marshield.com Open in urlscan Pro
104.198.104.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://marshield.com/email-signup/
Effective URL:
https://marshield.com/email-signup/
Submission: On November 01 via api (November 1st 2023, 12:56:43 pm UTC) from US — Scanned from DE

Summary HTTP 115 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 32 domains to perform 115 HTTP transactions. The main IP is 104.198.104.14, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is marshield.com.
TLS certificate: Issued by R3 on October 10th 2023. Valid for: 3 months.

This is the only time marshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 50	104.198.104.14 104.198.104.14	15169 (GOOGLE) (GOOGLE)
3	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2 3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	23.23.239.105 23.23.239.105	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
19 25	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:212... 2600:9000:2127:e000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:b5cc:2b2f:4009:9fda	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.193.151.36 18.193.151.36	16509 (AMAZON-02) (AMAZON-02)
1 1	3.120.100.40 3.120.100.40	16509 (AMAZON-02) (AMAZON-02)
1	18.164.52.120 18.164.52.120	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
3 3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.2.184.149 52.2.184.149	14618 (AMAZON-AES) (AMAZON-AES)
1	88.221.168.166 88.221.168.166	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.194.163.10 54.194.163.10	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.48 216.52.2.48	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.171.202.164 35.171.202.164	14618 (AMAZON-AES) (AMAZON-AES)
115	35

50 104.198.104.14 (The Dalles, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 14.104.198.104.bc.googleusercontent.com

marshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.23.239.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-239-105.compute-1.amazonaws.com

fs18.formsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 35.204.158.49 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:e000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:b5cc:2b2f:4009:9fda (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.151.36 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-151-36.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.100.40 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-100-40.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-120.cdg50.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.184.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-184-149.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.166 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-166.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.163.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-163-10.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.171.202.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-202-164.compute-1.amazonaws.com

www.webtraxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	marshield.com 1 redirects marshield.com	488 KB
28	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 4323 i.simpli.fi — Cisco Umbrella Rank: 3693 um.simpli.fi — Cisco Umbrella Rank: 795	18 KB
9	formsite.com fs18.formsite.com	38 KB
7	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	3 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	172 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6862	914 B
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040	1 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	51 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2436 pbid.pro-market.net — Cisco Umbrella Rank: 7860	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 145	17 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	236 KB
2	webtraxs.com www.webtraxs.com — Cisco Umbrella Rank: 42499	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1743	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 560 d.agkn.com — Cisco Umbrella Rank: 755	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	712 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 376	239 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 415	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 882	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 921	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1749	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 886
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6321	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 417	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 716	236 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	7 KB
115	32

	Domain	Requested by
50	marshield.com	1 redirects marshield.com
25	um.simpli.fi	19 redirects marshield.com
9	fs18.formsite.com	marshield.com fs18.formsite.com
5	cdnjs.cloudflare.com	marshield.com cdnjs.cloudflare.com fs18.formsite.com
4	www.google.de	marshield.com
3	cm.g.doubleclick.net	3 redirects
3	fonts.googleapis.com	marshield.com
3	www.googleadservices.com	2 redirects marshield.com
3	www.googletagmanager.com	marshield.com www.googletagmanager.com
2	www.webtraxs.com	marshield.com
2	ib.adnxs.com	1 redirects marshield.com
2	loadm.exelator.com	1 redirects marshield.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects marshield.com
2	sync.1rx.io	2 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google.com	1 redirects marshield.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	tag.simpli.fi	marshield.com www.googletagmanager.com
1	us-u.openx.net	marshield.com
1	pixel.rubiconproject.com	marshield.com
1	idsync.rlcdn.com	marshield.com
1	ce.lijit.com	marshield.com
1	bcp.crwdcntrl.net	marshield.com
1	stags.bluekai.com	marshield.com
1	sync.bfmio.com	marshield.com
1	pbid.pro-market.net	marshield.com
1	sync.intentiq.com	marshield.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	marshield.com
1	eb2.3lift.com	marshield.com
1	sync.targeting.unrulymedia.com	marshield.com
1	s.ad.smaato.net	marshield.com
1	i.simpli.fi	tag.simpli.fi
1	maxcdn.bootstrapcdn.com	marshield.com
115	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
marsmetal.com
marskeel.com

Subject Issuer	Validity	Valid
marshield.com R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.formsite.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-03-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.webtraxs.com Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://marshield.com/email-signup/
Frame ID: 5177BAA42163273C8C77135A7D1A450E
Requests: 104 HTTP requests in this frame

Frame: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
Frame ID: CFD5717ED3993B5B7E034B025A11F296
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Email Newsletter Signup | MarShield Custom Radiation Products

Page URL History Show full URLs

http://marshield.com/email-signup/ HTTP 301
https://marshield.com/email-signup/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

115
Requests

82 %
HTTPS

41 %
IPv6

32
Domains

40
Subdomains

35
IPs

6
Countries

1057 kB
Transfer

2835 kB
Size

28
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/MarShieldRadiationShielding/

Search URL Search Domain Scan URL

URL: https://twitter.com/MarShield_TM

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/2092767/

Search URL Search Domain Scan URL

URL: https://marsmetal.com/

Search URL Search Domain Scan URL

URL: https://marskeel.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://marshield.com/email-signup/ HTTP 301
https://marshield.com/email-signup/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://www.googleadservices.com/pagead/conversion/981307923/wcm?cc=ZZ&dn=8003815335&cl=e9BRCJjk8X8Qk6T20wM&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8003815335&cl=e9BRCJjk8X8Qk6T20wM

Request Chain 74

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 75

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/2F652B6BC8B84C7EBF797193DE5FB764 HTTP 302
https://sync.1rx.io/usersync/simplifi/2F652B6BC8B84C7EBF797193DE5FB764?zcc=1&cb=1698843396653 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-20a9e920-4170-4b4c-a935-c5cf6231a69b-003

Request Chain 76

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=2F652B6BC8B84C7EBF797193DE5FB764&dongle=yf3

Request Chain 77

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 78

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=2F652B6BC8B84C7EBF797193DE5FB764 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 79

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=2F652B6BC8B84C7EBF797193DE5FB764 HTTP 302
https://d.agkn.com/pixel/10751/?che=1698843396636&ip=217.114.218.22&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216853104687002417391 HTTP 302
https://um.simpli.fi/aa_px?sk=216853104687002417391 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 80

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 83

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=2F652B6BC8B84C7EBF797193DE5FB764;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=2F652B6BC8B84C7EBF797193DE5FB764;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTE0NTYzMTI0MDQ5NjM5MzM1NDE= HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESELWhyc3xhrLXi1Gy1TurlT8&google_cver=1

Request Chain 84

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=2F652B6BC8B84C7EBF797193DE5FB764&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=2F652B6BC8B84C7EBF797193DE5FB764&j=0&xl8blockcheck=1

Request Chain 86

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 87

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 88

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 89

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 90

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 91

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1698843396280&cv=7&fst=1698843396280&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1352408209&cv=7&fst=1698843396280&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=BEtCZfOfFKW89u8P6cC1uAI&sscte=1&crd=&pscrd=IhMI87Gr6eyiggMVJZ79Bx1pYA0n HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1352408209&cv=7&fst=1698843396280&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI87Gr6eyiggMVJZ79Bx1pYA0n&is_vtc=1&ocp_id=BEtCZfOfFKW89u8P6cC1uAI&cid=CAQSKQDICaaNbfU5jlNxPj0yqa1oia1hkzD9CEQliMdzsgIDXik6Z4NB1-uP&random=2244983858 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1352408209&cv=7&fst=1698843396280&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI87Gr6eyiggMVJZ79Bx1pYA0n&is_vtc=1&ocp_id=BEtCZfOfFKW89u8P6cC1uAI&cid=CAQSKQDICaaNbfU5jlNxPj0yqa1oia1hkzD9CEQliMdzsgIDXik6Z4NB1-uP&random=2244983858&ipr=y

Request Chain 93

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=2F652B6BC8B84C7EBF797193DE5FB764 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 94

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2F652B6BC8B84C7EBF797193DE5FB764&expires=365

Request Chain 95

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=2F652B6BC8B84C7EBF797193DE5FB764

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEN8AW2NqhdAfBsSgXS4PeBg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F652B6BC8B84C7EBF797193DE5FB764 HTTP 302
https://um.simpli.fi/g_match?id=

115 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
marshield.com/email-signup/
Redirect Chain

http://marshield.com/email-signup/
https://marshield.com/email-signup/

72 KB
15 KB

1058ms
571ms

Document
text/html

104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 090cf53b97f10d7516a7a821bbec97f2910c89504c48c31c397c1a68ba6bbfcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 12:56:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://marshield.com/wp-json/>; rel="https://api.w.org/" <https://marshield.com/wp-json/wp/v2/pages/5801>; rel="alternate"; type="application/json" <https://marshield.com/?p=5801>; rel=shortlink
pragma: no-cache
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://marshield.com/xmlrpc.php
x-powered-by: WP Engine

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 01 Nov 2023 12:56:34 GMT
Keep-Alive: timeout=20
Location: https://marshield.com/email-signup/
Server: nginx

GET
H2 200 e90fd3f0-f53e-0138-7f66-06b4c2516bae Show response
tag.simpli.fi/sifitag/ 3 KB
3 KB 104ms
27ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/e90fd3f0-f53e-0138-7f66-06b4c2516bae
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: fb40340ef3eb60b1c1147028bb303195ab41b16898a24279bf8b863dc83f339e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:35 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 3101
x-request-id: F5OBETHhXW3iAtuSX-2C
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 93ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981307923

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

baa375dbe4452949b58d015873a8bb75bab290168aeb05d8e63d02b7582171f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72072
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Nov 2023 12:56:35 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 146ms
83ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

11f28e3999dc72c6036bcb378bc7a5f5a37188297c25e2eb52dad9a7eb1fdbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16772
x-xss-protection: 0
server: cafe
etag: 13943472904328739232
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 12:56:35 GMT

GET
H2 200 bxslider-integration.min.css
marshield.com/wp-content/plugins/bxslider-integration/assets/css/ 3 KB
1 KB 173ms
166ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/bxslider-integration/assets/css/bxslider-integration.min.css?ver=6.3
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d76d0bea321c064488febcdc7edb5f608a40af8b206e5da463e694cbf8edc157

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Mon, 10 Oct 2016 16:53:29 GMT
server: nginx
etag: W/"57fbc789-c7b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 testimonials-widget.css
marshield.com/wp-content/plugins/testimonials-widget/includes/libraries/testimonials-widget/assets/css/ 3 KB
852 B 188ms
181ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/testimonials-widget/includes/libraries/testimonials-widget/assets/css/testimonials-widget.css?ver=6.3
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a454a2f6c753dfa1f31cc7f4a732dc5e81f523c265c4e2cd0350b8e5218c3028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 03:02:46 GMT
server: nginx
etag: W/"6296d6d6-a1a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 testimonials-widget-premium.css
marshield.com/wp-content/plugins/testimonials-widget/assets/css/ 2 KB
689 B 198ms
191ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/testimonials-widget/assets/css/testimonials-widget-premium.css?ver=6.3
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6828300d5b79d0f302a4592359059d88c8ab8b55ec1892e90495fb8c4c00f7c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 03:02:46 GMT
server: nginx
etag: W/"6296d6d6-708"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 testimonials-widget-premium-form.css
marshield.com/wp-content/plugins/testimonials-widget/assets/css/ 466 B
419 B 261ms
255ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/testimonials-widget/assets/css/testimonials-widget-premium-form.css?ver=6.3
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ad73edbef737795259a75db8ad5c17bd45e0c64378db34bfe85ae48657a2532a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 03:02:46 GMT
server: nginx
etag: W/"6296d6d6-1d2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
marshield.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 172ms
166ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 11:13:55 GMT
server: nginx
etag: W/"64b7c573-19824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 blocks.style.build.css
marshield.com/wp-content/plugins/metronet-profile-picture/dist/ 27 KB
3 KB 187ms
180ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Fri, 06 Oct 2023 22:30:37 GMT
server: nginx
etag: W/"65208a8d-6c70"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 page-list.css
marshield.com/wp-content/plugins/page-list/css/ 1 KB
742 B 188ms
181ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/page-list/css/page-list.css?ver=5.6
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2df1c78b5de3fbced3280f4f256b2d8812b6e22a73c1a4b92cea4f94e5783c20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Tue, 09 May 2023 13:44:15 GMT
server: nginx
etag: W/"645a4e2f-4e3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 81ms
28ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=4.5.0

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 864, 617, 617
age: 2478424
cdn-cachedat: 2022-02-23 12:52:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4e642ef9e373fe7b62f817412bdd6cd2
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 81f44c747d969bec-FRA
cdn-requestpullsuccess: True

GET
H2 200 g1-screen.css
marshield.com/wp-content/themes/3clicks/css/ 213 KB
32 KB 260ms
253ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/css/g1-screen.css?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5f20223cb16e2fb14d2edd5f90d76d93c1e5df527503f5efa13a5166cc1e8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:27 GMT
server: nginx
etag: W/"5b4394ab-35350"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 g1-dynamic-style.css
marshield.com/wp-content/uploads/ 82 KB
10 KB 260ms
254ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/uploads/g1-dynamic-style.css?respondjs=no&ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 357677ae4f0eb815cf4960a4155712adcd4d2b1018a8ddf537beb3b2aecf25dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 04:49:03 GMT
server: nginx
etag: W/"5e97e3bf-1479e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 galleria.classic.css
marshield.com/wp-content/themes/3clicks/js/galleria/themes/classic/ 5 KB
1 KB 203ms
197ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/galleria/themes/classic/galleria.classic.css?respondjs=no&ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c4ce12cec6a6ff918e2437b098249eb9369a1df752faa170efa848b934a129c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-122a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 magnific-popup.css
marshield.com/wp-content/themes/3clicks/js/jquery.magnific-popup/ 7 KB
2 KB 551ms
546ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/jquery.magnific-popup/magnific-popup.css?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e7246010b42d191df572ae4ebccc468d34d33214c220e878aa4c0a1ffb84a9dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-1d07"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
marshield.com/wp-content/themes/3clicks-child-theme/ 21 KB
5 KB 552ms
546ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks-child-theme/style.css?ver=6.3
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 37591ed9bc4ef1245600f1854f4f9d844114a3ffea19218a5e6d6ea744b71e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Fri, 13 Aug 2021 11:03:03 GMT
server: nginx
etag: W/"61165167-54f4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 2 KB
964 B 81ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:regular&subset=latin%2Clatin-ext

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 12:56:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 12:56:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
715 B 84ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular&subset=latin%2Clatin-ext

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 12:56:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 12:56:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
738 B 83ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&subset=latin%2Clatin-ext

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 12:25:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 12:56:35 GMT

GET
H2 200 front.min.css
marshield.com/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 551ms
546ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.11
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Fri, 06 Oct 2023 22:30:31 GMT
server: nginx
etag: W/"65208a87-14d6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 a3_lazy_load.min.css
marshield.com/wp-content/uploads/sass/ 127 B
295 B 469ms
463ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1611210563
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Thu, 21 Jan 2021 06:29:23 GMT
server: nginx
etag: W/"60091f43-7f"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 front.css
marshield.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/ 26 KB
5 KB 551ms
546ms Stylesheet
text/css 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1683639851
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 68d8c72a1380ed65dfb8f9163cdd8b7db3de836c00611ab533535cd8a5df689e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Tue, 09 May 2023 13:44:11 GMT
server: nginx
etag: W/"645a4e2b-66d0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
marshield.com/wp-includes/js/jquery/ 85 KB
31 KB 469ms
464ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: nginx
etag: W/"6470990f-155ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
marshield.com/wp-includes/js/jquery/ 13 KB
5 KB 191ms
185ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
etag: W/"6482bd64-3509"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bxslider-integration.min.js Show response
marshield.com/wp-content/plugins/bxslider-integration/assets/js/ 19 KB
5 KB 194ms
189ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/bxslider-integration/assets/js/bxslider-integration.min.js?ver=6.3
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 973548c324e9e73f1abf946e4d986bcdf1c3710af5e585fa27b753fa7e757d9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Mon, 10 Oct 2016 16:53:29 GMT
server: nginx
etag: W/"57fbc789-4cb1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 modernizr.custom.js Show response
marshield.com/wp-content/themes/3clicks/js/modernizr/ 5 KB
3 KB 208ms
202ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/modernizr/modernizr.custom.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 66f055015f82536ffc6ce5cbcd261f1b1efb586e44f377ae7092c8afad4eef5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-150a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 front.min.js Show response
marshield.com/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 178ms
172ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.11
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Fri, 06 Oct 2023 22:30:31 GMT
server: nginx
etag: W/"65208a87-21fc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 front.min.js Show response
marshield.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/ 58 KB
17 KB 183ms
178ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1683639851
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e5da322ed022b5762d70293cd84e3e73009781267f36f48553ef8cd4bee4ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Tue, 09 May 2023 13:44:11 GMT
server: nginx
etag: W/"645a4e2b-e6f5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 respond.src.js Show response
marshield.com/wp-content/themes/3clicks/js/respond/ 9 KB
4 KB 468ms
463ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/respond/respond.src.js
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f703c67d9324180d10d5332f7ec495a6d071944baede8c59e5e263f38613189d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-259c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 70ms
24ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14566563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDayfeK6utGr0W%2FwiKNCAcIpd27hSdJ8gBtld6C0CiUnzBfu8D5xKxFKrNRU6DeBMyxQThffsh2edYgYnioky0hmWL%2BYiuqEzv%2FrAerhNnWmdRVrKAqWcBV2u%2FSfPLiouh9RBQjTtwFrRBzHxj2l6Cba"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81f44c746a3a9019-FRA
expires: Mon, 21 Oct 2024 12:56:35 GMT

GET
H2 200 MarsShieldLogo-2020-new.png
marshield.com/wp-content/uploads/2020/04/ 65 KB
65 KB 550ms
545ms Image
image/png 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2020/04/MarsShieldLogo-2020-new.png
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 915c32ae2ef8a5bfed3d6cd555721adf61e34af8aaa63e2ca36a733277160881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
last-modified: Thu, 16 Apr 2020 04:48:13 GMT
server: nginx
etag: "5e97e38d-10394"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 66452

GET
H2 200 marshield-logo-mb.png
marshield.com/wp-content/uploads/2018/09/ 7 KB
7 KB 550ms
545ms Image
image/png 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2018/09/marshield-logo-mb.png
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0f01ec5e2ba0373c423f0018bfd83171d22c45db8f0dd8db1f999ed0afda91b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
last-modified: Wed, 17 Oct 2018 19:08:28 GMT
server: nginx
etag: "5bc788ac-1a0b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6667

GET
H2 200 Email.jpg
marshield.com/wp-content/uploads/2013/04/ 30 KB
30 KB 518ms
514ms Image
image/jpeg 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2013/04/Email.jpg
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 55edfc6c6c34fa4691102e87745559221915414e7bc8b989238f10fc581abe7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
last-modified: Sun, 02 Apr 2017 17:59:43 GMT
server: nginx
etag: "58e13c0f-77d9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 30681

GET
H2 200 embedManager.js Show response
fs18.formsite.com/include/form/ 4 KB
2 KB 518ms
126ms Script
application/javascript 23.23.239.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs18.formsite.com/include/form/embedManager.js?1343818185
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.239.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-239-105.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2195b4631346532f2561259dd19e97de66e94a3789368e2c2ddd88e76fb73b56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: gzip
last-modified: Mon, 12 Jun 2023 18:15:08 GMT
server: Apache
etag: "1042-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1509
expires: Wed, 08 Nov 2023 12:56:36 GMT

GET
H2 200 logo-footer-marsmetal.png
marshield.com/wp-content/uploads/2018/10/ 12 KB
13 KB 177ms
171ms Image
image/png 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2018/10/logo-footer-marsmetal.png
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d272ed78613aba5831957ef77fe75348d6d51f4309873786ae5c05cbb76bf68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
last-modified: Tue, 11 Dec 2018 18:57:51 GMT
server: nginx
etag: "5c1008af-31f9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12793

GET
H2 200 logo-footer-marshield.png
marshield.com/wp-content/uploads/2018/10/ 6 KB
6 KB 185ms
178ms Image
image/png 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2018/10/logo-footer-marshield.png
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4afcc2cf4b1b83898d7bffe62300d16d9ce15d300469a9dcd154614dae50d39c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
last-modified: Tue, 11 Dec 2018 18:58:00 GMT
server: nginx
etag: "5c1008b8-17f3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6131

GET
H2 200 logo-footer-marskeel.png
marshield.com/wp-content/uploads/2018/10/ 5 KB
6 KB 186ms
181ms Image
image/png 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2018/10/logo-footer-marskeel.png
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 52418e37a2c5ba8e42f537dda073d7e1bda89134c81fb9a8196772683e5ede71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
last-modified: Mon, 29 Oct 2018 12:46:11 GMT
server: nginx
etag: "5bd70113-15f4"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5620

GET
H2 200 mpp-frontend.js Show response
marshield.com/wp-content/plugins/metronet-profile-picture/js/ 331 B
435 B 184ms
179ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Fri, 06 Oct 2023 22:30:37 GMT
server: nginx
etag: W/"65208a8d-14b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 main.js Show response
marshield.com/wp-content/themes/3clicks/js/ 97 KB
20 KB 193ms
188ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/main.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 58e258825cdf45afe5669acfa7aa6b2356501253d74735311b88856a7cb1b76a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-18308"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.touchSwipe.min.js Show response
marshield.com/wp-content/themes/3clicks/js/jquery.touchSwipe/ 8 KB
3 KB 333ms
328ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/jquery.touchSwipe/jquery.touchSwipe.min.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0285bb4d715e7448d640231351e0662c4e8d1e60cff4568a67b44e73ecc0b9c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-2046"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 galleria-1.2.9.min.js Show response
marshield.com/wp-content/themes/3clicks/js/galleria/ 60 KB
21 KB 336ms
331ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/galleria/galleria-1.2.9.min.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1774da0999d279475a423611a7f9bc8ae6cec114a259de1009eadff08fe2babb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-f0c6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 galleria.classic.js Show response
marshield.com/wp-content/themes/3clicks/js/galleria/themes/classic/ 3 KB
1 KB 373ms
368ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/galleria/themes/classic/galleria.classic.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0d7cca78c9dc6e52b97a77e27752dc43039117aa047b37935d4bacf29bce3a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-a98"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 g1-simple-sliders.js Show response
marshield.com/wp-content/themes/3clicks/lib/g1-simple-sliders/js/ 43 KB
7 KB 336ms
332ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/lib/g1-simple-sliders/js/g1-simple-sliders.js?ver=1.0.0
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a179811456f4314bacb90419f319b24c7a076974874075f9348e68a41d661d44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-ac79"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.metadata.js Show response
marshield.com/wp-content/themes/3clicks/js/jquery-metadata/ 5 KB
2 KB 349ms
345ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/jquery-metadata/jquery.metadata.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e38ccf96deb41ef93f4d9c1941ec9eb8e746fbe94b9166ad5096fc2353b1d0f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-13f8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.easing.1.3.js Show response
marshield.com/wp-content/themes/3clicks/js/easing/ 8 KB
2 KB 352ms
348ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/easing/jquery.easing.1.3.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-1fa1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 breakpoints.js Show response
marshield.com/wp-content/themes/3clicks/js/breakpoints/ 3 KB
1 KB 366ms
361ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/breakpoints/breakpoints.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7b87896dab2836aca547259bd9adcf8db67665da3b586025caec200211fef2ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Wed, 17 Oct 2018 19:08:26 GMT
server: nginx
etag: W/"5bc788aa-dc7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.carouFredSel-6.2.1-packed.js Show response
marshield.com/wp-content/themes/3clicks/js/carouFredSel/ 53 KB
14 KB 352ms
348ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/carouFredSel/jquery.carouFredSel-6.2.1-packed.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e9cdbebb93c076de37e208742a252641c50a5a527efcee16fd18dff10f237e36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-d5fc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 waypoints.min.js Show response
marshield.com/wp-content/themes/3clicks/js/jquery-waypoints/ 8 KB
3 KB 350ms
346ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/jquery-waypoints/waypoints.min.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d271120b283f037391dcecfb7e65de5ac6d4feaf3a990ba2a4a2d5289a40333e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-1f6c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 skrollr.min.js Show response
marshield.com/wp-content/themes/3clicks/js/skrollr/ 8 KB
4 KB 353ms
349ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/skrollr/skrollr.min.js?ver=0.5.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8aeafa76776756ae7875602d56770e5c274515e4f7ce92c03e09a92520256256

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-20ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.magnific-popup.min.js Show response
marshield.com/wp-content/themes/3clicks/js/jquery.magnific-popup/ 18 KB
7 KB 368ms
364ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks/js/jquery.magnific-popup/jquery.magnific-popup.min.js?ver=3.14
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9b3091d3c2b03ee2f4ec571501927cc6d3af0ad0c511fafb178762b5b8e73f0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 09 Jul 2018 17:00:28 GMT
server: nginx
etag: W/"5b4394ac-46ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 modifications.js Show response
marshield.com/wp-content/themes/3clicks-child-theme/ 52 B
271 B 371ms
367ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-content/themes/3clicks-child-theme/modifications.js?ver=6.3
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8337a9b32c60bcb7ddfa08fc4e3688827c3fe36746ed66f91d62c29960750ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Mon, 10 Oct 2016 16:53:28 GMT
server: nginx
etag: W/"57fbc788-34"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
74 KB 42ms
38ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TG7NCBL

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc2922cce859800339fd6d6de6a8f562f5a831f96fb623e6408bad74e6871144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75786
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Nov 2023 12:56:35 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981307923/ 3 KB
2 KB 134ms
79ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981307923/?random=1698843395358&cv=11&fst=1698843395358&bg=ffffff&guid=ON&async=1&gtm=45be3au1&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmarshield.com%2Femail-signup%2F&hn=www.googleadservices.com&frm=0&auid=1770667128.1698843395&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981307923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5970dcf93bccac14d905da6ee515fd5d0941438bf9344db3a52b8797a4be9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 71ms
23ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981307923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:47:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Nov 2023 13:47:43 GMT

GET
BLOB 200
OK a134c4d5-d15e-4a59-afb3-f9a83fae8996
https://marshield.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://marshield.com/a134c4d5-d15e-4a59-afb3-f9a83fae8996
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 top-bar-bg.jpg
marshield.com/wp-content/uploads/2018/08/ 4 KB
4 KB 368ms
368ms Image
image/jpeg 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2018/08/top-bar-bg.jpg
Requested by: Host: marshield.com
URL: https://marshield.com/wp-content/uploads/g1-dynamic-style.css?respondjs=no&ver=3.14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc588d53a18c2c0e124c8e383516aaf77878e7a252909ddc5ba839c4fb77fff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/wp-content/uploads/g1-dynamic-style.css?respondjs=no&ver=3.14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
last-modified: Wed, 17 Oct 2018 19:08:27 GMT
server: nginx
etag: "5bc788ab-e4d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3661

GET
H2 200 nav-bg.jpg
marshield.com/wp-content/uploads/2018/08/ 3 KB
3 KB 364ms
364ms Image
image/jpeg 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2018/08/nav-bg.jpg
Requested by: Host: marshield.com
URL: https://marshield.com/wp-content/uploads/g1-dynamic-style.css?respondjs=no&ver=3.14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7010a9c41bbba0e6f8d0e5dd9999601210e86da98cf2037e60a3d93536ada77a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/wp-content/uploads/g1-dynamic-style.css?respondjs=no&ver=3.14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
last-modified: Wed, 17 Oct 2018 19:08:27 GMT
server: nginx
etag: "5bc788ab-adc"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2780

GET
H2 200 precontent-bg-grey.jpg
marshield.com/wp-content/uploads/2018/09/ 24 KB
24 KB 336ms
336ms Image
image/jpeg 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2018/09/precontent-bg-grey.jpg
Requested by: Host: marshield.com
URL: https://marshield.com/wp-content/uploads/g1-dynamic-style.css?respondjs=no&ver=3.14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3167bb626651fb9cc3a0675da95f282ee1f318feb941e2e763724d760e4677c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/wp-content/uploads/g1-dynamic-style.css?respondjs=no&ver=3.14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
last-modified: Wed, 17 Oct 2018 19:08:28 GMT
server: nginx
etag: "5bc788ac-5f7b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 24443

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
12 KB 73ms
24ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:regular&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://marshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 22:15:00 GMT
x-content-type-options: nosniff
age: 52895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Oct 2024 22:15:00 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 56ms
31ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://marshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 768355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=554lhAWL1z86ynbQBBU1XjlEbT5KhPvzhCSJ6V8Xgk9YCFjsvwsg9Ed84RPXgkQLo13l6YRimxS7yWTwLtrLjnb2xQ5sNb3DJbJHcWW5X9jLqiPirrjXwY0wo7cPpWei%2BXwSBj6xmsOJE3B6sYmyJ%2BVS"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81f44c782ae38ff4-FRA
expires: Mon, 21 Oct 2024 12:56:35 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 66ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://marshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:18:21 GMT
x-content-type-options: nosniff
age: 499094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:18:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q3EMDQ8QHQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG7NCBL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e12974f390571f486ff1f0ff3df5e61c55c11187b0575912f2f1a5d86b1421e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93653
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 12:56:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 310ms
19ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG7NCBL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Nov 2023 11:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3904
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 01 Nov 2023 13:51:32 GMT

GET
H2 200 e90fd3f0-f53e-0138-7f66-06b4c2516bae Show response
tag.simpli.fi/sifitag/ 3 KB
3 KB 27ms
26ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/e90fd3f0-f53e-0138-7f66-06b4c2516bae
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG7NCBL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: fb40340ef3eb60b1c1147028bb303195ab41b16898a24279bf8b863dc83f339e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:35 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 3101
x-request-id: F5OBEVfuy7SnkMvMa9hB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
19 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 09:47:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18760
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Oct 2024 09:47:43 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/981307923/ 42 B
455 B 285ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981307923/?random=1698843395358&cv=11&fst=1698840000000&bg=ffffff&guid=ON&async=1&gtm=45be3au1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmarshield.com%2Femail-signup%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=215100039&rmt_tld=0&ipr=y

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/981307923/ 42 B
455 B 284ms
34ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/981307923/?random=1698843395358&cv=11&fst=1698840000000&bg=ffffff&guid=ON&async=1&gtm=45be3au1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmarshield.com%2Femail-signup%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=215100039&rmt_tld=1&ipr=y

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 807 B
1 KB 46ms
26ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=272974&cb=sifi_att_62908555193185._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/e90fd3f0-f53e-0138-7f66-06b4c2516bae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 6abe831bd73eedd314e1a8cbbc9cfd432c456f556a8160396241f8cc4fc68214

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: application/javascript; charset=UTF-8
pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: openresty
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 27ms
26ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=37564606&t=pageview&_s=1&dl=https%3A%2F%2Fmarshield.com%2Femail-signup%2F&ul=en-us&de=UTF-8&dt=Email%20Newsletter%20Signup%20%7C%20MarShield%20Custom%20Radiation%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=329106648&gjid=1375284096&cid=563063697.1698843396&tid=UA-3049467-1&_gid=2103284174.1698843396&_r=1&_slc=1&gtm=45He3au1n81TG7NCBLv812502395&gcd=11l1l1l1l1&z=886986512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://marshield.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/981307923/wcm?cc=ZZ&dn=8003815335&cl=e9BRCJjk8X8Qk6T20wM&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8003815335&cl=e9BRCJjk8X8Qk6T20wM

80 B
244 B

28ms
28ms

XHR
application/json

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8003815335&cl=e9BRCJjk8X8Qk6T20wM

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8003815335&cl=e9BRCJjk8X8Qk6T20wM
access-control-allow-origin: https://marshield.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 248ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q3EMDQ8QHQ&gtm=45je3au1v876853908z8812502395&_p=37564606&_gaz=1&gcd=11l1l1l1l1&cid=563063697.1698843396&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1698843396&sct=1&seg=0&dl=https%3A%2F%2Fmarshield.com%2Femail-signup%2F&dt=Email%20Newsletter%20Signup%20%7C%20MarShield%20Custom%20Radiation%20Products&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q3EMDQ8QHQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 247ms
25ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q3EMDQ8QHQ&cid=563063697.1698843396&gtm=45je3au1v876853908z8812502395&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q3EMDQ8QHQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q3EMDQ8QHQ&cid=563063697.1698843396&gtm=45je3au1v876853908z8812502395&aip=1&z=1565660881

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 245ms
24ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3049467-1&cid=563063697.1698843396&jid=329106648&gjid=1375284096&_gid=2103284174.1698843396&_u=YEBAAEAAAAAAACAAI~&z=1057989882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://marshield.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Nov 2023 12:56:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2F652B6BC8B84C7EBF797193DE5FB764

0
236 B

184ms
67ms

Image
text/plain

2600:9000:2127:e000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2F652B6BC8B84C7EBF797193DE5FB764
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 2600:9000:2127:e000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
cache-control: no-cache, must-revalidate
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: Cw-H3Qq1y8_OarBk2iq8MX2kIprTMA0LdtjKThYYHMAuTH-B9ZcbPw==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=2F652B6BC8B84C7EBF797193DE5FB764
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2

200

RX-20a9e920-4170-4b4c-a935-c5cf6231a69b-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/2F652B6BC8B84C7EBF797193DE5FB764
https://sync.1rx.io/usersync/simplifi/2F652B6BC8B84C7EBF797193DE5FB764?zcc=1&cb=1698843396653
https://sync.targeting.unrulymedia.com/csync/RX-20a9e920-4170-4b4c-a935-c5cf6231a69b-003

43 B
378 B

89ms
27ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-20a9e920-4170-4b4c-a935-c5cf6231a69b-003
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-20a9e920-4170-4b4c-a935-c5cf6231a69b-003
pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=2F652B6BC8B84C7EBF797193DE5FB764&dongle=yf3

37 B
140 B

71ms
20ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=2F652B6BC8B84C7EBF797193DE5FB764&dongle=yf3
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=2F652B6BC8B84C7EBF797193DE5FB764&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=2F652B6BC8B84C7EBF797193DE5FB764

43 B
175 B

379ms
111ms

Image
image/gif

2600:1f18:612b:4280:b5cc:2b2f:4009:9fda
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=2F652B6BC8B84C7EBF797193DE5FB764
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 2600:1f18:612b:4280:b5cc:2b2f:4009:9fda Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 01 Nov 2023 12:56:36 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=2F652B6BC8B84C7EBF797193DE5FB764
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=2F652B6BC8B84C7EBF797193DE5FB764
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2F652B6BC8B84C7EBF797193DE5FB764

95 B
429 B

40ms
37ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2F652B6BC8B84C7EBF797193DE5FB764

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=2F652B6BC8B84C7EBF797193DE5FB764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=2F652B6BC8B84C7EBF797193DE5FB764
https://d.agkn.com/pixel/10751/?che=1698843396636&ip=217.114.218.22&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216853104687002417391
https://um.simpli.fi/aa_px?sk=216853104687002417391
https://um.simpli.fi/empty.gif

43 B
361 B

27ms
27ms

Image
image/gif

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2F652B6BC8B84C7EBF797193DE5FB764

0
0

140ms
29ms

Image
text/html

18.164.52.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2F652B6BC8B84C7EBF797193DE5FB764
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 18.164.52.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-120.cdg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2F652B6BC8B84C7EBF797193DE5FB764
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 33ms
30ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 37ms
35ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=2F652B6BC8B84C7EBF797193DE5FB764;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=2F652B6BC8B84C7EBF797193DE5FB764;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTE0NTYzMTI0MDQ5NjM5MzM1NDE=
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESELWhyc3xhrLXi1Gy1TurlT8&google_cver=1

43 B
389 B

54ms
34ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESELWhyc3xhrLXi1Gy1TurlT8&google_cver=1
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESELWhyc3xhrLXi1Gy1TurlT8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=2F652B6BC8B84C7EBF797193DE5FB764&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=2F652B6BC8B84C7EBF797193DE5FB764&j=0&xl8blockcheck=1

0
755 B

50ms
49ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=2F652B6BC8B84C7EBF797193DE5FB764&j=0&xl8blockcheck=1
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 01 Nov 2023 12:56:37 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=2F652B6BC8B84C7EBF797193DE5FB764&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 51ms
49ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=2F652B6BC8B84C7EBF797193DE5FB764

0
421 B

536ms
123ms

Image
text/plain

52.2.184.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=2F652B6BC8B84C7EBF797193DE5FB764
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: HTTP/1.1
Server: 52.2.184.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-184-149.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 01 Nov 2023 12:56:36 GMT

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=2F652B6BC8B84C7EBF797193DE5FB764
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=2F652B6BC8B84C7EBF797193DE5FB764

62 B
445 B

262ms
175ms

Image
image/gif

88.221.168.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=2F652B6BC8B84C7EBF797193DE5FB764
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 88.221.168.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-166.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 01 Nov 2023 12:56:36 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=2F652B6BC8B84C7EBF797193DE5FB764
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2

404

tpid=2F652B6BC8B84C7EBF797193DE5FB764
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2F652B6BC8B84C7EBF797193DE5FB764

49 B
265 B

178ms
47ms

Image
image/gif

54.194.163.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2F652B6BC8B84C7EBF797193DE5FB764
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 54.194.163.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-163-10.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.65
content-length: 49
expires: 0

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2F652B6BC8B84C7EBF797193DE5FB764
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=2F652B6BC8B84C7EBF797193DE5FB764

0
311 B

116ms
31ms

Image
text/plain

216.52.2.48
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=2F652B6BC8B84C7EBF797193DE5FB764
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: HTTP/1.1
Server: 216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Wed, 01 Nov 2023 12:56:36 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=2F652B6BC8B84C7EBF797193DE5FB764
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=2F652B6BC8B84C7EBF797193DE5FB764

0
98 B

114ms
28ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=2F652B6BC8B84C7EBF797193DE5FB764
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=2F652B6BC8B84C7EBF797193DE5FB764
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1698843396280&cv=7&fst=1698843396280&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1352408209&cv=7&fst=1698843396280&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1352408209&cv=7&fst=1698843396280&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI87Gr6...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1352408209&cv=7&fst=1698843396280&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI87Gr6e...

42 B
108 B

34ms
34ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1352408209&cv=7&fst=1698843396280&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI87Gr6eyiggMVJZ79Bx1pYA0n&is_vtc=1&ocp_id=BEtCZfOfFKW89u8P6cC1uAI&cid=CAQSKQDICaaNbfU5jlNxPj0yqa1oia1hkzD9CEQliMdzsgIDXik6Z4NB1-uP&random=2244983858&ipr=y

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1352408209&cv=7&fst=1698843396280&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI87Gr6eyiggMVJZ79Bx1pYA0n&is_vtc=1&ocp_id=BEtCZfOfFKW89u8P6cC1uAI&cid=CAQSKQDICaaNbfU5jlNxPj0yqa1oia1hkzD9CEQliMdzsgIDXik6Z4NB1-uP&random=2244983858&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 53ms
51ms Image
text/plain 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=2F652B6BC8B84C7EBF797193DE5FB764
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2F652B6BC8B84C7EBF797193DE5FB764

43 B
896 B

66ms
61ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2F652B6BC8B84C7EBF797193DE5FB764

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
an-x-request-uuid: 8a5a33d9-07eb-4594-bfad-b22d74fca324
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.22; 217.114.218.22; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
an-x-request-uuid: 70ccd0e6-6ff1-486e-8a1d-cb0c0840eb3f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2F652B6BC8B84C7EBF797193DE5FB764
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2F652B6BC8B84C7EBF797193DE5FB764&expires=365

0
239 B

128ms
26ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2F652B6BC8B84C7EBF797193DE5FB764&expires=365
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2F652B6BC8B84C7EBF797193DE5FB764&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=2F652B6BC8B84C7EBF797193DE5FB764

43 B
264 B

120ms
34ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=2F652B6BC8B84C7EBF797193DE5FB764
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=2F652B6BC8B84C7EBF797193DE5FB764
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 31 Oct 2023 12:56:36 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEN8AW2NqhdAfBsSgXS4PeBg&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F652B6BC8B84C7EBF797193DE5FB764
https://um.simpli.fi/g_match?id=

0
320 B

31ms
31ms

Image
text/plain

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: marshield.com
URL: https://marshield.com/email-signup/

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 31 Oct 2023 12:56:36 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showFormEmbed Show response
fs18.formsite.com/res/ Frame CFD5 21 KB
5 KB 375ms
374ms Document
text/html 23.23.239.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
Requested by: Host: fs18.formsite.com
URL: https://fs18.formsite.com/include/form/embedManager.js?1343818185
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.239.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-239-105.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a6e68f58f368ffae072bcf6e48118a9aaa9321f139c0defafdde829b09578fc1

Request headers

Referer: https://marshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 4844
content-type: text/html;charset=UTF-8
date: Wed, 01 Nov 2023 12:56:36 GMT
server: Apache
vary: Accept-Encoding,User-Agent

GET
H2 200 footer-bg.jpg
marshield.com/wp-content/uploads/2018/09/ 13 KB
13 KB 169ms
169ms Image
image/jpeg 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2018/09/footer-bg.jpg
Requested by: Host: marshield.com
URL: https://marshield.com/wp-content/uploads/g1-dynamic-style.css?respondjs=no&ver=3.14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a6cf6e5243b92016f75f091a59ec19b8ab5775db4f3628656113b7bb4436e15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/wp-content/uploads/g1-dynamic-style.css?respondjs=no&ver=3.14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
last-modified: Wed, 17 Oct 2018 19:08:28 GMT
server: nginx
etag: "5bc788ac-3520"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13600

GET
H2 200 wp-emoji-release.min.js Show response
marshield.com/wp-includes/js/ 18 KB
5 KB 193ms
193ms Script
application/javascript 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marshield.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
etag: W/"63db0985-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wt.php Show response
www.webtraxs.com/ 4 KB
1 KB 406ms
113ms Script
application/javascript 35.171.202.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webtraxs.com/wt.php
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.171.202.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-202-164.compute-1.amazonaws.com
Software: Apache/2.4.54 (Amazon) PHP/5.6.40 / PHP/5.6.40
Resource Hash: 8145caaca8e3d422072be3542612905069f43e1066943459cfb4e5782e79aba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: cache
date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: gzip
server: Apache/2.4.54 (Amazon) PHP/5.6.40
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
content-length: 1263
expires: Wed, 01 Nov 2023 14:56:36 GMT

GET
H2 200 MarsShieldLogo-2020-new.png
marshield.com/wp-content/uploads/2020/04/ 65 KB
65 KB 171ms
170ms Image
image/png 104.198.104.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshield.com/wp-content/uploads/2020/04/MarsShieldLogo-2020-new.png
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.104.14 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 14.104.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 915c32ae2ef8a5bfed3d6cd555721adf61e34af8aaa63e2ca36a733277160881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/email-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
last-modified: Thu, 16 Apr 2020 04:48:13 GMT
server: nginx
etag: "5e97e38d-10394"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 66452

GET
H2 200 webtraxs.php
www.webtraxs.com/ 43 B
280 B 431ms
430ms Image
image/gif 35.171.202.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webtraxs.com/webtraxs.php?id=marshield&referer=&r=1600x1200&c=24&showme=n&st=img&title=Email%20Newsletter%20Signup%20%7C%20MarShield%20Custom%20Radiation%20Products&url=https%3A//marshield.com/email-signup/
Requested by: Host: marshield.com
URL: https://marshield.com/email-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.171.202.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-202-164.compute-1.amazonaws.com
Software: Apache/2.4.54 (Amazon) PHP/5.6.40 / PHP/5.6.40
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 01 Nov 2023 12:56:37 GMT
server: Apache/2.4.54 (Amazon) PHP/5.6.40
x-powered-by: PHP/5.6.40
content-length: 43
p3p: CP="NOI DSP COR ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/ Frame CFD5 31 KB
7 KB 26ms
24ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.min.css

Requested by

Host: fs18.formsite.com
URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a4e11935f5ea4aef82c0b7ab7a0ce43a99b90a2f15ee4b38c2eb75a38cbeb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs18.formsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8406690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6550
last-modified: Thu, 22 Jun 2023 11:06:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1f-1996"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vR0iGi2f1fV0nA7hocstYWokcksO9G0KmvUVnHRRJ25q2NCVkR%2B1n4vuTjtuvLGmSa1HyDZlxrQZnJIvSW%2FzRz46GYgZe5z4TaGn35a3pKjUJx7GSxTMsNl6Ca4jpAq2cq8PoJtYmNSJvHAvdsYgDA9z"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81f44c7e99289019-FRA
expires: Mon, 21 Oct 2024 12:56:36 GMT

GET
H2 200 fonts9.css
fs18.formsite.com/include/form/ Frame CFD5 20 KB
5 KB 235ms
233ms Stylesheet
text/css 23.23.239.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs18.formsite.com/include/form/fonts9.css?1601750850571
Requested by: Host: fs18.formsite.com
URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.239.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-239-105.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ccf67cb9b9dd4939bbc5926c84a059b38137c25d157462aa5c456d6076b3aeb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 18:39:07 GMT
server: Apache
etag: "4e6d-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4207
expires: Wed, 08 Nov 2023 12:56:36 GMT

GET
H2 200 screen9.css
fs18.formsite.com/include/form/ Frame CFD5 28 KB
10 KB 121ms
119ms Stylesheet
text/css 23.23.239.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs18.formsite.com/include/form/screen9.css?1601750850571
Requested by: Host: fs18.formsite.com
URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.239.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-239-105.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9d7ae1814032545d4d67e39d41dc4368b5b8013320a45b139c1c2deace91a82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 15:06:11 GMT
server: Apache
etag: "71ac-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9833
expires: Wed, 08 Nov 2023 12:56:36 GMT

GET
H2 200 responsive9.css
fs18.formsite.com/include/form/ Frame CFD5 3 KB
1 KB 116ms
114ms Stylesheet
text/css 23.23.239.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs18.formsite.com/include/form/responsive9.css?1601750850571
Requested by: Host: fs18.formsite.com
URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.239.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-239-105.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 971b7c72db30fb7ea2c61531397ebee2958d45ff4a0bdbd9c3e8b9382f562ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 18:39:07 GMT
server: Apache
etag: "c0e-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 891
expires: Wed, 08 Nov 2023 12:56:36 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ Frame CFD5 85 KB
27 KB 26ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: fs18.formsite.com
URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs18.formsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4879236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27446
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64ed75bb-6b36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIr2EtAkcgvN8odQfhOU5ofZRT2HzmC0ujwZ6bqNbARtib2zDAHmpogS8kE1m%2FY5MPEkelhh%2FCbw0TjVXOcgg6oXanmqKy%2FPxUKMC1txCa5oaygwgK6lqGAyqzcd1o2guvDGj3OcQr03FnZWJWeCUYP9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81f44c7e992a9019-FRA
expires: Mon, 21 Oct 2024 12:56:36 GMT

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/ Frame CFD5 249 KB
56 KB 28ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js

Requested by

Host: fs18.formsite.com
URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs18.formsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 13361757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56990
last-modified: Fri, 29 Jul 2022 20:40:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62e445d5-de9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClWTYl84n78cLchbZxXwqJ%2BqBRmZG1pUHu6GKuaRVfVA1gT9V5L6Oi%2F8R4DR%2F2JKBPoTR7%2FtTCMnjoCIFzUOT08WU3v67%2BZHTnpwFAqm0G9DbfxXrAmBWUV0nr2ppMO4pO3H6dsMsrWARy9L7h6BNh9w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81f44c7e992c9019-FRA
expires: Mon, 21 Oct 2024 12:56:36 GMT

GET
H2 200 jquery.mask.min.js Show response
fs18.formsite.com/include/form/ Frame CFD5 8 KB
4 KB 230ms
229ms Script
application/javascript 23.23.239.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs18.formsite.com/include/form/jquery.mask.min.js
Requested by: Host: fs18.formsite.com
URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.239.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-239-105.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: gzip
last-modified: Thu, 06 Jul 2023 15:11:41 GMT
server: Apache
etag: "2087-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3446
expires: Wed, 08 Nov 2023 12:56:36 GMT

GET
H2 200 form9.js Show response
fs18.formsite.com/include/form/ Frame CFD5 28 KB
8 KB 235ms
234ms Script
application/javascript 23.23.239.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs18.formsite.com/include/form/form9.js?1601750850571
Requested by: Host: fs18.formsite.com
URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.239.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-239-105.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6661c9a5a9ee4a9182496d93c620a3b74f255dcedf1160a36586a8c4a1b87885

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2023 18:20:49 GMT
server: Apache
etag: "6f8d-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7643
expires: Wed, 08 Nov 2023 12:56:36 GMT

GET
H2 200 embed.js Show response
fs18.formsite.com/include/form/ Frame CFD5 2 KB
1 KB 230ms
229ms Script
application/javascript 23.23.239.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs18.formsite.com/include/form/embed.js
Requested by: Host: fs18.formsite.com
URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.239.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-239-105.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9bf76c0981f3d7cb30be16f19b1419bad27dbccc3c5c5496cd1c84982e756dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:36 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 16:25:53 GMT
server: Apache
etag: "8fe-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 855
expires: Wed, 08 Nov 2023 12:56:36 GMT

GET
H2 200 print9.css
fs18.formsite.com/include/form/ Frame CFD5 395 B
778 B 117ms
116ms Stylesheet
text/css 23.23.239.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs18.formsite.com/include/form/print9.css?1601750850571
Requested by: Host: fs18.formsite.com
URL: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.239.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-239-105.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 261cbaa4a097cdfdc132c94ea073dee500515db2ced41e1b710272f9a035b9ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs18.formsite.com/res/showFormEmbed?EParam=B6fiTn%2BRcO6Suvza%2FVEGGZyVOhTxx49YFzpUCZwnDno%3D&1343818185&EmbedId=1343818185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:56:37 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 18:39:07 GMT
server: Apache
etag: "18b-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 216
expires: Wed, 08 Nov 2023 12:56:37 GMT

GET
DATA 200
OK truncated
/ Frame CFD5 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f28bd26f125af76b3906251555fbd664c6ce2f2cdb5799f1c7231b84e207367

Request headers

Referer
Origin: https://fs18.formsite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 26ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q3EMDQ8QHQ&gtm=45je3au1v876853908&_p=37564606&gcd=11l1l1l1l1&cid=563063697.1698843396&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1698843396&sct=1&seg=0&dl=https%3A%2F%2Fmarshield.com%2Femail-signup%2F&dt=Email%20Newsletter%20Signup%20%7C%20MarShield%20Custom%20Radiation%20Products&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q3EMDQ8QHQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 12:56:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fs18.formsite.com/res	1969-12-31 23:59:59	Name: JSESSIONID Value: 419B2053783321500D09B704C9C8EE27
.simpli.fi/	1970-01-21 00:41:05	Name: suid Value: 2F652B6BC8B84C7EBF797193DE5FB764
.marshield.com/	1970-01-20 18:03:39	Name: _gcl_au Value: 1.1.1770667128.1698843395
.marshield.com/	1970-01-20 15:55:29	Name: _gid Value: GA1.2.2103284174.1698843396
.marshield.com/	1970-01-20 15:54:03	Name: _gat_UA-3049467-1 Value: 1
.simpli.fi/	1970-01-20 16:04:08	Name: uid_syncd_secure Value: true
.marshield.com/	1970-01-21 01:30:03	Name: _ga Value: GA1.1.563063697.1698843396
.marshield.com/	1970-01-21 01:30:03	Name: _ga_Q3EMDQ8QHQ Value: GS1.1.1698843396.1.0.1698843396.60.0.0
marshield.com/	1969-12-31 23:59:59	Name: g1_preheader_open_on_startup Value: false
.doubleclick.net/	1970-01-21 01:15:39	Name: IDE Value: AHWqTUkc67y-iSQ28WYhMKj5ztwsRV9OivlRsseSKSgsy3p7vsBM30X_S_lFaPYYdh0
.agkn.com/	1970-01-21 00:39:39	Name: ab Value: 0001%3AWpQbUjfU%2BpUXX9i%2BE85Dr%2FSsLEHkElFi
.tapad.com/	1970-01-20 17:20:27	Name: TapAd_TS Value: 1698843396637
.tapad.com/	1970-01-20 17:20:27	Name: TapAd_DID Value: 53eb8ff0-b6f2-4150-a997-1cd13e44be1d
.1rx.io/	1970-01-21 00:39:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-20a9e920-4170-4b4c-a935-c5cf6231a69b-003%22%7D
.adnxs.com/	1970-01-20 18:03:39	Name: uuid2 Value: 7304555376262872031
.tapad.com/	1970-01-20 17:20:27	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-20 18:46:51	Name: EE Value: "e8fd9107835ae8739a8edb878a25f860"
.adnxs.com/	1970-01-20 18:03:39	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2Hb7F%vH<!@wnfH8KW.dG5<#Z0wDwEsuG?p5cD?E:AN9rhwpJHNA!'G%fmtqO5ZuEl8W[]eK8L#DI2Z#DIgl#XseGgsK:$
.agkn.com/	1970-01-21 00:39:39	Name: u Value: C\|0AAAAAAAALNUHhAAAAAAA
.targeting.unrulymedia.com/	1970-01-21 00:39:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-20a9e920-4170-4b4c-a935-c5cf6231a69b-003%22%7D
.exelator.com/	1970-01-20 18:46:51	Name: ud Value: "eJxrXxzq6XKLQSHVIi3F0tDA3MLYNDHVwtzYMtEiNSXJwtwi0cg0zcLMYHFZatGCpaXFQMFDSypySnKaVpfFhzrGuzn6evpELnPOKMrPTV0BFgpzDVpsaGixJL8oM32Ri%252BviopQ0hkUlxaeCjx6tBgCfriqM"
.bluekai.com/	1970-01-20 20:16:08	Name: bku Value: blx999HnxZPxlz1O
.bluekai.com/	1970-01-20 20:16:08	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEJsBMD0xMjYxpCYmeHeB6PYHMz8BpW816HaBDjYBpR69y9gzyFw
.pro-market.net/	1970-01-20 16:37:15	Name: anHistory Value: "-b2bfnuwjhsh1+2+!#7%.%I![U7"
.pro-market.net/	1970-01-20 20:13:15	Name: anProfile Value: "-b2bfnuwjhsh1+1+1f=1+1g=1+1j=41+rs=s+rt=20011B60000202403247000000000011+s2=(s3g3yc)+vm=24-2F652B6BC8B84C7EBF797193DE5FB764:53-CAESELWhyc3xhrLXi1Gy1TurlT8"
.bfmio.com/	1970-01-21 00:39:39	Name: __141_cid Value: 2F652B6BC8B84C7EBF797193DE5FB764
.bfmio.com/	1970-01-21 00:39:39	Name: __io_cid Value: 29e69ac47501ab7cc93fe644da8d60c9552b5e93
fs18.formsite.com/	1970-01-20 16:04:08	Name: AWSALBCORS Value: cdw3yQfW0voPMtPM+9vQE8QALabul9RnLfekLKobgRO3VszApLqz0numF64aTUO+6OyDVHKVsi5ldllsgtSJAoewn2b5o6Bk6qZ4b19gRTEQ2drGMZA0RJz6kHnV

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=2F652B6BC8B84C7EBF797193DE5FB764 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=2F652B6BC8B84C7EBF797193DE5FB764 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=2F652B6BC8B84C7EBF797193DE5FB764 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
bcp.crwdcntrl.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
fs18.formsite.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
marshield.com
maxcdn.bootstrapcdn.com
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.webtraxs.com
104.198.104.14
142.250.185.162
142.250.186.130
18.164.52.120
18.193.151.36
185.89.211.12
2001:4860:4802:32::36
216.52.2.48
23.23.239.105
2600:1901:0:8eee::
2600:1f18:612b:4280:b5cc:2b2f:4009:9fda
2600:9000:2127:e000:1b:5138:8a40:93a1
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0a::9d
3.120.100.40
34.111.113.62
34.98.64.218
35.171.202.164
35.204.158.49
35.204.89.238
35.244.174.68
46.228.174.117
52.2.184.149
54.194.163.10
54.78.254.47
69.173.144.165
76.223.111.18
88.221.168.166
0285bb4d715e7448d640231351e0662c4e8d1e60cff4568a67b44e73ecc0b9c3
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
090cf53b97f10d7516a7a821bbec97f2910c89504c48c31c397c1a68ba6bbfcc
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d7cca78c9dc6e52b97a77e27752dc43039117aa047b37935d4bacf29bce3a18
0e12974f390571f486ff1f0ff3df5e61c55c11187b0575912f2f1a5d86b1421e
0f01ec5e2ba0373c423f0018bfd83171d22c45db8f0dd8db1f999ed0afda91b6
11f28e3999dc72c6036bcb378bc7a5f5a37188297c25e2eb52dad9a7eb1fdbe6
17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6
1774da0999d279475a423611a7f9bc8ae6cec114a259de1009eadff08fe2babb
2195b4631346532f2561259dd19e97de66e94a3789368e2c2ddd88e76fb73b56
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
261cbaa4a097cdfdc132c94ea073dee500515db2ced41e1b710272f9a035b9ce
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
2df1c78b5de3fbced3280f4f256b2d8812b6e22a73c1a4b92cea4f94e5783c20
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3167bb626651fb9cc3a0675da95f282ee1f318feb941e2e763724d760e4677c8
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
357677ae4f0eb815cf4960a4155712adcd4d2b1018a8ddf537beb3b2aecf25dc
37591ed9bc4ef1245600f1854f4f9d844114a3ffea19218a5e6d6ea744b71e24
3a6cf6e5243b92016f75f091a59ec19b8ab5775db4f3628656113b7bb4436e15
3e5da322ed022b5762d70293cd84e3e73009781267f36f48553ef8cd4bee4ef4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4afcc2cf4b1b83898d7bffe62300d16d9ce15d300469a9dcd154614dae50d39c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
52418e37a2c5ba8e42f537dda073d7e1bda89134c81fb9a8196772683e5ede71
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55edfc6c6c34fa4691102e87745559221915414e7bc8b989238f10fc581abe7c
58e258825cdf45afe5669acfa7aa6b2356501253d74735311b88856a7cb1b76a
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f20223cb16e2fb14d2edd5f90d76d93c1e5df527503f5efa13a5166cc1e8dde
6661c9a5a9ee4a9182496d93c620a3b74f255dcedf1160a36586a8c4a1b87885
66f055015f82536ffc6ce5cbcd261f1b1efb586e44f377ae7092c8afad4eef5e
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6828300d5b79d0f302a4592359059d88c8ab8b55ec1892e90495fb8c4c00f7c2
68d8c72a1380ed65dfb8f9163cdd8b7db3de836c00611ab533535cd8a5df689e
6abe831bd73eedd314e1a8cbbc9cfd432c456f556a8160396241f8cc4fc68214
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f28bd26f125af76b3906251555fbd664c6ce2f2cdb5799f1c7231b84e207367
7010a9c41bbba0e6f8d0e5dd9999601210e86da98cf2037e60a3d93536ada77a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b87896dab2836aca547259bd9adcf8db67665da3b586025caec200211fef2ff
8145caaca8e3d422072be3542612905069f43e1066943459cfb4e5782e79aba9
8337a9b32c60bcb7ddfa08fc4e3688827c3fe36746ed66f91d62c29960750ed6
8aeafa76776756ae7875602d56770e5c274515e4f7ce92c03e09a92520256256
915c32ae2ef8a5bfed3d6cd555721adf61e34af8aaa63e2ca36a733277160881
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
971b7c72db30fb7ea2c61531397ebee2958d45ff4a0bdbd9c3e8b9382f562ea1
973548c324e9e73f1abf946e4d986bcdf1c3710af5e585fa27b753fa7e757d9e
9b3091d3c2b03ee2f4ec571501927cc6d3af0ad0c511fafb178762b5b8e73f0d
9bf76c0981f3d7cb30be16f19b1419bad27dbccc3c5c5496cd1c84982e756dd8
9d7ae1814032545d4d67e39d41dc4368b5b8013320a45b139c1c2deace91a82e
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a179811456f4314bacb90419f319b24c7a076974874075f9348e68a41d661d44
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
a454a2f6c753dfa1f31cc7f4a732dc5e81f523c265c4e2cd0350b8e5218c3028
a6e68f58f368ffae072bcf6e48118a9aaa9321f139c0defafdde829b09578fc1
a9a4e11935f5ea4aef82c0b7ab7a0ce43a99b90a2f15ee4b38c2eb75a38cbeb6
ad73edbef737795259a75db8ad5c17bd45e0c64378db34bfe85ae48657a2532a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b5970dcf93bccac14d905da6ee515fd5d0941438bf9344db3a52b8797a4be9d7
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608
baa375dbe4452949b58d015873a8bb75bab290168aeb05d8e63d02b7582171f6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c4ce12cec6a6ff918e2437b098249eb9369a1df752faa170efa848b934a129c3
cc588d53a18c2c0e124c8e383516aaf77878e7a252909ddc5ba839c4fb77fff6
ccf67cb9b9dd4939bbc5926c84a059b38137c25d157462aa5c456d6076b3aeb7
cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d271120b283f037391dcecfb7e65de5ac6d4feaf3a990ba2a4a2d5289a40333e
d272ed78613aba5831957ef77fe75348d6d51f4309873786ae5c05cbb76bf68d
d76d0bea321c064488febcdc7edb5f608a40af8b206e5da463e694cbf8edc157
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dc2922cce859800339fd6d6de6a8f562f5a831f96fb623e6408bad74e6871144
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e38ccf96deb41ef93f4d9c1941ec9eb8e746fbe94b9166ad5096fc2353b1d0f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7246010b42d191df572ae4ebccc468d34d33214c220e878aa4c0a1ffb84a9dd
e9cdbebb93c076de37e208742a252641c50a5a527efcee16fd18dff10f237e36
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f703c67d9324180d10d5332f7ec495a6d071944baede8c59e5e263f38613189d
fb40340ef3eb60b1c1147028bb303195ab41b16898a24279bf8b863dc83f339e
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

marshield.com Open in urlscan Pro 104.198.104.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

82 %HTTPS

41 %IPv6

32 Domains

40 Subdomains

35 IPs

6 Countries

1057 kBTransfer

2835 kBSize

28 Cookies

5 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

marshield.com Open in urlscan Pro
104.198.104.14 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

82 %
HTTPS

41 %
IPv6

32
Domains

40
Subdomains

35
IPs

6
Countries

1057 kB
Transfer

2835 kB
Size

28
Cookies

115 HTTP transactions
1 data transactions