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1675098468951.2130822685&it=1675098468862&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Jan 2023 17:07:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 Sf0x-VcyJS6PDfx7xdhGG_rEOqMU2VxQhRjVO2a7aDBRfwFjF-k1cyqOWOWHDBnTiOTyfwm7OCfqzyMX7BvPNcdyslqXG6bC6dUEWw
lh3.googleusercontent.com/ 16 KB
17 KB 177ms
41ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Sf0x-VcyJS6PDfx7xdhGG_rEOqMU2VxQhRjVO2a7aDBRfwFjF-k1cyqOWOWHDBnTiOTyfwm7OCfqzyMX7BvPNcdyslqXG6bC6dUEWw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3adcf299678e7cbb1e6d6bd26310ceeb5eee178f625d514a7b8b215dc214dddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16807
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 28 Jan 2023 19:58:54 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
41ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=189530401&t=event&_s=2&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_medium%3Dbanner%26utm_campaign%3Dhibid-newsletter%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%2F27%2F23&ul=en-us&de=UTF-8&dt=Financing%20by%20Currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ForkFlow&ea=flowStepReached&el=financeInfo&_u=aCDACEABBAAAACgBI~&jid=&gjid=&cid=693994523.1675098469&tid=UA-64962845-17&_gid=388064588.1675098469&cd2=693994523.1675098469&cd1=1799b93e-19a2-4d3a-82dd-1c9c67e38b72&cd3=Sandhills&z=681735968

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 07:47:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33592
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
42ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=189530401&t=event&_s=2&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_medium%3Dbanner%26utm_campaign%3Dhibid-newsletter%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%2F27%2F23&ul=en-us&de=UTF-8&dt=Financing%20by%20Currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ForkFlow&ea=flowStepReached&el=financeInfo&_u=aCDACEABBAAAACgBI~&jid=&gjid=&cid=693994523.1675098469&tid=UA-136956044-1&_gid=388064588.1675098469&cd2=693994523.1675098469&cd1=1799b93e-19a2-4d3a-82dd-1c9c67e38b72&cd3=Sandhills&z=3589429

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 07:47:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33592
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/97a068/00000000000000003b9b3877/27/ 19 KB
19 KB 45ms
45ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/97a068/00000000000000003b9b3877/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i1&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ewr0uym.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 264402101047518a92534411b2066f0c1eda7188e916da1acda8dc55320b1c58

Request headers

Referer: https://use.typekit.net/ewr0uym.css
Origin: https://express-simple.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:50 GMT
server: nginx
etag: "b9651426a860f2cf52e3bf561741a9708b926169"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19092

GET
H2 200 l
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/ 18 KB
18 KB 41ms
40ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ewr0uym.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 196ed0634b5c19548eb9ef2432ba6cc9f1f1d8446953de13e57f6bc6eceda098

Request headers

Referer: https://use.typekit.net/ewr0uym.css
Origin: https://express-simple.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:07:50 GMT
server: nginx
etag: "e120da2743159d9bd5b6acbf951b869a1a6b1a4e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18076

GET
H2 204 0
bat.bing.com/action/ 0
287 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=16019260&tm=gtm002&Ver=2&mid=7cdef1e1-0a20-4360-b492-67057c169af2&sid=a05c2030a0c011eda00dab4be644dcf3&vid=a05c54c0a0c011ed9fe68737bbbd3d53&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Financing%20by%20Currency&p=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_source%3DIterable%26utm_medium%3Dbanner%26utm_medium%3Demail%26utm_campaign%3Dhibid-newsletter%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%252F27%252F23&r=&lt=3175&evt=pageLoad&sv=1&rn=584290

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Jan 2023 17:07:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0281D35220B544EFA69E7687B7226E51 Ref B: LON04EDGE0706 Ref C: 2023-01-30T17:07:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 82ms
29ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64962845-17&cid=693994523.1675098469&jid=801009708&gjid=1824620733&_gid=388064588.1675098469&_u=aCDACEABBAAAACgBI~&z=905230317

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://express-simple.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 17:07:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://express-simple.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 24ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=141980866484966&ev=Microdata&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_source%3DIterable%26utm_medium%3Dbanner%26utm_medium%3Demail%26utm_campaign%3Dhibid-newsletter%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%252F27%252F23&rl=&if=false&ts=1675098470456&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Financing%20by%20Currency%22%2C%22meta%3Adescription%22%3A%22Currency%3A%20your%20premier%20financing%20partner.%20Find%20out%20how%20much%20you%20qualify%20for%20in%20just%20minutes.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.92&r=stable&ec=2&o=30&fbp=fb.1.1675098468951.2130822685&it=1675098468862&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://express-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Jan 2023 17:07:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 28ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2P4YQKW342&gtm=2oe1p0&_p=189530401&cid=693994523.1675098469&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1675098468&sct=1&seg=0&dl=https%3A%2F%2Fexpress-simple.com%2Fhibid%2F%3Futm_source%3Dmerchant-owned%26utm_medium%3Dbanner%26utm_campaign%3Dhibid-newsletter%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dnewsletter%26utm_content%3Dfriday_1%2F27%2F23&dt=Financing%20by%20Currency&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2P4YQKW342&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://express-simple.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 17:07:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://express-simple.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hibid.com/	1970-01-20 18:03:54	Name: iterableEndUserId Value: andrew.duncan%40struttandparker.com
.hibid.com/	1970-01-20 09:19:44	Name: iterableEmailCampaignId Value: 6028754
.hibid.com/	1970-01-20 09:19:44	Name: iterableTemplateId Value: 8116892
.hibid.com/	1970-01-20 09:19:44	Name: iterableMessageId Value: a080350031014a6c9e4cbdf82f7ba727
link.hibid.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 0462a65cdeaefc5dbbf4596d9e7d94fc540af86f-1675098467454-836fbf7d5c280a82346a96a3
.express-simple.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 5ec3660dbbcf57078a897de76089004c213dca1785862431d6497fd7dfddddf6
.express-simple.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 5ec3660dbbcf57078a897de76089004c213dca1785862431d6497fd7dfddddf6
.express-simple.com/	1970-01-20 18:54:18	Name: _ga Value: GA1.2.693994523.1675098469
.express-simple.com/	1970-01-20 09:19:44	Name: _gid Value: GA1.2.388064588.1675098469
.express-simple.com/	1970-01-20 09:18:18	Name: _gat_UA-136956044-1 Value: 1
.express-simple.com/	1970-01-20 11:27:54	Name: _fbp Value: fb.1.1675098468951.2130822685
.express-simple.com/	1970-01-20 09:18:18	Name: _gat Value: 1
.express-simple.com/	1970-01-20 09:18:18	Name: _gat_gCT Value: 1
.express-simple.com/	1970-01-20 09:19:44	Name: _uetsid Value: a05c2030a0c011eda00dab4be644dcf3
.express-simple.com/	1970-01-20 18:39:54	Name: _uetvid Value: a05c54c0a0c011ed9fe68737bbbd3d53
.bing.com/	1970-01-20 18:39:54	Name: MUID Value: 10D2B9A158EB6C591F4CAB0859CC6D8C
.express-simple.com/	1970-01-20 18:54:18	Name: _ga_2P4YQKW342 Value: GS1.1.1675098468.1.1.1675098471.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.plaid.com
connect.facebook.net
express-simple.com
lh3.googleusercontent.com
link.hibid.com
maps.googleapis.com
p.typekit.net
region1.google-analytics.com
stats.g.doubleclick.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.18.3.41
2001:4860:4802:32::36
2606:4700:20::681a:cd8
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2008
2a00:1450:400d:80c::200e
2a00:1450:4025:401::9b
2a02:26f0:11a::217:9a48
2a02:26f0:11a::217:9a4b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
65.9.66.20
010a2e14ae5270dda51ace31c665fa54a572e89a763019d2083333931fe6a5e4
04b885d4e7b3563473cd456555f39fe4ad22c7ad07806d8307c5b37f73181ae7
196ed0634b5c19548eb9ef2432ba6cc9f1f1d8446953de13e57f6bc6eceda098
1b3c5d889df342043b51f2548a827a0dc28c4729f425811d4d997e8403cb2e2e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
22757916240e89294b9fbd1cf05acfdf42e81d3a07d23e63beca4ef17afd833b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264402101047518a92534411b2066f0c1eda7188e916da1acda8dc55320b1c58
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3adcf299678e7cbb1e6d6bd26310ceeb5eee178f625d514a7b8b215dc214dddc
47a007a04dc6c9481de97fb2d068c775bc1e748bf3f5787259927e57e84ab265
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5f112db3d2031681b755e6af0c53daf6ce3d0dc1bb24ad67e4e2a84cab162cc2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e21932ec9f0be9777d2073a3d2598d7588d985c428793d79efd28efe6949114
719caaffa480baa6fbe687d7b38cfb098d0482ce9a1a68aaba666f7f9e3159ae
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
872d6f93ec1d6eeb3443f8d3035ce856e03a3b9a0b6fe568c55f3812e9c29ada
93c7f965d3a5d494afd4fbea3944d5e4cdb906f9203ec4ee3e5b6267b0cfef4f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c52d92f0eca4e522c1c9a62853277bb05b6ed385aba30b51b31dcad5980e0e41
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e7a6a719b1e0cd09692d35a2c426c076b0cb872151f573a3e229c9dadc96ef
e90e02d29074efb04094d678eab9b1cadb5d01b4979f847c3e2f69803e46b92c
ef6fe77279652a0f7bc1765b39e84371e7d921eaf4f3597e0bedca48d59d1dee
f9c8df6af8d0a6e7d2bacf49fbe4b352dc87d0f81986c1464faef6c57ed0d07f

express-simple.com Open in urlscan Pro 2606:4700:20::681a:cd8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

86 %IPv6

12 Domains

14 Subdomains

13 IPs

6 Countries

843 kBTransfer

2654 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

express-simple.com Open in urlscan Pro
2606:4700:20::681a:cd8 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

86 %
IPv6

12
Domains

14
Subdomains

13
IPs

6
Countries

843 kB
Transfer

2654 kB
Size

17
Cookies

38 HTTP transactions
0 data transactions