urlscan.io logo urlscan.io
SecurityTrails logo

greenearthmedicinals.com Open in urlscan Pro
192.200.160.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://greenearthmedicinals.com/
Effective URL: https://greenearthmedicinals.com/
Submission: On March 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 7 countries across 62 domains to perform 132 HTTP transactions. The main IP is 192.200.160.248, located in United States and belongs to BIGCOMMERCE, US. The main domain is greenearthmedicinals.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 26th 2022. Valid for: a year.
This is the only time greenearthmedicinals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 192.200.160.248 399566 (BIGCOMMERCE)
3 151.101.194.133 54113 (FASTLY)
1 104.96.160.100 16625 (AKAMAI-AS)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
17 63.141.128.3 399566 (BIGCOMMERCE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
3 2600:9000:219... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.216.53.168 16509 (AMAZON-02)
7 13.224.189.60 16509 (AMAZON-02)
4 34.111.131.117 396982 (GOOGLE-CL...)
2 2.18.79.146 20940 (AKAMAI-ASN1)
2 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 3.232.242.170 14618 (AMAZON-AES)
3 104.96.147.196 16625 (AKAMAI-AS)
1 18.185.10.205 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
10 92.123.37.164 16625 (AKAMAI-AS)
1 2600:9000:20e... 16509 (AMAZON-02)
2 34.90.223.176 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 18.207.63.238 14618 (AMAZON-AES)
18 23 35.204.74.118 396982 (GOOGLE-CL...)
1 13.248.245.213 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 3 34.111.113.62 396982 (GOOGLE-CL...)
2 2 52.31.108.116 16509 (AMAZON-02)
2 2 18.198.137.63 16509 (AMAZON-02)
1 13.225.78.15 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
3 35.244.174.68 15169 (GOOGLE)
1 3 18.198.69.109 16509 (AMAZON-02)
1 34.230.110.36 14618 (AMAZON-AES)
2 23.203.125.189 16625 (AKAMAI-AS)
1 3 52.214.84.249 16509 (AMAZON-02)
2 216.52.2.16 32475 (SINGLEHOP...)
1 1 142.250.180.226 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 185.94.180.125 35220 (SPOTX-AMS)
2 3 185.89.210.212 29990 (ASN-APPNEX)
2 69.173.144.165 26667 (RUBICONPR...)
2 35.244.159.8 15169 (GOOGLE)
5 6 142.250.186.98 15169 (GOOGLE)
1 2 185.29.134.244 30419 (MEDIAMATH...)
1 185.64.190.80 ()
1 2 52.58.252.202 ()
1 2 185.80.39.216 ()
1 2 3.126.56.137 ()
2 2 35.156.231.131 ()
1 37.157.6.254 ()
1 69.166.1.12 ()
1 2.18.79.136 ()
1 185.86.138.150 ()
1 2606:4700:10:... ()
1 2 3.125.140.71 ()
1 2 35.186.194.101 ()
1 23.62.220.135 ()
1 1 35.171.218.28 ()
1 54.73.101.116 ()
1 1 3.81.190.229 ()
1 2600:1f18:ed:... ()
1 2 52.49.158.101 ()
1 162.19.138.116 ()
1 34.96.122.219 ()
132 64
4    192.200.160.248 (United States)

ASN399566 (BIGCOMMERCE, US)
greenearthmedicinals.com
store-52n5lzto02.mybigcommerce.com
3    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
analytics.getshogun.com
lib.getshogun.com
1    104.96.160.100 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-160-100.deploy.static.akamaitechnologies.com
chimpstatic.com
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
api.goaffpro.com
1    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    63.141.128.3 (United States)

ASN399566 (BIGCOMMERCE, US)
cdn11.bigcommerce.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:20eb:ea00:f:5e39:d380:93a1 (United States)

ASN16509 (AMAZON-02, US)
widget.sezzle.com
3    2600:9000:2190:6800:4:56e3:6bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.getshogun.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    52.216.53.168 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
7    13.224.189.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-60.fra2.r.cloudfront.net
downloads.mailchimp.com
4    34.111.131.117 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.131.111.34.bc.googleusercontent.com
bes.gcp.data.bigcommerce.com
2    2.18.79.146 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-146.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
2    2a02:26f0:f700:4::212:4f11 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
i.shgcdn.com
5    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    3.232.242.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-242-170.compute-1.amazonaws.com
app.pixelpop.co
3    104.96.147.196 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-147-196.deploy.static.akamaitechnologies.com
mc.us16.list-manage.com
1    18.185.10.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-10-205.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
2    2606:4700::6812:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
action.dstillery.com
action.media6degrees.com
10    92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    2600:9000:20eb:7400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    34.90.223.176 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.223.90.34.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
1    2606:4700:10::6816:62d (United States)

ASN13335 (CLOUDFLARENET, US)
p1.zemanta.com
1    2600:1f18:730:b140:318:4480:a19a:ad9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    18.207.63.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-63-238.compute-1.amazonaws.com
rp4.liadm.com
23    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4264:93ee:1683:39f:87a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    52.31.108.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-108-116.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    18.198.137.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-137-63.eu-central-1.compute.amazonaws.com
d.agkn.com
1    13.225.78.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-15.fra2.r.cloudfront.net
sync.intentiq.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadm.exelator.com
1    34.230.110.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-110-36.compute-1.amazonaws.com
sync.bfmio.com
2    23.203.125.189 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-189.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    52.214.84.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-84-249.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
eu-u.openx.net
6    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    185.64.190.80 (None, )

ASN- ()
image2.pubmatic.com
2    52.58.252.202 (None, )

ASN- ()
ad.360yield.com
2    185.80.39.216 (None, )

ASN- ()
dsum-sec.casalemedia.com
2    3.126.56.137 (None, )

ASN- ()
ups.analytics.yahoo.com
2    35.156.231.131 (None, )

ASN- ()
x.bidswitch.net
1    37.157.6.254 (None, )

ASN- ()
cm.adform.net
1    69.166.1.12 (None, )

ASN- ()
sync.go.sonobi.com
1    2.18.79.136 (None, )

ASN- ()
ads.stickyadstv.com
1    185.86.138.150 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    2606:4700:10::6816:1957 (None, )

ASN- ()
mwzeom.zeotap.com
2    3.125.140.71 (None, )

ASN- ()
ih.adscale.de
2    35.186.194.101 (None, )

ASN- ()
ad.sxp.smartclip.net
1    23.62.220.135 (None, )

ASN- ()
su.addthis.com
1    35.171.218.28 (None, )

ASN- ()
usermatch.krxd.net
1    54.73.101.116 (None, )

ASN- ()
beacon.krxd.net
1    3.81.190.229 (None, )

ASN- ()
i.liadm.com
1    2600:1f18:ed:550a:603b:acd7:290f:c7dd (None, )

ASN- ()
i6.liadm.com
2    52.49.158.101 (None, )

ASN- ()
dpm.demdex.net
1    162.19.138.116 (None, )

ASN- ()
id5-sync.com
1    34.96.122.219 (None, )

ASN- ()
mcusercontent.com
Apex Domain
Subdomains		 Transfer
25 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4081
i.simpli.fi — Cisco Umbrella Rank: 3208
um.simpli.fi — Cisco Umbrella Rank: 730
14 KB
21 bigcommerce.com
cdn11.bigcommerce.com — Cisco Umbrella Rank: 8610
bes.gcp.data.bigcommerce.com — Cisco Umbrella Rank: 13479
770 KB
12 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 991
sync.mathtag.com — Cisco Umbrella Rank: 459
13 KB
9 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
2 KB
7 mailchimp.com
downloads.mailchimp.com — Cisco Umbrella Rank: 12074
105 KB
6 getshogun.com
analytics.getshogun.com — Cisco Umbrella Rank: 12003
cdn.getshogun.com — Cisco Umbrella Rank: 25047
lib.getshogun.com — Cisco Umbrella Rank: 35272
102 KB
5 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 2618
rp.liadm.com — Cisco Umbrella Rank: 1487
rp4.liadm.com — Cisco Umbrella Rank: 6869
i.liadm.com
i6.liadm.com
14 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
23 KB
4 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 481
d.agkn.com — Cisco Umbrella Rank: 678
2 KB
4 pixelpop.co
app.pixelpop.co — Cisco Umbrella Rank: 69863
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
3 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 709
2 KB
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 858
sync.crwdcntrl.net
1 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1412
2 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 342
149 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 424
1 KB
3 list-manage.com
mc.us16.list-manage.com — Cisco Umbrella Rank: 118149
23 KB
3 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2303
bs.serving-sys.com — Cisco Umbrella Rank: 1400
77 KB
3 greenearthmedicinals.com
greenearthmedicinals.com
33 KB
2 demdex.net
dpm.demdex.net
2 KB
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
500 B
2 smartclip.net
ad.sxp.smartclip.net
863 B
2 adscale.de
ih.adscale.de
628 B
2 bidswitch.net
x.bidswitch.net
883 B
2 yahoo.com
ups.analytics.yahoo.com
500 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 360yield.com
ad.360yield.com
841 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 422
eu-u.openx.net
379 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
478 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 869
622 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 494
820 B
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2077
825 B
2 shgcdn.com
i.shgcdn.com — Cisco Umbrella Rank: 26697
73 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 856
85 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
ajax.googleapis.com — Cisco Umbrella Rank: 306
68 KB
1 mcusercontent.com
mcusercontent.com
1 id5-sync.com
id5-sync.com
1 KB
1 addthis.com
su.addthis.com
95 B
1 zeotap.com
mwzeom.zeotap.com
383 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 stickyadstv.com
ads.stickyadstv.com
699 B
1 sonobi.com
sync.go.sonobi.com
533 B
1 adform.net
cm.adform.net
163 B
1 pubmatic.com
image2.pubmatic.com
556 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6149
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
659 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 163
537 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1622
421 B
1 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1205
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 5853
183 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 338
140 B
1 zemanta.com
p1.zemanta.com — Cisco Umbrella Rank: 13946
160 B
1 media6degrees.com
action.media6degrees.com — Cisco Umbrella Rank: 4407
230 B
1 dstillery.com
action.dstillery.com — Cisco Umbrella Rank: 4538
247 B
1 amazonaws.com
s3.amazonaws.com
21 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 693
30 KB
1 mybigcommerce.com
store-52n5lzto02.mybigcommerce.com
4 KB
1 sezzle.com
widget.sezzle.com — Cisco Umbrella Rank: 17521
290 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
44 KB
1 goaffpro.com
api.goaffpro.com — Cisco Umbrella Rank: 58571
4 KB
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 4612
2 KB
0 semasio.net Failed
se.semasio.net Failed
132 62
Domain Requested by
23 um.simpli.fi 18 redirects
17 cdn11.bigcommerce.com greenearthmedicinals.com
cdn11.bigcommerce.com
10 pixel.mathtag.com secure-ds.serving-sys.com
pixel.mathtag.com
greenearthmedicinals.com
7 downloads.mailchimp.com greenearthmedicinals.com
downloads.mailchimp.com
6 cm.g.doubleclick.net 5 redirects
5 www.google-analytics.com cdn11.bigcommerce.com
www.google-analytics.com
4 app.pixelpop.co cdn11.bigcommerce.com
4 bes.gcp.data.bigcommerce.com greenearthmedicinals.com
3 ib.adnxs.com 2 redirects
3 sync.search.spotxchange.com 1 redirects
3 loadm.exelator.com 1 redirects
3 idsync.rlcdn.com
3 pixel.tapad.com 1 redirects
3 mc.us16.list-manage.com downloads.mailchimp.com
3 cdn.getshogun.com greenearthmedicinals.com
3 greenearthmedicinals.com 1 redirects greenearthmedicinals.com
2 dpm.demdex.net 1 redirects
2 sync.crwdcntrl.net 1 redirects
2 ad.sxp.smartclip.net 1 redirects
2 ih.adscale.de 1 redirects
2 x.bidswitch.net 2 redirects
2 ups.analytics.yahoo.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 ad.360yield.com 1 redirects
2 sync.mathtag.com 1 redirects
2 pixel.rubiconproject.com
2 ce.lijit.com
2 stags.bluekai.com
2 fei.pro-market.net 2 redirects
2 d.agkn.com 2 redirects
2 aa.agkn.com 2 redirects
2 stats.g.doubleclick.net cdn11.bigcommerce.com
2 i.shgcdn.com cdn.getshogun.com
greenearthmedicinals.com
2 secure-ds.serving-sys.com greenearthmedicinals.com
cdn11.bigcommerce.com
2 use.fontawesome.com greenearthmedicinals.com
use.fontawesome.com
2 analytics.getshogun.com analytics.getshogun.com
1 mcusercontent.com
1 id5-sync.com
1 i6.liadm.com
1 i.liadm.com 1 redirects
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 su.addthis.com
1 mwzeom.zeotap.com
1 rtb-csync.smartadserver.com
1 ads.stickyadstv.com
1 sync.go.sonobi.com
1 cm.adform.net
1 eu-u.openx.net
1 image2.pubmatic.com
1 us-u.openx.net
1 www.google.de
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 bcp.crwdcntrl.net
1 sync.bfmio.com
1 sync.intentiq.com
1 simplifi.partners.tremorhub.com
1 eb2.3lift.com
1 i.simpli.fi tag.simpli.fi
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 p1.zemanta.com greenearthmedicinals.com
1 tag.simpli.fi secure-ds.serving-sys.com
1 b-code.liadm.com secure-ds.serving-sys.com
1 action.media6degrees.com greenearthmedicinals.com
1 action.dstillery.com 1 redirects
1 bs.serving-sys.com secure-ds.serving-sys.com
1 s3.amazonaws.com greenearthmedicinals.com
1 ajax.googleapis.com greenearthmedicinals.com
1 code.jquery.com greenearthmedicinals.com
1 store-52n5lzto02.mybigcommerce.com greenearthmedicinals.com
1 lib.getshogun.com greenearthmedicinals.com
1 widget.sezzle.com greenearthmedicinals.com
1 www.googletagmanager.com greenearthmedicinals.com
1 fonts.googleapis.com
1 api.goaffpro.com
1 chimpstatic.com
0 se.semasio.net Failed
132 80

This site contains links to these domains. Also see Links.

Domain
www.plthealth.com
www.youtube.com
brandmagicmarketing.com
Subject Issuer Validity Valid
greenearthmedicinals.com
Encryption Everywhere DV TLS CA - G1		 2022-11-26 -
2023-11-25		 a year crt.sh
*.getshogun.com
R3		 2023-01-28 -
2023-04-28		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-15 -
2023-11-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.bigcommerce.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-23 -
2024-03-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
widget.sezzle.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-07-06		 4 months crt.sh
*.mybigcommerce.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-22 -
2023-09-22		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
downloads.mailchimp.com
Amazon RSA 2048 M02		 2023-02-23 -
2023-08-03		 5 months crt.sh
bes.gcp.data.bigcommerce.com
GTS CA 1D4		 2023-02-03 -
2023-05-04		 3 months crt.sh
secure-ds.serving-sys.com
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
i.shgcdn.com
R3		 2023-01-28 -
2023-04-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
app.pixelpop.co
R3		 2023-01-09 -
2023-04-09		 3 months crt.sh
wildcardsan.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-06-29		 a year crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2023-02-14 -
2023-05-09		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-30		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2022-05-02 -
2023-05-09		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
mcusercontent.com
GTS CA 1D4		 2023-02-09 -
2023-05-10		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://greenearthmedicinals.com/
Frame ID: 3CA396A1C267C9AEB53206D683F74D8A
Requests: 59 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
Frame ID: F31213CDC311F3842F8FBE530BD0076C
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
Frame ID: 24A2BC63B51C33ECE7EF6AE1FD77F5CA
Requests: 3 HTTP requests in this frame

Frame: https://action.media6degrees.com/orbserv/nsjs?adv=cl162328429001212&ns=6130&nc=Green_Earth_Medicinals_Site_Visitor&ncv=33&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Frame ID: C2CF32FE857BC801676B6DD223C98386
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/event/js?mt_id=1539462&mt_adid=244980&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Frame ID: 8FC885E745C38BFDADFA3BCA3475F6F8
Requests: 2 HTTP requests in this frame

Frame: https://b-code.liadm.com/a-04rr.min.js
Frame ID: 1E3B0919ACBA39A95E7BA00F25F5ED55
Requests: 2 HTTP requests in this frame

Frame: https://tag.simpli.fi/sifitag/a138c0e0-9a26-0138-7803-06b4c2516bae
Frame ID: D336FBF53D0C36B9949C913C359531F1
Requests: 23 HTTP requests in this frame

Frame: https://p1.zemanta.com/p/9335/9188/
Frame ID: 3587B5E2BC8A6729A4B9F4B530117BA6
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=668d6405-4942-4b00-89e9-0cf233f929dd&no_iframe=1&mt_adid=244980&source=mathtag
Frame ID: A465446CF1F72A9B4C123824D60CF2EB
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Green Earth Med - Sale

Page URL History Show full URLs

  1. http://greenearthmedicinals.com/ HTTP 301
    https://greenearthmedicinals.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link href=[^>]+cdn\d+\.bigcommerce\.com/
  • cdn\d+\.bigcommerce\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

132
Requests

73 %
HTTPS

30 %
IPv6

62
Domains

80
Subdomains

64
IPs

7
Countries

1514 kB
Transfer

3504 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://greenearthmedicinals.com/ HTTP 301
    https://greenearthmedicinals.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://action.dstillery.com/orbserv/nsjs?adv=cl162328429001212&ns=6130&nc=Green_Earth_Medicinals_Site_Visitor&ncv=33&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl162328429001212&ns=6130&nc=Green_Earth_Medicinals_Site_Visitor&ncv=33&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Request Chain 73
  • https://rp.liadm.com/j?dtstmp=1678068033271&aid=a-04rr&se=e30&duid=42400b75feed--01gttac9kv0mtp4psw8febk89b&tna=v2.6.0&pu=https%3A%2F%2Fgreenearthmedicinals.com%2F&ext_ajs_user_id=null&wpn=lc-bundle HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1678068033271&aid=a-04rr&se=e30&duid=42400b75feed--01gttac9kv0mtp4psw8febk89b&tna=v2.6.0&pu=https%3A%2F%2Fgreenearthmedicinals.com%2F&ext_ajs_user_id=null&wpn=lc-bundle&i6=MmEwMTo0YTA6MTMzODo5Mjo6OQ%3D%3D&n3pc=true
Request Chain 77
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=882890158E674C82A2E651F7FC8AC5C3&dongle=yf3
Request Chain 78
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=882890158E674C82A2E651F7FC8AC5C3
Request Chain 79
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=882890158E674C82A2E651F7FC8AC5C3 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=882890158E674C82A2E651F7FC8AC5C3
Request Chain 80
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=882890158E674C82A2E651F7FC8AC5C3 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1678068034404&ip=80.255.7.107&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219573204447000089606 HTTP 302
  • https://um.simpli.fi/aa_px?sk=219573204447000089606 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 81
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=882890158E674C82A2E651F7FC8AC5C3
Request Chain 84
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=882890158E674C82A2E651F7FC8AC5C3;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=882890158E674C82A2E651F7FC8AC5C3;mimetype=img;sr HTTP 302
  • https://idsync.rlcdn.com/400646.gif?partner_uid=-5430760717542210535
Request Chain 85
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=882890158E674C82A2E651F7FC8AC5C3&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=882890158E674C82A2E651F7FC8AC5C3&j=0&xl8blockcheck=1
Request Chain 87
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=882890158E674C82A2E651F7FC8AC5C3
Request Chain 88
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=882890158E674C82A2E651F7FC8AC5C3
Request Chain 89
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=882890158E674C82A2E651F7FC8AC5C3
Request Chain 90
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=882890158E674C82A2E651F7FC8AC5C3
Request Chain 91
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=882890158E674C82A2E651F7FC8AC5C3
Request Chain 92
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1678068033772&cv=7&fst=1678068033772&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1035881767&cv=7&fst=1678068033772&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QkkFZIeeC_Hox_APvoGV2As&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1035881767&cv=7&fst=1678068033772&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QkkFZIeeC_Hox_APvoGV2As&cid=CAQSKQDUE5ymMAqu4GJXLDZeQAY8CbR_t0SphQNzBNQT76u6gtfVOjHbW-j4&random=2509033709 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1035881767&cv=7&fst=1678068033772&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QkkFZIeeC_Hox_APvoGV2As&cid=CAQSKQDUE5ymMAqu4GJXLDZeQAY8CbR_t0SphQNzBNQT76u6gtfVOjHbW-j4&random=2509033709&ipr=y&prhg=0
Request Chain 93
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=882890158E674C82A2E651F7FC8AC5C3 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=882890158E674C82A2E651F7FC8AC5C3&__user_check__=1&sync_id=ae854b21-bbc2-11ed-b35d-1a7cb9e30506
Request Chain 94
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=882890158E674C82A2E651F7FC8AC5C3 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D882890158E674C82A2E651F7FC8AC5C3
Request Chain 95
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=882890158E674C82A2E651F7FC8AC5C3&expires=365
Request Chain 96
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=882890158E674C82A2E651F7FC8AC5C3
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEEG-nt2gTTKoVcxsKLAK7kw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=882890158E674C82A2E651F7FC8AC5C3 HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=Zo1kBUlCSwCJ6QzyM_kp3Q HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJNvexo9sATiNWB60T2mvZM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Zo1kBUlCSwCJ6QzyM_kp3Q
Request Chain 100
  • https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=1789764931393696120
Request Chain 103
  • https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd
Request Chain 104
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd&C=1
Request Chain 105
  • https://ups.analytics.yahoo.com/ups/55938/sync?uid=668d6405-4942-4b00-89e9-0cf233f929dd&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55938/sync?uid=668d6405-4942-4b00-89e9-0cf233f929dd&_origin=1&verify=true
Request Chain 107
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=668d6405-4942-4b00-89e9-0cf233f929dd&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=668d6405-4942-4b00-89e9-0cf233f929dd&expires=30 HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=bad8c8ff-8f24-4d3a-b4d3-9b54bfe687d3&adform_v=1
Request Chain 110
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm HTTP 302
  • https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEFA0YnMXBsNCKaGhWXNWW0A&google_cver=1
Request Chain 116
  • https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=668d6405-4942-4b00-89e9-0cf233f929dd&sInitiator=external HTTP 302
  • https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=668d6405-4942-4b00-89e9-0cf233f929dd&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/14876172?sExtCookieId=668d6405-4942-4b00-89e9-0cf233f929dd&sInitiator=external&gdpr= HTTP 302
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr= HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=1008&gdpr= HTTP 302
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3949113043085031765&sInitiator=internal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=3949113043085031765&gdpr=&sInitiator=internal HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=1789764931393696120&sInitiator=internal&gdpr=
Request Chain 121
  • https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=668d6405-4942-4b00-89e9-0cf233f929dd HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=668d6405-4942-4b00-89e9-0cf233f929dd&nut&uu=7da7c155a1844c5297f7e4763b0948ef
Request Chain 122
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=668d6405-4942-4b00-89e9-0cf233f929dd HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=668d6405-4942-4b00-89e9-0cf233f929dd&ang_testid=1
Request Chain 124
  • https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath
Request Chain 125
  • https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=668d6405-4942-4b00-89e9-0cf233f929dd HTTP 303
  • https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=668d6405-4942-4b00-89e9-0cf233f929dd
Request Chain 126
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=668d6405-4942-4b00-89e9-0cf233f929dd HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=668d6405-4942-4b00-89e9-0cf233f929dd&ct=y
Request Chain 127
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=668d6405-4942-4b00-89e9-0cf233f929dd HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=668d6405-4942-4b00-89e9-0cf233f929dd
Request Chain 128
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132948&mt=668d6405-4942-4b00-89e9-0cf233f929dd HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1678068036453&ip=80.255.7.107&l1=https%3A%2F%2Fpixel.mathtag.com%2Fsync%2Fimg%2F%3Fmt_exid%3D10009%26mt_exuid%3D219573204447000089606 HTTP 302
  • https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=219573204447000089606

132 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
greenearthmedicinals.com/
Redirect Chain
  • http://greenearthmedicinals.com/
  • https://greenearthmedicinals.com/
155 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.200.160.248 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec8a00815b83465a93afd7fa10e11b489d8db485fb3ea2cd86c3038cf9975a6
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bc-ray
1
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a37015eaeeb163f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 02:00:29 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://analytics.getshogun.com/collector.js>; rel=preload; as=script, <https://chimpstatic.com/mcjs-connected/js/users/445460bb6dcefaf09207a94bb/f3af3dd1cda6e8fb6aab0f6dd.js>; rel=preload; as=script, <https://api.goaffpro.com/loader.js?shop=52n5lzto02>; rel=preload; as=script <https://cdn11.bigcommerce.com/s-52n5lzto02>; rel=preconnect; as=font; crossorigin=anonymous, <https://fonts.googleapis.com/>; rel=preconnect; as=font; crossorigin=anonymous, <https://fonts.gstatic.com/>; rel=preconnect; as=font; crossorigin=anonymous, <https://fonts.googleapis.com/css?family=Poppins:400,700&display=swap>; rel=preload; as=style, <https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/theme-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css>; rel=preload; as=style, <https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/vault-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css>; rel=preload; as=style, <https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/custom-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css>; rel=preload; as=style
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkgEQVn72A3n0WznSyzb4kReJt93vUOXIHTp4ARzwv3dEomS1jmgRrUrc6Wl3MQZ%2FXZ7VkX8%2BMRbffhvaQ1GzEx0aZhKIg%2FPeap3RvijVz%2B0chEQdymVmNbcCWb0gRv7p%2B5r6nfIeRJyJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny
x-permitted-cross-domain-policies
none
x-request-id
dbd9d96bd7e79a3387b6a5bcb636f374

Redirect headers

BC-Ray
1
CF-Cache-Status
DYNAMIC
CF-RAY
7a37015c8bdd2ba0-FRA
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Mar 2023 02:00:29 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9jFtqnPBPecjUix5FemOGo%2BF%2BZUiO%2BA9Ahjn6mEOU8Bx9Mb1xb0bKxAzw4FL0QO40nrESeh9q4Jeqfmm9reTpTKSpvLDfnwwxyLVBM9DQvZgyf5wWjTgRXjHzieMu5IsU0%2BuIkTna%2BR5A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
location
https://greenearthmedicinals.com/
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-request-id
9051bdd8cc16165c4c3e85aba946ea55
collector.js
analytics.getshogun.com/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.getshogun.com/collector.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
676f3bf5e41aabc7485b081a018ec5342dac2d6aafdbeea9c04921098083c4a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:29 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
2743
x-cache
HIT, HIT
content-length
18643
x-served-by
cache-lga21953-LGA, cache-hhn-etou8220065-HHN
last-modified
Fri, 02 Sep 2022 14:52:45 GMT
server
Cowboy
x-timer
S1678068030.915568,VS0,VE0
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1217, 88
f3af3dd1cda6e8fb6aab0f6dd.js
chimpstatic.com/mcjs-connected/js/users/445460bb6dcefaf09207a94bb/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/445460bb6dcefaf09207a94bb/f3af3dd1cda6e8fb6aab0f6dd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.160.100 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-160-100.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
717fed325fecdf50def340e5d0fb2c8a8659166a8ac9404056ad429d78c73a02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
242, 96, 242, 381
Date
Mon, 06 Mar 2023 02:00:29 GMT
Content-Encoding
gzip
x-amz-request-id
YXYXGWG5BVTG8H4Z
X-EdgeConnect-MidMile-RTT
0, 0, 10, 11
Connection
keep-alive
Content-Length
1222
x-amz-id-2
rOM3Gzg6WpwHJskwonf2g1a/iDhLXg/fWHMQ7XW8lbKsUHZVLe1qs59tMNon9fVrG47zv0S2ASg=
Last-Modified
Wed, 07 Apr 2021 18:54:09 GMT
Server
AmazonS3
ETag
"39b55d8d27edb7e64372d5f4e6f9a157"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1745
Accept-Ranges
bytes
Expires
Mon, 06 Mar 2023 02:29:34 GMT
loader.js
api.goaffpro.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.goaffpro.com/loader.js?shop=52n5lzto02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dbbec42909b8362c43bc9e81c1475cdd3a280e7fa2df8c7a5d08d83f4f989e79
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:29 GMT
content-security-policy
default-src 'self' 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubdomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
cf-polished
origSize=12248
x-powered-by
Express
x-cache-status
MISS, MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1;mode=block
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
etag
W/"2fd8-jHx8lzT0dSVcjky9oDyPeezwDZQ"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4s1KPJai1Jb1Qu6KnQyQpbEF87ss%2FAPTFgmYxWzuIORlFvbiIKFxoFknuHnNpOIkTnN%2BwI%2FVyKTZlgIamb6FFlV9MbOPoW5fhW2Oi9LLuDW2xvPD5K9Nw%2F5Is40gIZW1Olh1gW9HIyrG%2BTPnIKd"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7a370162f82430d0-FRA
css
fonts.googleapis.com/ 		2 KB
557 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ecd93802562255dff45c0aa90f8e57693ce3fc103c8e3033a5c1dbe2d1574769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 02:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:01:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 02:00:29 GMT
theme-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/ 		329 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/theme-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcf25d89aca1c61564e5eb9cd5b58f8fa2de9d1b799369f65ec5377ce021d9ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
bc-ray
1
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
1afa5249e4343699e3c61512ea250cb9
last-modified
Tue, 31 Jan 2023 23:23:54 GMT
server
cloudflare
access-control-max-age
604800
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a370162f8659214-FRA
vault-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/ 		108 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/vault-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
742e570f2ed156b1750dd1f9abae5c9e239468e6bd3723aedd1a150c037f97d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
bc-ray
1
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
b32731ccc18774c7116fc3396bfe2fef
last-modified
Tue, 31 Jan 2023 23:23:52 GMT
server
cloudflare
access-control-max-age
604800
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a370162f8669214-FRA
custom-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/ 		0
46 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/custom-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
bc-ray
1
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
9a4a73acac095c1306f3a42b510eca6e
last-modified
Tue, 31 Jan 2023 23:23:52 GMT
server
cloudflare
access-control-max-age
604800
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a370162f8679214-FRA
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-106911449-1
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21250a667424e723560718394e1f0adc0b69a2787419009d7f94639d68322c27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44814
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Mar 2023 02:00:30 GMT
theme-bundle.head_async.js
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/dist/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/dist/theme-bundle.head_async.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f08917a9ed0a8979b59c7f20580f79abfe5c86aa8ae6507dc0fcc6429c88a8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 23:23:54 GMT
bc-ray
1
server
cloudflare
access-control-max-age
604800
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a3701688eec368a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
41b75d856828e3bf848d6c610dcd96db
price-widget
widget.sezzle.com/v1/javascript/ 		50 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.sezzle.com/v1/javascript/price-widget?uuid=7ce0a74f-2789-458c-bf73-1e9f7988435c
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ea00:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1cd23aeb2649d1166c5738555ad8ca8c6a4e108eaf320bd211ba685804228500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-type
text/javascript
content-length
50
x-amz-cf-id
2j90g4y2ElRUqg163pLG9-zdMvguUB14sJCSm_4JCauUnW0xN6sBYw==
gem200w_1599002593__32072.original.png
cdn11.bigcommerce.com/s-52n5lzto02/images/stencil/200x60/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/images/stencil/200x60/gem200w_1599002593__32072.original.png
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7c448404d08a3d3f4cf7d31b2e57ceb37459d57c32b1e5e2b76d565dd36bfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-bc-is-ha
1
cf-cache-status
HIT
x-bc-origin-cache
MISS
bc-ray
1
cf-polished
origFmt=png, origSize=7775
content-disposition
inline; filename="gem200w_1599002593__32072.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5292
x-request-id
c5da947f93f4cbce72be5c9b92637883
cf-bgj
imgq:100,h2pri
last-modified
Thu, 02 Mar 2023 23:31:17 GMT
server
cloudflare
vary
Accept
access-control-max-age
604800
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926, public
accept-ranges
bytes
cf-ray
7a3701688eed368a-FRA
expires
Sat, 02 Mar 2024 05:20:03 GMT
6401376e43fb4500cdeed044.css
cdn.getshogun.com/css-2023-02-28/ 		139 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getshogun.com/css-2023-02-28/6401376e43fb4500cdeed044.css
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:6800:4:56e3:6bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f27cbb938e4953803fa9d0e8687e0cb6cf504e2f16be76fefac138ecc35fb37f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 09:03:31 GMT
content-encoding
gzip
via
1.1 e92dffa8673a73c15c61e7c3abefc47c.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 23:55:32 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
233820
etag
W/"5076ff03b373220c202d2f80a458867e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31536000
x-amz-meta-surrogate-key
page_versions/9ba5e226-86f0-42f7-8801-fcdb2aeea6a3
x-amz-cf-id
6IK4xsDvKgTaql2OdT5CNu_DqfI_FHJ9V90pAkcPM6NOWgPo24b-Wg==
shogun-lazysizes.js
lib.getshogun.com/lazysizes/2.0.0/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.getshogun.com/lazysizes/2.0.0/shogun-lazysizes.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abb95f19dbed073e985d7fa2dc8d66d61d7fd5dc5ac073d25a654661d0ccc709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
1EG6YQ4C7ZJJ2ZMZ
age
2844
x-cache
HIT
content-length
4374
x-amz-id-2
DwfEG9cGWP7fVKpL5bukSi6TdBD6R1hzZnrPi9uO+WUwJf7T4kd8mP2ixEPU1AX8HcIxUzSGIBY=
x-served-by
cache-hhn-etou8220065-HHN
last-modified
Mon, 13 May 2019 05:20:53 GMT
server
AmazonS3
x-timer
S1678068031.819397,VS0,VE0
etag
"6c2dbbc6f49f94c25fab2d187fc4f1ac"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
19
global-assets-6e69e5919aa23276c4cb8bd69a8b303d6bf0f1ec.js
cdn.getshogun.com/js-2023-02-28/ 		196 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getshogun.com/js-2023-02-28/global-assets-6e69e5919aa23276c4cb8bd69a8b303d6bf0f1ec.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:6800:4:56e3:6bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f39e13aa723bb1ab5abfeff013d569f1126297544d7fd5eabf09ea11077e830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:49:31 GMT
content-encoding
gzip
via
1.1 e92dffa8673a73c15c61e7c3abefc47c.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 21:48:48 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
274260
etag
W/"030339929b5e8c59bf24f282f44bb96f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
thlaOzECo0h0qV5yx0dFpZ84hoQNrUJLkb_hybPK0m-iK0yOCPSjUQ==
add_ons_asset_6401376e43fb4500cdeed044.js
cdn.getshogun.com/js-2023-02-28/ 		824 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getshogun.com/js-2023-02-28/add_ons_asset_6401376e43fb4500cdeed044.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:6800:4:56e3:6bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d0f66886b40a055b39471f68999a6e05758c456ee18a5e558b017f079c5a0c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 09:03:31 GMT
via
1.1 e92dffa8673a73c15c61e7c3abefc47c.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 23:55:29 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
233820
etag
"4542b9c707d858c9246fb717dfc54418"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-meta-surrogate-key
page_versions/9ba5e226-86f0-42f7-8801-fcdb2aeea6a3
accept-ranges
bytes
content-length
824
x-amz-cf-id
po66arOq_AK9HrX9KOd35LPG5IgCGy9OaGFVQFrvYWV0PoqZ9K4Wpg==
CardLogos.png
store-52n5lzto02.mybigcommerce.com/content/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-52n5lzto02.mybigcommerce.com/content/img/CardLogos.png
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.200.160.248 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e12d2332bbaaf3f6ec2a9063a859ecae5c98141ddd1ec301191edc309e3098b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
bc-ray
1
content-transfer-encoding
binary
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3709
x-request-id
16b669a10ef3a9837eeabed72a4dd116
last-modified
Tue, 31 Jan 2023 23:21:36 +0000
server
cloudflare
access-control-max-age
604800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0RqDNn2DSC8GzkHrgJdXHvtCJu2DBmSgdaZMXCiSo7LvPlpiC62CJSI95G4V0F%2FwOt8Jvj5x5bznE2MEfQbPXBWYPJCGR15kD%2BbEJCn%2BzrfQ%2B0I2sVnziA8CB74gxzUl9iEpGVIfbuwBpOAxbexInQxIwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7a37016bad3c997b-FRA
expires
Mon, 06 Mar 2023 02:00:41 GMT
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://greenearthmedicinals.com/
Origin
https://greenearthmedicinals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15851"
vary
Accept-Encoding
x-hw
1678068030.dop245.fr8.t,1678068030.cds131.fr8.hn,1678068030.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
all.css
use.fontawesome.com/releases/v5.7.2/css/ 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer
https://greenearthmedicinals.com/
Origin
https://greenearthmedicinals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7HT6V51XT4G09NE4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
iGtpAx9cEr3E3f+0zfN/+U+fCald/dEAEVwi2F63IBzJAWsfBpSa69lAf28ke06WBj03+lW/Utg=
last-modified
Wed, 30 Jun 2021 15:45:57 GMT
server
cloudflare
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ax4%2BTHhSYjc58o587pemQg0LxK23wfTZP%2BduUYz%2B%2FZKhg5%2FRcwkZ1hxcC0A8ZkQsrZHZjx259ISuQx4Tka4tFmmqP4VQJJS29LhSCAWWTBnWjrAv76Xcga%2Bs%2FKbf8eWkOXbNkoGrTmtdKVRr6fYrdZX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7a370169096e9be8-FRA
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 17:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Mar 2024 17:36:46 GMT
theme-bundle.main.js
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/dist/ 		289 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/dist/theme-bundle.main.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a1542b79b2df1485c0acffd6aa583db2c0b98fb865ab95b9074e2957bf7b18
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 23:23:53 GMT
bc-ray
1
server
cloudflare
access-control-max-age
604800
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a3701688ee9368a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
d48143ff1a66603c7fde64e1232a3ffa
datatags-a6c27a4dafebddd5845000c8abc99b2096434171.js
cdn11.bigcommerce.com/shared/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/shared/js/datatags-a6c27a4dafebddd5845000c8abc99b2096434171.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87fbdbeead1eba4637a43885f564c8ea21ec663613d750a9a46eba20c6187175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-bc-is-ha
1
content-encoding
br
cf-cache-status
HIT
bc-ray
1
age
418281
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
9633ce5536da9d4310e666bb16d0a3fe
last-modified
Thu, 13 May 2021 03:48:09 GMT
server
cloudflare
etag
W/"609ca179-f55"
access-control-max-age
604800
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7a3701688eee368a-FRA
expires
Thu, 02 Mar 2023 00:30:16 GMT
csrf-protection-header-b572e5526f6854c73a5e080ef15a771f963740ae.js
cdn11.bigcommerce.com/shared/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-b572e5526f6854c73a5e080ef15a771f963740ae.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf04fbb61967a455efa3fbef1f13541174269b8c7d67e75e047dbd23ad341e2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-bc-is-ha
1
content-encoding
br
cf-cache-status
HIT
bc-ray
1
age
418329
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
1af45eb559e4f3ee80edb2b804792db4
last-modified
Thu, 13 May 2021 03:48:09 GMT
server
cloudflare
etag
W/"609ca179-706"
access-control-max-age
604800
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7a3701688eea368a-FRA
expires
Thu, 02 Mar 2023 00:04:33 GMT
visitor_stencil.js
cdn11.bigcommerce.com/r-3f166b0e7d5d1c2c22c7121a1170c83cf19b7c97/javascript/ 		405 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/r-3f166b0e7d5d1c2c22c7121a1170c83cf19b7c97/javascript/visitor_stencil.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039bd6e8e3957d061a22d2987a26998574744e243834dc71affe60922455fa21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-bc-is-ha
1
content-encoding
br
cf-cache-status
HIT
bc-ray
1
age
350547
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
8f6989ed51ec5ff39bdb0d0e658bc306
last-modified
Wed, 01 Mar 2023 23:46:23 GMT
server
cloudflare
etag
W/"63ffe3cf-195"
access-control-max-age
604800
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7a3701688eeb368a-FRA
expires
Thu, 09 Mar 2023 00:35:24 GMT
pixelpop.js
s3.amazonaws.com/pixelpop/usercontent/scripts/f8b55b41-290e-41ff-a570-dd32b8187448/ 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/pixelpop/usercontent/scripts/f8b55b41-290e-41ff-a570-dd32b8187448/pixelpop.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.53.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
26b7747827148cedbb295d069e04517d8f5ed11ba9a482e43ec1a3cd950e9d68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:32 GMT
Content-Encoding
gzip
x-amz-version-id
YjzrF.Dh5F.NcTKGXSjzhL0GRqWlPRvh
Last-Modified
Mon, 30 Jan 2023 19:53:48 GMT
Server
AmazonS3
x-amz-request-id
7HT7ZSMCKRR7AX4S
ETag
"af91eaabdcfc209fde4742822d7e9747"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Cache-Control
max-age=5
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
20875
x-amz-id-2
dH9KWfFamoHlbgFby3hwVUKOXsGF2AZvxOLl2mrc5IP8+g2wsxULzMqqQXQNL5KQL+XFew8iGoc=
embed.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 		217 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-60.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b6b9460628f90ea3198218e3960a034c3078088dd324864708c48c5810e1b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 05 Mar 2023 08:04:44 GMT
Content-Encoding
br
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Last-Modified
Fri, 20 Jan 2023 18:27:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
64548
x-amz-server-side-encryption
AES256
ETag
W/"3281ba63652083b7a938a78b62fe19d4"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
BLw3wkGq1J44q6zaNQ61xCwqXjS_Pk5jcbJx4c1gDrQ1-UyOF1YF9A==
analytics-c7af4d4e323cc1137c45f692e81cae05fd2a3986.js
cdn11.bigcommerce.com/shared/js/storefront/ 		135 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/shared/js/storefront/analytics-c7af4d4e323cc1137c45f692e81cae05fd2a3986.js
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e61410caf6b3210f6ed810a95823222f8a0de62e1ee655da212a5119792bf8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-bc-is-ha
1
content-encoding
br
cf-cache-status
HIT
bc-ray
1
age
418308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
a70ad69dff4256b8d5815b50de3c0919
last-modified
Thu, 13 May 2021 03:48:09 GMT
server
cloudflare
etag
W/"609ca179-21aa3"
access-control-max-age
604800
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7a3701688eef368a-FRA
expires
Thu, 02 Mar 2023 00:30:17 GMT
nobot
bes.gcp.data.bigcommerce.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bes.gcp.data.bigcommerce.com/nobot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.131.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.131.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://greenearthmedicinals.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://greenearthmedicinals.com
allow
OPTIONS, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 06 Mar 2023 02:00:30 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
4198f9c48babcc11a3ced000158da5ed
nobot
bes.gcp.data.bigcommerce.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bes.gcp.data.bigcommerce.com/nobot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.131.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.131.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://greenearthmedicinals.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://greenearthmedicinals.com
allow
OPTIONS, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 06 Mar 2023 02:00:30 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
c9d1a02a8e4caba29dd23b15d623783b
nobot
bes.gcp.data.bigcommerce.com/ 		7 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bes.gcp.data.bigcommerce.com/nobot
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.131.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.131.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

Referer
https://greenearthmedicinals.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
via
1.1 google
server
Google Frontend
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://greenearthmedicinals.com
x-cloud-trace-context
163df51932cf6c99c3a6df6011c9e9ab
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
nobot
bes.gcp.data.bigcommerce.com/ 		7 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bes.gcp.data.bigcommerce.com/nobot
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.131.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.131.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

Referer
https://greenearthmedicinals.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
via
1.1 google
server
Google Frontend
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://greenearthmedicinals.com
x-cloud-trace-context
f7a1ccecac98e4c5f3431fcb40e0efa0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		75 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744840
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.146 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e7473c9f2a9669a45104b31ad19fc9c8570a8c0b710112402275fd686fda81c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:31 GMT
last-modified
Sun, 18 Dec 2022 11:30:40 GMT
server
AmazonS3
x-amz-request-id
8D3CH7SDW7180ESV
x-amz-cf-pop
EWR52-C1
etag
"f1a4e674158b6b0ef75f5ba312c64b88"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
76452
x-amz-id-2
IJNHFrG7Pn0xxTOOMJNT6is3Dbj5p8whPYdJhdkTD7QwovQrVhsi83ntwJjvms14VDl5sk4uEPE=
x-amz-cf-id
lrEJvxTqCmI0PX0HPxWWBKg7wk01Cj-cb_aQOjfMXrMgmWIY5KL9ug==
hex-long2.jpg
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/img/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/img/hex-long2.jpg
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/theme-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b526a3738ea42d7245d515355a956a2cba08e97a6e8cc2b70e7e23a14ef927
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/theme-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
bc-ray
1
cf-polished
origFmt=jpeg, origSize=223424
content-disposition
inline; filename="hex-long2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
d56c8a7651e6480a646eef642ad4087f
cf-bgj
imgq:100,h2pri
last-modified
Thu, 02 Mar 2023 23:31:17 GMT
server
cloudflare
vary
Accept
access-control-max-age
604800
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a3701688ef0368a-FRA
Frutiger.ttf
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/fonts/Frutiger.ttf?
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0aa769f0a7ef71179244bc8e5d2c21032625acab31da8956768bb59750b753
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenearthmedicinals.com/
Origin
https://greenearthmedicinals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 23:23:54 GMT
bc-ray
1
server
cloudflare
access-control-max-age
86400
vary
Accept-Encoding
content-type
application/x-font-truetype
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a370168dd1f3644-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
f7230766e62b8d27d6c1c269a7ac2da7
/
i.shgcdn.com/7ee87955-e25e-4527-a4eb-2718c4a9f52e/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.shgcdn.com/7ee87955-e25e-4527-a4eb-2718c4a9f52e/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by
Host: cdn.getshogun.com
URL: https://cdn.getshogun.com/css-2023-02-28/6401376e43fb4500cdeed044.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f11 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
64139b0c55d09fae6099df89cff1f6bfa39fb942570ee0753e143878538c893d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.getshogun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:31 GMT
x-image-width
1920
server
Uploadcare
etag
"3524c14d1e77ec70f80e5e0433168a79"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556722
content-disposition
inline
x-image-height
1080
content-length
57728
Frutiger_bold.ttf
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/fonts/Frutiger_bold.ttf?
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c4cd21474bfbea2d0dda48bfff202243d17ad7b493ecc42b97ca09b32fc1553
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenearthmedicinals.com/
Origin
https://greenearthmedicinals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 23:23:54 GMT
bc-ray
1
server
cloudflare
access-control-max-age
86400
vary
Accept-Encoding
content-type
application/x-font-truetype
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a370168dd1d3644-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
5d473a4b484671961435a5d48111cc2c
Drugs.ttf
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/fonts/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/fonts/Drugs.ttf?
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2b7ad480a5e05e2ee737ac2aac2cfafb255062198b0d5691cee587d9750c63
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenearthmedicinals.com/
Origin
https://greenearthmedicinals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 23:23:55 GMT
bc-ray
1
server
cloudflare
access-control-max-age
86400
vary
Accept-Encoding
content-type
application/x-font-truetype
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a370168dd1c3644-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
63ddca0251edc2e2059ffbed350c36c6
hex-header-bg3.jpg
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/img/ 		211 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/img/hex-header-bg3.jpg
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/theme-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0bf3a4dee07a40558569c9c2a1475b10aa29f6922e37c03f3a1581707c9464
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/css/theme-9cf2a6c0-e39e-013a-36e0-7a2c0a779362.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
bc-ray
1
cf-polished
origFmt=jpeg, origSize=300405
content-disposition
inline; filename="hex-header-bg3.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
3606f0c9476060c96ac4e3e702766ee5
cf-bgj
imgq:100,h2pri
last-modified
Tue, 14 Feb 2023 21:11:45 GMT
server
cloudflare
vary
Accept
access-control-max-age
604800
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a370168ef1d368a-FRA
truncated
/ 		275 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c636c2dc74db09b0b5ee69ed0be8747328ff6f8a05c97bf42cf846cb43bb289

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
Frutiger_light.ttf
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/fonts/ 		67 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/fonts/Frutiger_light.ttf?
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98aa6c6fd3c6b16d415b8658eb172a3c055173613c236a9b0ab975d236fc0c56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenearthmedicinals.com/
Origin
https://greenearthmedicinals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 23:23:55 GMT
bc-ray
1
server
cloudflare
access-control-max-age
86400
vary
Accept-Encoding
content-type
application/x-font-truetype
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a370168ed2a3644-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
60bd86ca095ea1526ce5e77264fc4ba4
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/storefront/analytics-c7af4d4e323cc1137c45f692e81cae05fd2a3986.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 00:14:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6341
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 06 Mar 2023 02:14:50 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin
https://greenearthmedicinals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7HTC2J1SECT3939A
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74348
x-amz-id-2
mioFptbeA0HUeD4w33/4jcqaHXKt8tFSX+lMuQAMcsqQFpIAUdOWxSgw48hHJM+DMvgS5FggReQ=
last-modified
Wed, 30 Jun 2021 15:46:18 GMT
server
cloudflare
etag
"462806316fea535a6a57651bc2b000b0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xfc65SUmvEbXHVLjS2WdqflNXJiS2SWkC2e8xibiLRdm%2BwdA0MAkyuSMIm8c6cxc5PR8vW7zkX%2BobEGs69PGFnx%2FM6g0iKqF7vCCt%2FxxYmmuxEWI%2FqHkFKR1bJEDhVyNLTPuDq7KdqC%2FQftfZFoBAuXY"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7a37016bbaba9be8-FRA
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 01:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 06 Mar 2023 02:25:06 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 01:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 06 Mar 2023 02:46:43 GMT
collect
www.google-analytics.com/j/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1856520552&t=pageview&_s=1&dl=https%3A%2F%2Fgreenearthmedicinals.com%2F&ul=en-us&de=UTF-8&dt=Green%20Earth%20Med%20-%20Sale&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIrAAAAACAAIAB~&jid=1294978324&gjid=1334040535&cid=2110161163.1678068031&tid=UA-106911449-1&_gid=654666101.1678068031&_r=1&gtm=457e3310&z=1738437462
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-b572e5526f6854c73a5e080ef15a771f963740ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenearthmedicinals.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://greenearthmedicinals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1856520552&t=pageview&_s=1&dl=https%3A%2F%2Fgreenearthmedicinals.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Green%20Earth%20Med%20-%20Sale&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIrAAAAACgCIAB~&jid=1530956553&gjid=2081813044&cid=2110161163.1678068031&tid=UA-106911449-1&_gid=654666101.1678068031&_r=1&_slc=1&z=2136713284
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-b572e5526f6854c73a5e080ef15a771f963740ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenearthmedicinals.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://greenearthmedicinals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-106911449-1&cid=2110161163.1678068031&jid=1294978324&gjid=1334040535&_gid=654666101.1678068031&_u=aGDAAUIqAAAAACAAIAB~&z=1659581888
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-b572e5526f6854c73a5e080ef15a771f963740ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://greenearthmedicinals.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 06 Mar 2023 02:00:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://greenearthmedicinals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-106911449-1&cid=2110161163.1678068031&jid=1530956553&gjid=2081813044&_gid=654666101.1678068031&_u=aGDAAUIrAAAAACgCIAB~&z=1437224421
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-b572e5526f6854c73a5e080ef15a771f963740ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://greenearthmedicinals.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 06 Mar 2023 02:00:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://greenearthmedicinals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1073744840
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		302 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/1073744840
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-b572e5526f6854c73a5e080ef15a771f963740ae.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.146 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f5338bda66d91c36614b7e6c2224f554ccd357505e9b84a60cbe3ce7ca6fec7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
OZ9ZHplYoCEWoHjtp1gbQF9qU5sc2Kpx
content-encoding
gzip
date
Mon, 06 Mar 2023 02:00:32 GMT
last-modified
Thu, 10 Jun 2021 00:20:30 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
"c5e9d6e217ee2a92b8623bd038df3ed3"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=365
x-amz-replication-status
COMPLETED
accept-ranges
bytes
x-amz-cf-id
Qd7t9taNVQ0eG2rMEds9npCN7YrY7UOMs4wmuIwcnnlqJHU6tZC7sg==
content-length
225
instances
app.pixelpop.co/api/client/ 		84 B
601 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.pixelpop.co/api/client/instances
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-b572e5526f6854c73a5e080ef15a771f963740ae.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-242-170.compute-1.amazonaws.com
Software
Apache /
Resource Hash
132e009282a8284e09e319ccf258db5a99946932de0ce1ad444f7bf7b3ac47b1

Request headers

Referer
https://greenearthmedicinals.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 06 Mar 2023 02:00:32 GMT
Via
1.1 vegur
Server
Apache
Etag
"ae0debdca95673d046ca77e64d46d26e7c33afe8"
Vary
Origin
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
instances
app.pixelpop.co/api/client/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.pixelpop.co/api/client/instances
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-242-170.compute-1.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://greenearthmedicinals.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Mon, 06 Mar 2023 02:00:32 GMT
Server
Apache
Via
1.1 vegur
instances
app.pixelpop.co/api/client/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.pixelpop.co/api/client/instances
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-242-170.compute-1.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://greenearthmedicinals.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Mon, 06 Mar 2023 02:00:32 GMT
Server
Apache
Via
1.1 vegur
form-settings
mc.us16.list-manage.com/subscribe/ 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.us16.list-manage.com/subscribe/form-settings?u=445460bb6dcefaf09207a94bb&id=070e1e93a0&u=445460bb6dcefaf09207a94bb&id=070e1e93a0&c=dojo_request_script_callbacks.dojo_request_script0
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.147.196 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-147-196.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
54dd87c55f5aea86f1fb107591111852cae0e98cf9e4fbe58fe8c630b5eb5d1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ua-compatible
IE=edge,chrome=1
x-edgeconnect-origin-mex-latency
475, 475
date
Mon, 06 Mar 2023 02:00:32 GMT
content-encoding
gzip
referrer-policy
same-origin
server
openresty
x-edgeconnect-midmile-rtt
0, 10
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=300
content-length
6178
expires
Mon, 06 Mar 2023 02:05:32 GMT
instances
app.pixelpop.co/api/client/ 		84 B
601 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.pixelpop.co/api/client/instances
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-b572e5526f6854c73a5e080ef15a771f963740ae.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-242-170.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c884edb70fc56e7fcb2f061ba3c1d7e667e1057cd28acedf88ad18914d54fd2f

Request headers

Referer
https://greenearthmedicinals.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 06 Mar 2023 02:00:32 GMT
Via
1.1 vegur
Server
Apache
Etag
"a3b8e19170eebf4b7decd31ac4c5651a8d36ac35"
Vary
Origin
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
form-settings
mc.us16.list-manage.com/subscribe/ 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.us16.list-manage.com/subscribe/form-settings?u=445460bb6dcefaf09207a94bb&id=070e1e93a0&u=445460bb6dcefaf09207a94bb&id=070e1e93a0&c=dojo_request_script_callbacks.dojo_request_script1
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.147.196 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-147-196.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
367c31a3a46b43a4dd5b2239fdf21bff1792dbe4cb8dad279ac47837e3578aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ua-compatible
IE=edge,chrome=1
x-edgeconnect-origin-mex-latency
150
date
Mon, 06 Mar 2023 02:00:32 GMT
content-encoding
gzip
referrer-policy
same-origin
server
openresty
x-edgeconnect-midmile-rtt
10
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=292
content-length
6178
expires
Mon, 06 Mar 2023 02:05:24 GMT
index.php
greenearthmedicinals.com/ 		85 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenearthmedicinals.com/index.php?action=track_visitor&1678068031594
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.200.160.248 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:31 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
bc-ray
1
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGij9JFhGUb31yE8knB1htW7BSrGFBEB%2Fr%2FSGymYbaTYQZ8Q%2BTAk2M0Y0hPGsdC3h8flp24q4RkuZSJT2%2BrIuHLN78VUziSeghDulmyfU3CDB8VQDprnyVxfvFvGxtDg5WFhn3md557ICg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
7a37016d9a9f163f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
20f8c2455b1a3ea8264aa5eeda800ee3
pageview
analytics.getshogun.com/ 		2 B
180 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.getshogun.com/pageview
Requested by
Host: analytics.getshogun.com
URL: https://analytics.getshogun.com/collector.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://greenearthmedicinals.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220065-HHN
date
Mon, 06 Mar 2023 02:00:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1678068032.628231,VS0,VE0
x-cache
MISS
content-type
application/json
access-control-allow-origin
https://greenearthmedicinals.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
retry-after
0
x-cache-hits
0
form-settings
mc.us16.list-manage.com/subscribe/ 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.us16.list-manage.com/subscribe/form-settings?u=445460bb6dcefaf09207a94bb&id=070e1e93a0&u=445460bb6dcefaf09207a94bb&id=070e1e93a0&c=dojo_request_script_callbacks.dojo_request_script2
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.147.196 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-147-196.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
b4f114478cd8e6b2c0d5149374a3144891e372bd19cc11f36b54ff9ee11ee51e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ua-compatible
IE=edge,chrome=1
x-edgeconnect-origin-mex-latency
485
date
Mon, 06 Mar 2023 02:00:32 GMT
content-encoding
gzip
referrer-policy
same-origin
server
openresty
x-edgeconnect-midmile-rtt
10
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=300
content-length
6178
expires
Mon, 06 Mar 2023 02:05:32 GMT
icon-sprite.svg
cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/img/ 		104 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn11.bigcommerce.com/s-52n5lzto02/stencil/46c2bd10-f53b-0138-51fa-0242ac110007/e/c92f9e30-83de-013b-dd3b-326906b9149d/img/icon-sprite.svg
Requested by
Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-b572e5526f6854c73a5e080ef15a771f963740ae.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e23b8a07f8ca75528d2d0ced949ec8fea7ed045350cbcd3465bd73755355b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 24 Feb 2023 12:22:51 GMT
bc-ray
1
server
cloudflare
access-control-max-age
86400
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a37016ddfca3644-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
3d95f2f1e29297b5a6f1982abcf40a35
/
i.shgcdn.com/10f76eb2-e321-403c-99d7-4393fc9bdbad/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.shgcdn.com/10f76eb2-e321-403c-99d7-4393fc9bdbad/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f11 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
db3d76607629aa2b5e44c2c52384d9a30722377a83647dd066aea10f16d9efe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:31 GMT
x-image-width
600
server
Uploadcare
etag
"e2a39e088710961dc9836b45df70c69c"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31258008
content-disposition
inline
x-image-height
847
content-length
16560
Serving
bs.serving-sys.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073744840&dispType=js&sync=0&sessionid=4005778543343027156&pageurl=$$https%3A%2F%2Fgreenearthmedicinals.com%2F$$&activityValues=$$Session%3D8715632812355086270$$&ns=0&rnd=12015843718775798&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.10.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-10-205.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7f91f461dec1d97c65e56aa476614ea4658a5148093a868fc6cfd652aedecf86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:32 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
825
expires
Sun, 05-Jun-2005 22:00:00 GMT
popup.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-60.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0755de9edee41abdef304a877ee3174f92c3429feaf7c06437822970addbb4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 05 Mar 2023 03:55:00 GMT
Content-Encoding
br
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
79535
ETag
W/"d3149280c831cbf6538770c71a916f43"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
5jzYHOXI1Ap8P21ryVYfOgBC2zXuh3w6IMfN3K4qCKDRQMbR9yMaog==
common.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame F312 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-60.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 05 Mar 2023 10:47:15 GMT
Content-Encoding
gzip
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
63385
ETag
W/"82e72d627b04e1654282023cca1d1e69"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
zAD2i5R6BtAy0tnD-Kdz_H6wqoqAhsRpDlcDQXKlLL6eADEI-dLg6A==
banner.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame F312 		1005 B
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-60.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 05 Mar 2023 03:03:43 GMT
Content-Encoding
gzip
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
82610
ETag
W/"78d1bdd981816cfbeb6954a85f9efa58"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
mVaPPHSID-QHF72zF_gaMYIk3W_Prl37Hz4tCVcAS4bNQyeU-64hFg==
common.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame 24A2 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-60.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 05 Mar 2023 10:47:15 GMT
Content-Encoding
gzip
Via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
63385
ETag
W/"82e72d627b04e1654282023cca1d1e69"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
vt088T5L526XsvgaYMbzkDCdTgOTCTL7fhzBLqzfa8JOgs91_UjfWA==
layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame 24A2 		1 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-60.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 05 Mar 2023 08:44:16 GMT
Content-Encoding
gzip
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
62177
ETag
W/"38f50a83c6d5d15facb231447fa1ac56"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
HUPnbB8DvTaqJfFFUBtX6u5yBSVEJI7IizyUmHdCATk4PpSQLZ34Ow==
modal-slidein.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal-slidein.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-60.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
717a079466da86282255203ddb9f6faafb2bf0ca0bb23ecb539463b3f963bde4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 05 Mar 2023 05:59:19 GMT
Content-Encoding
gzip
Via
1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
72090
ETag
W/"d23d4c0fac6d9f158d23552bbd4592f0"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
_kgF9CTuePM1Gk3joQFIBxzRX75sfqUiMDY8fWF5PPPJdLntdkjNtA==
nsjs
action.media6degrees.com/orbserv/ Frame C2CF
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl162328429001212&ns=6130&nc=Green_Earth_Medicinals_Site_Visitor&ncv=33&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl162328429001212&ns=6130&nc=Green_Earth_Medicinals_Site_Visitor&ncv=33&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
5 B
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl162328429001212&ns=6130&nc=Green_Earth_Medicinals_Site_Visitor&ncv=33&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Server
2606:4700::6812:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=ISO-8859-1
content-language
de-DE
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
7a370178bc323687-FRA

Redirect headers

location
https://action.media6degrees.com/orbserv/nsjs?adv=cl162328429001212&ns=6130&nc=Green_Earth_Medicinals_Site_Visitor&ncv=33&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin
*
date
Mon, 06 Mar 2023 02:00:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a3701750a5a3687-FRA
content-type
text/html; charset=iso-8859-1
js
pixel.mathtag.com/event/ Frame 8FC8 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1539462&mt_adid=244980&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744840
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x28 config:1.0.0 /
Resource Hash
5e666bf2c6d7a89c749f748d0cda4f168110b7c1eb8d2954b9f39e5b6188e801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:33 GMT
Server
MT3 569 46451a0 master zrh-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
4531
Expires
Mon, 06 Mar 2023 02:00:32 GMT
a-04rr.min.js
b-code.liadm.com/ Frame 1E3B 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-04rr.min.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
27d760947419007155077e13e797fa1f9a8b198355d0bcc98a91e4f2562a7da4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:33 GMT
content-encoding
gzip
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
nmfhBM9aTbmNMEtADIXmYLE4KDYSZ9ADN4f4y5sz5HaCBOXJuZdkAw==
a138c0e0-9a26-0138-7803-06b4c2516bae
tag.simpli.fi/sifitag/ Frame D336 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/a138c0e0-9a26-0138-7803-06b4c2516bae
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.90.223.176 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.223.90.34.bc.googleusercontent.com
Software
/
Resource Hash
dd238bcc6981097d1045a17cfd19a2417ee0b5fea3ab159b35a4d767855876d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 06 Mar 2023 02:00:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3101
x-request-id
F0mx_C20C40GcmAx08hB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
/
p1.zemanta.com/p/9335/9188/ Frame 3587 		26 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.zemanta.com/p/9335/9188/
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-robots-tag
none
cf-ray
7a370174fe1f3619-FRA
content-length
26
content-type
image/gif
iframe
pixel.mathtag.com/sync/ Frame A465 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=668d6405-4942-4b00-89e9-0cf233f929dd&no_iframe=1&mt_adid=244980&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1539462&mt_adid=244980&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x27 config:1.0.0 /
Resource Hash
cc3581f40fb5f316c1767033ff759995805722cb448c8308d8a7817979137574

Request headers

Referer
https://greenearthmedicinals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2113
Content-Type
text/html
Date
Mon, 06 Mar 2023 02:00:33 GMT
Expires
Mon, 06 Mar 2023 02:00:32 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 569 46451a0 master zrh-pixel-x27 config:1.0.0
Vary
Accept-Encoding
img
pixel.mathtag.com/comp/ Frame 8FC8 		0
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: greenearthmedicinals.com
URL: https://greenearthmedicinals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x7 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:33 GMT
Server
MT3 569 46451a0 master zrh-pixel-x7 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 06 Mar 2023 02:00:32 GMT
j
rp4.liadm.com/ Frame 1E3B
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1678068033271&aid=a-04rr&se=e30&duid=42400b75feed--01gttac9kv0mtp4psw8febk89b&tna=v2.6.0&pu=https%3A%2F%2Fgreenearthmedicinals.com%2F&ext_ajs_user_id=null&wpn=lc-bundle
  • https://rp4.liadm.com/j?dtstmp=1678068033271&aid=a-04rr&se=e30&duid=42400b75feed--01gttac9kv0mtp4psw8febk89b&tna=v2.6.0&pu=https%3A%2F%2Fgreenearthmedicinals.com%2F&ext_ajs_user_id=null&wpn=lc-bund...
13 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1678068033271&aid=a-04rr&se=e30&duid=42400b75feed--01gttac9kv0mtp4psw8febk89b&tna=v2.6.0&pu=https%3A%2F%2Fgreenearthmedicinals.com%2F&ext_ajs_user_id=null&wpn=lc-bundle&i6=MmEwMTo0YTA6MTMzODo5Mjo6OQ%3D%3D&n3pc=true
Protocol
H2
Server
18.207.63.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-63-238.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
x-pixel-event-id
febe3125-5573-42da-826f-ae78716eb805
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
7
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
f7265b75154402ee
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Mon, 06 Mar 2023 02:00:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1678068033271&aid=a-04rr&se=e30&duid=42400b75feed--01gttac9kv0mtp4psw8febk89b&tna=v2.6.0&pu=https%3A%2F%2Fgreenearthmedicinals.com%2F&ext_ajs_user_id=null&wpn=lc-bundle&i6=MmEwMTo0YTA6MTMzODo5Mjo6OQ%3D%3D&n3pc=true
access-control-allow-origin
https://greenearthmedicinals.com
request-time
0
access-control-allow-credentials
true
trace-id
fc3bbc2700cf2820
content-length
0
x-xss-protection
1; mode=block
img
pixel.mathtag.com/misc/ Frame A465 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=0:30&mt_cb=650410&mop_top=
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=668d6405-4942-4b00-89e9-0cf233f929dd&no_iframe=1&mt_adid=244980&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x26 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=668d6405-4942-4b00-89e9-0cf233f929dd&no_iframe=1&mt_adid=244980&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:33 GMT
Server
MT3 569 46451a0 master zrh-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 06 Mar 2023 02:00:32 GMT
img
pixel.mathtag.com/comp/ Frame A465 		0
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=668d6405-4942-4b00-89e9-0cf233f929dd&no_iframe=1&mt_adid=244980&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x3 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=668d6405-4942-4b00-89e9-0cf233f929dd&no_iframe=1&mt_adid=244980&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:33 GMT
Server
MT3 569 46451a0 master zrh-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 06 Mar 2023 02:00:32 GMT
p
i.simpli.fi/ Frame D336 		761 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=274627&cb=sifi_att_1702258262185301._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/a138c0e0-9a26-0138-7803-06b4c2516bae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.90.223.176 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.223.90.34.bc.googleusercontent.com
Software
/
Resource Hash
3b19c4f924306fceeda9be85ef1f49c1b4a5bf639cc205057c024389293bd25e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 06 Mar 2023 02:00:33 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D336
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=882890158E674C82A2E651F7FC8AC5C3&dongle=yf3
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=882890158E674C82A2E651F7FC8AC5C3&dongle=yf3
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=882890158E674C82A2E651F7FC8AC5C3&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 02:00:34 GMT
sync
simplifi.partners.tremorhub.com/ Frame D336
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=882890158E674C82A2E651F7FC8AC5C3
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=882890158E674C82A2E651F7FC8AC5C3
Protocol
H2
Server
2600:1f18:612b:4264:93ee:1683:39f:87a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 06 Mar 2023 02:00:34 GMT
server
Apache-Coyote/1.1
content-type
image/gif

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=882890158E674C82A2E651F7FC8AC5C3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 02:00:34 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame D336
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=882890158E674C82A2E651F7FC8AC5C3
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=882890158E674C82A2E651F7FC8AC5C3
95 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=882890158E674C82A2E651F7FC8AC5C3
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=882890158E674C82A2E651F7FC8AC5C3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/ Frame D336
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=882890158E674C82A2E651F7FC8AC5C3
  • https://d.agkn.com/pixel/10751/?che=1678068034404&ip=80.255.7.107&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219573204447000089606
  • https://um.simpli.fi/aa_px?sk=219573204447000089606
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame D336
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=882890158E674C82A2E651F7FC8AC5C3
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=882890158E674C82A2E651F7FC8AC5C3
Protocol
H2
Server
13.225.78.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-15.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=882890158E674C82A2E651F7FC8AC5C3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 02:00:34 GMT
pubmatic
um.simpli.fi/ Frame D336 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 05 Mar 2023 02:00:34 GMT
freewheel
um.simpli.fi/ Frame D336 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 05 Mar 2023 02:00:34 GMT
400646.gif
idsync.rlcdn.com/ Frame D336
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=882890158E674C82A2E651F7FC8AC5C3;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=882890158E674C82A2E651F7FC8AC5C3;mimetype=img;sr
  • https://idsync.rlcdn.com/400646.gif?partner_uid=-5430760717542210535
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/400646.gif?partner_uid=-5430760717542210535
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:33 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://idsync.rlcdn.com/400646.gif?partner_uid=-5430760717542210535
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/ Frame D336
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=882890158E674C82A2E651F7FC8AC5C3&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=882890158E674C82A2E651F7FC8AC5C3&j=0&xl8blockcheck=1
0
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=882890158E674C82A2E651F7FC8AC5C3&j=0&xl8blockcheck=1
Protocol
H2
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=882890158E674C82A2E651F7FC8AC5C3&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
yahoo
um.simpli.fi/ Frame D336 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 05 Mar 2023 02:00:34 GMT
sync
sync.bfmio.com/ Frame D336
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=882890158E674C82A2E651F7FC8AC5C3
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=882890158E674C82A2E651F7FC8AC5C3
Protocol
HTTP/1.1
Server
34.230.110.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-110-36.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 06 Mar 2023 02:00:34 GMT

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=882890158E674C82A2E651F7FC8AC5C3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 02:00:34 GMT
29931
stags.bluekai.com/site/ Frame D336
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=882890158E674C82A2E651F7FC8AC5C3
62 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=882890158E674C82A2E651F7FC8AC5C3
Protocol
H2
Server
23.203.125.189 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-189.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 06 Mar 2023 02:00:34 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=882890158E674C82A2E651F7FC8AC5C3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 02:00:34 GMT
tpid=882890158E674C82A2E651F7FC8AC5C3
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame D336
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=882890158E674C82A2E651F7FC8AC5C3
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=882890158E674C82A2E651F7FC8AC5C3
Protocol
H2
Server
52.214.84.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-84-249.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.228
content-length
49
expires
0

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=882890158E674C82A2E651F7FC8AC5C3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 02:00:34 GMT
merge
ce.lijit.com/ Frame D336
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=882890158E674C82A2E651F7FC8AC5C3
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=882890158E674C82A2E651F7FC8AC5C3
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 06 Mar 2023 02:00:34 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=882890158E674C82A2E651F7FC8AC5C3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 02:00:34 GMT
419566.gif
idsync.rlcdn.com/ Frame D336
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=882890158E674C82A2E651F7FC8AC5C3
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=882890158E674C82A2E651F7FC8AC5C3
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://idsync.rlcdn.com/419566.gif?partner_uid=882890158E674C82A2E651F7FC8AC5C3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 02:00:34 GMT
/
www.google.de/pagead/1p-conversion/1026675585/ Frame D336
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1678068033772&cv=7&fst=1678068033772&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1035881767&cv=7&fst=1678068033772&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1035881767&cv=7&fst=1678068033772&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1035881767&cv=7&fst=1678068033772&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=1035881767&cv=7&fst=1678068033772&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QkkFZIeeC_Hox_APvoGV2As&cid=CAQSKQDUE5ymMAqu4GJXLDZeQAY8CbR_t0SphQNzBNQT76u6gtfVOjHbW-j4&random=2509033709&ipr=y&prhg=0
Protocol
H2
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=1035881767&cv=7&fst=1678068033772&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QkkFZIeeC_Hox_APvoGV2As&cid=CAQSKQDUE5ymMAqu4GJXLDZeQAY8CbR_t0SphQNzBNQT76u6gtfVOjHbW-j4&random=2509033709&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame D336
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=882890158E674C82A2E651F7FC8AC5C3
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=882890158E674C82A2E651F7FC8AC5C3&__user_check__=1&sync_id=ae854b21-bbc2-11ed-b35d-1a7cb9e30506
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=882890158E674C82A2E651F7FC8AC5C3&__user_check__=1&sync_id=ae854b21-bbc2-11ed-b35d-1a7cb9e30506
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:34 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
122
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 06 Mar 2023 02:00:34 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7797&uid=882890158E674C82A2E651F7FC8AC5C3&__user_check__=1&sync_id=ae854b21-bbc2-11ed-b35d-1a7cb9e30506
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
22
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/ Frame D336
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=882890158E674C82A2E651F7FC8AC5C3
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D882890158E674C82A2E651F7FC8AC5C3
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D882890158E674C82A2E651F7FC8AC5C3
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 02:00:34 GMT
AN-X-Request-Uuid
f1f58bc0-5925-4de3-9aa2-d2c6a9235a5f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.107; 80.255.7.107; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 02:00:34 GMT
AN-X-Request-Uuid
1eb4c18d-7dcf-4881-a9dc-e051ba74ba91
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D882890158E674C82A2E651F7FC8AC5C3
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.107; 80.255.7.107; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D336
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=882890158E674C82A2E651F7FC8AC5C3&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=882890158E674C82A2E651F7FC8AC5C3&expires=365
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=882890158E674C82A2E651F7FC8AC5C3&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 02:00:34 GMT
sd
us-u.openx.net/w/1.0/ Frame D336
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=882890158E674C82A2E651F7FC8AC5C3
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=882890158E674C82A2E651F7FC8AC5C3
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=882890158E674C82A2E651F7FC8AC5C3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 02:00:34 GMT
g_match
um.simpli.fi/ Frame D336
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEEG-nt2gTTKoVcxsKLAK7kw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=882890158E674C82A2E651F7FC8AC5C3
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 05 Mar 2023 02:00:34 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A465 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=668d6405-4942-4b00-89e9-0cf233f929dd&expires=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A465
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=Zo1kBUlCSwCJ6QzyM_kp3Q
  • https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJNvexo9sATiNWB60T2mvZM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Zo1kBUlCSwCJ6QzyM_kp3Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Zo1kBUlCSwCJ6QzyM_kp3Q
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 06 Mar 2023 02:00:34 GMT
Server
MT3 569 46451a0 master cdg-pixel-x28 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Zo1kBUlCSwCJ6QzyM_kp3Q
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 06 Mar 2023 02:00:33 GMT
img
sync.mathtag.com/sync/ Frame A465
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID
  • https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=1789764931393696120
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=1789764931393696120
Protocol
HTTP/1.1
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 569 46451a0 master cdg-pixel-x12 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:36 GMT
Server
MT3 569 46451a0 master cdg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 06 Mar 2023 02:00:35 GMT

Redirect headers

Date
Mon, 06 Mar 2023 02:00:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.107; 80.255.7.107; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
24f380ea-4431-41e0-845e-17701f00a4f7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=1789764931393696120
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A465 		42 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA=&piggybackCookie=uid:668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 02:00:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
eu-u.openx.net/w/1.0/ Frame A465 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
match
ad.360yield.com/ul_cb/ Frame A465
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
H2
Server
52.58.252.202 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Mar 2023 02:00:36 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd
date
Mon, 06 Mar 2023 02:00:36 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
rum
dsum-sec.casalemedia.com/ Frame A465
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 02:00:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 02:00:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=3&external_user_id=668d6405-4942-4b00-89e9-0cf233f929dd&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
sync
ups.analytics.yahoo.com/ups/55938/ Frame A465
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55938/sync?uid=668d6405-4942-4b00-89e9-0cf233f929dd&_origin=1
  • https://ups.analytics.yahoo.com/ups/55938/sync?uid=668d6405-4942-4b00-89e9-0cf233f929dd&_origin=1&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55938/sync?uid=668d6405-4942-4b00-89e9-0cf233f929dd&_origin=1&verify=true
Protocol
H2
Server
3.126.56.137 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55938/sync?uid=668d6405-4942-4b00-89e9-0cf233f929dd&_origin=1&verify=true
date
Mon, 06 Mar 2023 02:00:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
4448
stags.bluekai.com/site/ Frame A465 		62 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/4448?id=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.189 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-189.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 06 Mar 2023 02:00:36 GMT
content-length
62
content-type
image/gif
pixel
cm.adform.net/ Frame A465
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=668d6405-4942-4b00-89e9-0cf233f929dd&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=668d6405-4942-4b00-89e9-0cf233f929dd&expires=30
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=bad8c8ff-8f24-4d3a-b4d3-9b54bfe687d3&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=bad8c8ff-8f24-4d3a-b4d3-9b54bfe687d3&adform_v=1
Protocol
H2
Server
37.157.6.254 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:37 GMT
last-modified
Fri, 18 Nov 2022 14:39:11 GMT
server
nginx
accept-ranges
bytes
etag
"6377990f-2b"
content-length
43
content-type
image/gif

Redirect headers

location
//cm.adform.net/pixel?adform_pid=3&adform_pc=bad8c8ff-8f24-4d3a-b4d3-9b54bfe687d3&adform_v=1
date
Mon, 06 Mar 2023 02:00:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
img
pixel.mathtag.com/misc/ Frame A465 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=10:30&mt_cb=404827&mop_top=9:1678067885|4:1678067885|13:1678067885|3:1678067885|5:1678067885|276:1678067885|15:1678067885|21:1678067885|10010:1678067885|46:1678067885|
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x13 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=668d6405-4942-4b00-89e9-0cf233f929dd&no_iframe=1&mt_adid=244980&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:36 GMT
Server
MT3 569 46451a0 master zrh-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 06 Mar 2023 02:00:35 GMT
361087.gif
idsync.rlcdn.com/ Frame A465 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/361087.gif?partner_uid=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
img
pixel.mathtag.com/sync/ Frame A465
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm
  • https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEFA0YnMXBsNCKaGhWXNWW0A&google_cver=1
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEFA0YnMXBsNCKaGhWXNWW0A&google_cver=1
Protocol
HTTP/1.1
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x12 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:36 GMT
Server
MT3 569 46451a0 master zrh-pixel-x12 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 06 Mar 2023 02:00:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEFA0YnMXBsNCKaGhWXNWW0A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame A465 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
us.gif
sync.go.sonobi.com/ Frame A465 		49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 02:00:37 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-41
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame A465 		43 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=668d6405-4942-4b00-89e9-0cf233f929dd&redirectId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.136 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 02:00:37 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1678068036893021-393
Expires
Mon, 06 Mar 2023 02:00:37 GMT
merge
ce.lijit.com/ Frame A465 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 06 Mar 2023 02:00:36 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
P3P
CP="CUR ADM OUR NOR STA NID"
/
rtb-csync.smartadserver.com/redir/ Frame A465 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=25&partneruserid=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:36 GMT
transfer-encoding
chunked
content-type
image/gif
4354957
se.semasio.net/sync/1/ Frame A465
Redirect Chain
  • https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=668d6405-4942-4b00-89e9-0cf233f929dd&sInitiator=external
  • https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=668d6405-4942-4b00-89e9-0cf233f929dd&sInitiator=external
  • https://se.semasio.net/sync/1/14876172?sExtCookieId=668d6405-4942-4b00-89e9-0cf233f929dd&sInitiator=external&gdpr=
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=
  • https://track.adform.net/serving/cookie/match/?CC=1&party=1008&gdpr=
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3949113043085031765&sInitiator=internal&gdpr=
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=3949113043085031765&gdpr=&sInitiator=internal
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=1789764931393696120&sInitiator=internal&gdpr=
0
0
partner
sync.search.spotxchange.com/ Frame A465 		43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:36 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
98
Connection
keep-alive
Content-Length
43
mw
mwzeom.zeotap.com/ Frame A465 		95 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=668d6405-4942-4b00-89e9-0cf233f929dd&env=mWeb&zpartnerid=979&zdid=979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://pixel.mathtag.com
access-control-allow-credentials
true
cf-ray
7a37018eb869bbe5-FRA
access-control-allow-headers
*
content-length
95
img
pixel.mathtag.com/misc/ Frame A465 		43 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=20:30&mt_cb=153546&mop_top=9:1678067885|4:1678067885|13:1678067885|3:1678067885|5:1678067885|276:1678067885|15:1678067885|21:1678067885|10010:1678067885|46:1678067885|10017:1678067885|10074:1678067885|10072:1678067885|42:1678067885|44:1678067885|17:1678067885|39:1678067885|10041:1678067885|30:1678067885|10092:1678067885|
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x25 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=668d6405-4942-4b00-89e9-0cf233f929dd&no_iframe=1&mt_adid=244980&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:36 GMT
Server
MT3 569 46451a0 master zrh-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 06 Mar 2023 02:00:35 GMT
/
loadm.exelator.com/load/ Frame A465 		0
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=101&buid=668d6405-4942-4b00-89e9-0cf233f929dd&j=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
tpui
ih.adscale.de/adscale-ih/ Frame A465
Redirect Chain
  • https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=668d6405-4942-4b00-89e9-0cf233f929dd
  • https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=668d6405-4942-4b00-89e9-0cf233f929dd&nut&uu=7da7c155a1844c5297f7e4763b0948ef
49 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=668d6405-4942-4b00-89e9-0cf233f929dd&nut&uu=7da7c155a1844c5297f7e4763b0948ef
Protocol
H2
Server
3.125.140.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Mon, 06 Mar 2023 02:00:37 GMT
content-length
49
content-type
image/gif

Redirect headers

location
https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=668d6405-4942-4b00-89e9-0cf233f929dd&nut&uu=7da7c155a1844c5297f7e4763b0948ef
date
Mon, 06 Mar 2023 02:00:37 GMT
content-length
0
sync
ad.sxp.smartclip.net/ Frame A465
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=668d6405-4942-4b00-89e9-0cf233f929dd
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=668d6405-4942-4b00-89e9-0cf233f929dd&ang_testid=1
42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=668d6405-4942-4b00-89e9-0cf233f929dd&ang_testid=1
Protocol
H2
Server
35.186.194.101 -, , ASN (),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:37 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 06 Mar 2023 02:00:37 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=668d6405-4942-4b00-89e9-0cf233f929dd&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usync
su.addthis.com/red/ Frame A465 		0
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://su.addthis.com/red/usync?pid=11112&puid=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.135 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:37 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
usermatch.gif
beacon.krxd.net/ Frame A465
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=mediamath
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath
Protocol
H2
Server
54.73.101.116 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by
beacon-n010-dub-prod.krxd.net
date
Mon, 06 Mar 2023 02:00:37 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1678068037
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath
date
Mon, 06 Mar 2023 02:00:37 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a007-ash-prod.krxd.net
37464
i6.liadm.com/s/ Frame A465
Redirect Chain
  • https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=668d6405-4942-4b00-89e9-0cf233f929dd
  • https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=668d6405-4942-4b00-89e9-0cf233f929dd
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:603b:acd7:290f:c7dd -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:38 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=668d6405-4942-4b00-89e9-0cf233f929dd
Date
Mon, 06 Mar 2023 02:00:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
7
qmap
sync.crwdcntrl.net/ Frame A465
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=668d6405-4942-4b00-89e9-0cf233f929dd
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=668d6405-4942-4b00-89e9-0cf233f929dd&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=668d6405-4942-4b00-89e9-0cf233f929dd&ct=y
Protocol
H2
Server
52.214.84.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-84-249.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.103
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 02:00:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=668d6405-4942-4b00-89e9-0cf233f929dd&ct=y
cache-control
no-cache
x-server
10.45.29.11
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame A465
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=668d6405-4942-4b00-89e9-0cf233f929dd
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=668d6405-4942-4b00-89e9-0cf233f929dd
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
HTTP/1.1
Server
52.49.158.101 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v046-03a127b6a.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qQ0c9cY1QeM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v046-07254eae8.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
nQn7x/LGROA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=668d6405-4942-4b00-89e9-0cf233f929dd
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
pixel.mathtag.com/sync/img/ Frame A465
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132948&mt=668d6405-4942-4b00-89e9-0cf233f929dd
  • https://d.agkn.com/pixel/10751/?che=1678068036453&ip=80.255.7.107&l1=https%3A%2F%2Fpixel.mathtag.com%2Fsync%2Fimg%2F%3Fmt_exid%3D10009%26mt_exuid%3D219573204447000089606
  • https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=219573204447000089606
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=219573204447000089606
Protocol
HTTP/1.1
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x4 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:36 GMT
Server
MT3 569 46451a0 master zrh-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 06 Mar 2023 02:00:35 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 02:00:36 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=219573204447000089606
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
9.gif
id5-sync.com/s/3/ Frame A465 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/3/9.gif?puid=668d6405-4942-4b00-89e9-0cf233f929dd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 06 Mar 2023 02:00:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
img
pixel.mathtag.com/misc/ Frame A465 		43 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=30:30&mt_cb=811885&check=668d6405-4942-4b00-89e9-0cf233f929dd&mop_top=9:1678067885|4:1678067885|13:1678067885|3:1678067885|5:1678067885|276:1678067885|15:1678067885|21:1678067885|10010:1678067885|46:1678067885|10017:1678067885|10074:1678067885|10072:1678067885|42:1678067885|44:1678067885|17:1678067885|39:1678067885|10041:1678067885|30:1678067885|10092:1678067885|10008:1678067885|26:1678067885|50:1678067885|10025:1678067885|10031:1678067885|36:1678067885|10040:1678067885|10004:1678067885|10009:1678067885|10089:1678067885|
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x8 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=668d6405-4942-4b00-89e9-0cf233f929dd&no_iframe=1&mt_adid=244980&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 02:00:37 GMT
Server
MT3 569 46451a0 master zrh-pixel-x8 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 06 Mar 2023 02:00:36 GMT
3822cf63-78d7-49e5-9f85-652c9229b091.jpg
mcusercontent.com/445460bb6dcefaf09207a94bb/_compresseds/ Frame 24A2 		122 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcusercontent.com/445460bb6dcefaf09207a94bb/_compresseds/3822cf63-78d7-49e5-9f85-652c9229b091.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://greenearthmedicinals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:00:38 GMT
x-guploader-uploadid
ADPycdtCh82pPBqeqeMln5Vp6XEhmHfb2nuKgW6c3bM5iKQpC73E5YIJFD7ANRZoLvbiZkIJOaTEMV1iBpCofN519OO0kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6686337
last-modified
Mon, 11 May 2020 21:30:47 GMT
server
UploadServer
etag
"e24a6224f1335b3ad187fcbb7fad5cb8"
x-goog-generation
1589232647232588
content-type
image/jpeg
x-goog-hash
crc32c=nnCdIw==, md5=4kpiJPEzWzrRh/y7f61cuA==
cache-control
public, max-age=3600
x-goog-stored-content-length
6686337
accept-ranges
bytes
expires
Mon, 06 Mar 2023 03:00:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
se.semasio.net
URL
https://se.semasio.net/sync/1/4354957?sExtCookieId=1789764931393696120&sInitiator=internal&gdpr=

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless function| gtag object| dataLayer object| lazySizesConfig object| analytics string| _analytics_js_global_name object| BCData object| versaTagObj function| setICSCookies object| SHOGUN_BOX object| SHOGUN_IMAGE_ELEMENTS string| GoogleAnalyticsObject function| ga function| normalize object| lazySizes object| google_tag_manager function| $ function| jQuery object| google_tag_data object| divs object| timeout string| __webpack_public_path__ object| webpackJsonp object| __core-js_shared__ object| core object| stencilUtils object| Foundation function| stencilBootstrap function| ready undefined| gfp_aff_toolbar object| goaffpro_identifiers object| source_identifiers object| gfp_additional boolean| isFirstTouch boolean| gfp_setOrganic boolean| useLocalStorage string| gfp_discount_code_cookie object| gfp_no_ref_cookies string| gfp_api_server object| gfp_cookieManager function| gfpGetCookie function| gfpDeleteCookie function| gfpSetCookie function| getRefCode function| regexSearch function| getSourceId function| searchInQuery function| getShop function| trackVisit function| checkoutPageCallback function| goaffproTrackConversion function| goaffproTrackConversionSync boolean| gfpCallbackMade function| doCallback function| gfp_remove_cookies undefined| refcode function| testForExpiration function| gfpSetSource function| addRefToCart function| removeRefFromCart function| gfpLoadScript function| showSiteStripeToolbar function| gfpConnectCustomer function| goaffproShopifyStVariableFix object| __goaffpro object| gaplugins object| gaGlobal object| gaData object| ajax object| instance object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData function| ppJsonp object| _pxu function| dojoDefine function| dojoRequire object| dojo object| dijit object| dojox object| dojo_request_script_callbacks function| SignupForm function| PopupSignupForm object| $mcSite object| shogunLazySizes function| SHGJQ object| SHOGUN_POLYFILLS object| SHOGUN_BROWSER function| __shgLightbox boolean| SHOGUN_LOADED function| SHGMoney function| jarallax function| VideoWorker function| __shgElementReady function| __shgDefaultVariantDropdown function| __shgSeparateVariantDropdownAllEnabled function| __shgSeparateVariantDropdowns function| __shgUpdateSeparateSelectDropdown object| __shgProductComponent function| __shgProductsInit function| __shogunBoxesOnLoad object| ANALYTICS_FUNCTIONS function| initDataTags object| shogunAnalytics object| parts undefined| oneTagObj function| ebDecode object| bsResponseObj

47 Cookies

Domain/Path Name / Value
greenearthmedicinals.com/ Name: fornax_anonymousId
Value: 51a37693-e645-4e8c-b1ab-61a8ad6336b3
greenearthmedicinals.com/ Name: athena_short_visit_id
Value: 30b43a6b-daf8-46b7-8bc0-ece08bb4edb0:1678068029
greenearthmedicinals.com/ Name: XSRF-TOKEN
Value: 4fe5f3f4ebc9cbe205866a20cd068bba421ba7a3d78a31e94c448872193608bf
greenearthmedicinals.com/ Name: SHOP_SESSION_TOKEN
Value: 5e6e370f-cd5d-4279-947f-8e608d7553da
.greenearthmedicinals.com/ Name: ajs_user_id
Value: null
.greenearthmedicinals.com/ Name: ajs_group_id
Value: null
.greenearthmedicinals.com/ Name: ajs_anonymous_id
Value: %225afdd6ec-1477-47b7-b993-b39f602f534c%22
greenearthmedicinals.com/ Name: _shg_session_id
Value: 3138d591-4dfa-47be-82b8-c3b20b390409
greenearthmedicinals.com/ Name: _shg_user_id
Value: a4b78ef8-2a6e-40d5-bff3-e2f417a25d77
.greenearthmedicinals.com/ Name: _ga
Value: GA1.2.2110161163.1678068031
.greenearthmedicinals.com/ Name: _gid
Value: GA1.2.654666101.1678068031
.greenearthmedicinals.com/ Name: _gat_gtag_UA_106911449_1
Value: 1
.greenearthmedicinals.com/ Name: _gat
Value: 1
greenearthmedicinals.com/ Name: Shopper-Pref
Value: C427827862DE1CFF7D2BED26E654E1E8902F034D-1678672831789-x%7B%22cur%22%3A%22USD%22%7D
greenearthmedicinals.com/ Name: STORE_VISITOR
Value: 1
bs.serving-sys.com/ Name: OT_1073744840
Value: 1
.serving-sys.com/ Name: G4
Value: 1waFg+00KG_
.serving-sys.com/ Name: OT2
Value: 1000L81scy
.serving-sys.com/ Name: u2
Value: 31872fea-2115-4c62-9188-68cd79fec5e24Lu060
.simpli.fi/ Name: suid
Value: 882890158E674C82A2E651F7FC8AC5C3
.list-manage.com/ Name: _abck
Value: F6DA21337115DEABFBF4CB8267F33D62~-1~YAAQNVtgaDYMerOGAQAASSWmtAlGIJMi5UuW53O+578JrRHkHb8wS5kNeezw6lwNPCVlalSyQeqbUxjXHFGBKjsGDY9NYwV6vSe+6I0n+NPhRC4nlF5WTMf0VKc5Kczf+EO3h9snxOsFYNFpFx1Lg2xSYmXd/v7HYtgdIbiHhYeBVTOVZGslzBghytpK0f8YcapS5Sd56XR+Q58pVi0ZGcsbyKJGLiK8a51G5rqbgABWF+61vH8oOjx5CfmX/5l2QPtvN5/U94ZjPUJIQdRtrnRXMR0re10Ih6OoUW50nuujJ2VdHTgjC44YBobMMXP7vEANYmeT0IHL/rceRVfQOrVMrvi852R8FJY9VwDB37BT9gk6OBpGWbGZE9lfNU73IA==~-1~-1~-1
.us16.list-manage.com/ Name: ak_bmsc
Value: DD2BAAC15AA0E46C60B51FCF1169B2AC~000000000000000000000000000000~YAAQNVtgaDcMerOGAQAASSWmtBNQ6MwjUM8l33L/TIwiZTMtKabl9FnpMfOLyNpWDv69itfctUYC74i/cesBCWEf6JeGJnYZUXUm6ILwJPr8ObG2ijpmZEVvF8DkzYuOe/ZOk3FmIp1+c2vRVmKkv9v8oPVxO4DPJBRt0+gKKwIS9OOBjBrIt5+YfOARdMx2AosC/Xg/lJzwkeRZOB9urq3qbYZwhlGuv5mLSWWEQL4tHoA4TIWsXgo/0cHGD8GihkntrVkeuBiocBldmL2/sISVz9pTKwOb3hJ8iHyqLfwOYeTg4vMSC1TgMEki6ah551cYWfDWq/DWc8Ee7kW5kd8eASivTIz7HMVReEGccONxUYZpbYr/PjVpK8phrxVMiDw2YNn+Jl5ldLWoDti+GZbM
.list-manage.com/ Name: bm_sz
Value: 14A808B865B3220E75D939E9F2B2BBB5~YAAQNVtgaDgMerOGAQAASSWmtBM/EKqJc64QKA5oE9NC3ZF4sw8GMprqlLZvfP499Dhcg6tjqtOAq3TfEdJsHdC07wihvBv7OQKpKt/b6zLe4siC7JIXCWW5tKeOYRPQELMPdRnX0TP37E5XvPanJvhm0VFOdQpoGW4BSxLhdn32aOXAP7Xtt/YuHNgvggdN62RTSdrMZ+HjlGXVFs6HJInf8boOfVWNZvA7cgojnJteEPf0qAd//WI9XPjzEF2tL8Zn73AS28gTH1ChDuun+uQu8OSiRBTwsedZET1g629cEVlSyD6sYw==~3356227~3356227
.greenearthmedicinals.com/ Name: _li_dcdm_c
Value: .greenearthmedicinals.com
.greenearthmedicinals.com/ Name: _lc2_fpi
Value: 42400b75feed--01gttac9kv0mtp4psw8febk89b
.mathtag.com/ Name: uuid
Value: 668d6405-4942-4b00-89e9-0cf233f929dd
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.simpli.fi/ Name: uid_syncd_secure
Value: true
.liadm.com/ Name: lidid
Value: 1371f6d4-9cba-4304-8d72-cddf8f4ae756
.tapad.com/ Name: TapAd_TS
Value: 1678068034336
.tapad.com/ Name: TapAd_DID
Value: acfb8bf7-6fff-4e00-96a1-6b72126eb7ba
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adnxs.com/ Name: uuid2
Value: 1789764931393696120
.agkn.com/ Name: ab
Value: 0001%3Aw%2BFC9Qf9YK%2FEZHIprwTh0IwclVAhOaDT
.pro-market.net/ Name: anProfile
Value: "-159dg07qq4mav+1+1f=1+1g=1+1j=41+rs=s+rt=2A0104A0133800920000000000000009+s2=(rr2tky)+vm=24-882890158E674C82A2E651F7FC8AC5C3"
.pro-market.net/ Name: anHistory
Value: "-159dg07qq4mav+2+!#7%/!e!.od"
.spotxchange.com/ Name: audience
Value: ae854ab6-bbc2-11ed-b35d-1a7cb9e30506
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2Hb8JScG8!@wnfH8KW.dG5<#Z0rdCE:=4`FTUPDEtCYIDL?.dG4d8IF*#jynXT.GGg3SAifWK>(j#iP(Md+>)fy)WHaM%m
.doubleclick.net/ Name: IDE
Value: AHWqTUn1pcr_maL731LY3Scd0eNNXID68VYYL7LtV-Wim3Zn-0Ca4WWYMIkk8FcO
.bluekai.com/ Name: bku
Value: blx99WJJOVxf7FQG
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEQT1MQ81eWNmWDtBpHemeJO1ADtBEasB6jemWaeBD1p9y9kExrS
.exelator.com/ Name: EE
Value: "391547115bef5a022f5782b42d4ac2da"
.mathtag.com/ Name: mt_mop
Value: 4:1678068034
.agkn.com/ Name: u
Value: C|0AAAAAAAAK5gFwgAAAAAA
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHY0tDUxNzQ0DQpNc000cDIKM3U3MIoycQoxSQx2SglcXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYEl%252BUWb6IhfXxUUpaQyLSopPBR%252BOCgYAgl4pwQ%253D%253D"
.bfmio.com/ Name: __141_cid
Value: 882890158E674C82A2E651F7FC8AC5C3
.bfmio.com/ Name: __io_cid
Value: 9d7ab4a9b344b20de115814b469048c6ad4bc20e

5 Console Messages

Source Level URL
Text
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=882890158E674C82A2E651F7FC8AC5C3
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://idsync.rlcdn.com/419566.gif?partner_uid=882890158E674C82A2E651F7FC8AC5C3
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=882890158E674C82A2E651F7FC8AC5C3
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/400646.gif?partner_uid=-5430760717542210535
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/361087.gif?partner_uid=668d6405-4942-4b00-89e9-0cf233f929dd
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
action.dstillery.com
action.media6degrees.com
ad.360yield.com
ad.sxp.smartclip.net
ads.stickyadstv.com
ajax.googleapis.com
analytics.getshogun.com
api.goaffpro.com
app.pixelpop.co
b-code.liadm.com
bcp.crwdcntrl.net
beacon.krxd.net
bes.gcp.data.bigcommerce.com
bs.serving-sys.com
cdn.getshogun.com
cdn11.bigcommerce.com
ce.lijit.com
chimpstatic.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
d.agkn.com
downloads.mailchimp.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fei.pro-market.net
fonts.googleapis.com
googleads.g.doubleclick.net
greenearthmedicinals.com
i.liadm.com
i.shgcdn.com
i.simpli.fi
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
lib.getshogun.com
loadm.exelator.com
mc.us16.list-manage.com
mcusercontent.com
mwzeom.zeotap.com
p1.zemanta.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s3.amazonaws.com
se.semasio.net
secure-ds.serving-sys.com
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
store-52n5lzto02.mybigcommerce.com
su.addthis.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.mathtag.com
sync.search.spotxchange.com
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
widget.sezzle.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
se.semasio.net
104.96.147.196
104.96.160.100
13.224.189.60
13.225.78.15
13.248.245.213
142.250.180.226
142.250.186.98
151.101.194.133
162.19.138.116
18.185.10.205
18.198.137.63
18.198.69.109
18.207.63.238
185.29.134.244
185.64.190.80
185.80.39.216
185.86.138.150
185.89.210.212
185.94.180.125
192.200.160.248
2.18.79.136
2.18.79.146
2001:4de0:ac18::1:a:3a
216.52.2.16
23.203.125.189
23.62.220.135
2600:1901:0:8eee::
2600:1f18:612b:4264:93ee:1683:39f:87a
2600:1f18:730:b140:318:4480:a19a:ad9
2600:1f18:ed:550a:603b:acd7:290f:c7dd
2600:9000:20eb:7400:8:8845:1500:93a1
2600:9000:20eb:ea00:f:5e39:d380:93a1
2600:9000:2190:6800:4:56e3:6bc0:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:62d
2606:4700::6812:17ea
2606:4700:e2::ac40:840f
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c0a::9a
2a00:1450:400d:804::2002
2a00:1450:400d:80e::200a
2a02:26f0:f700:4::212:4f11
2a06:98c1:3120::c
3.125.140.71
3.126.56.137
3.232.242.170
3.81.190.229
34.111.113.62
34.111.131.117
34.230.110.36
34.90.223.176
34.96.122.219
35.156.231.131
35.171.218.28
35.186.194.101
35.204.74.118
35.244.159.8
35.244.174.68
37.157.6.254
52.214.84.249
52.216.53.168
52.31.108.116
52.49.158.101
52.58.252.202
54.73.101.116
63.141.128.3
69.166.1.12
69.173.144.165
92.123.37.164
039bd6e8e3957d061a22d2987a26998574744e243834dc71affe60922455fa21
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a0bf3a4dee07a40558569c9c2a1475b10aa29f6922e37c03f3a1581707c9464
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7c448404d08a3d3f4cf7d31b2e57ceb37459d57c32b1e5e2b76d565dd36bfe
132e009282a8284e09e319ccf258db5a99946932de0ce1ad444f7bf7b3ac47b1
1cd23aeb2649d1166c5738555ad8ca8c6a4e108eaf320bd211ba685804228500
21250a667424e723560718394e1f0adc0b69a2787419009d7f94639d68322c27
26b7747827148cedbb295d069e04517d8f5ed11ba9a482e43ec1a3cd950e9d68
27d760947419007155077e13e797fa1f9a8b198355d0bcc98a91e4f2562a7da4
2f0aa769f0a7ef71179244bc8e5d2c21032625acab31da8956768bb59750b753
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
367c31a3a46b43a4dd5b2239fdf21bff1792dbe4cb8dad279ac47837e3578aed
3b19c4f924306fceeda9be85ef1f49c1b4a5bf639cc205057c024389293bd25e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d2b7ad480a5e05e2ee737ac2aac2cfafb255062198b0d5691cee587d9750c63
3e12d2332bbaaf3f6ec2a9063a859ecae5c98141ddd1ec301191edc309e3098b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e61410caf6b3210f6ed810a95823222f8a0de62e1ee655da212a5119792bf8c
4f39e13aa723bb1ab5abfeff013d569f1126297544d7fd5eabf09ea11077e830
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54dd87c55f5aea86f1fb107591111852cae0e98cf9e4fbe58fe8c630b5eb5d1e
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59a1542b79b2df1485c0acffd6aa583db2c0b98fb865ab95b9074e2957bf7b18
5c636c2dc74db09b0b5ee69ed0be8747328ff6f8a05c97bf42cf846cb43bb289
5e666bf2c6d7a89c749f748d0cda4f168110b7c1eb8d2954b9f39e5b6188e801
64139b0c55d09fae6099df89cff1f6bfa39fb942570ee0753e143878538c893d
676f3bf5e41aabc7485b081a018ec5342dac2d6aafdbeea9c04921098083c4a0
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4cd21474bfbea2d0dda48bfff202243d17ad7b493ecc42b97ca09b32fc1553
6d0f66886b40a055b39471f68999a6e05758c456ee18a5e558b017f079c5a0c6
717a079466da86282255203ddb9f6faafb2bf0ca0bb23ecb539463b3f963bde4
717fed325fecdf50def340e5d0fb2c8a8659166a8ac9404056ad429d78c73a02
742e570f2ed156b1750dd1f9abae5c9e239468e6bd3723aedd1a150c037f97d3
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7f91f461dec1d97c65e56aa476614ea4658a5148093a868fc6cfd652aedecf86
87fbdbeead1eba4637a43885f564c8ea21ec663613d750a9a46eba20c6187175
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b6b9460628f90ea3198218e3960a034c3078088dd324864708c48c5810e1b28
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98aa6c6fd3c6b16d415b8658eb172a3c055173613c236a9b0ab975d236fc0c56
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9f08917a9ed0a8979b59c7f20580f79abfe5c86aa8ae6507dc0fcc6429c88a8c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
abb95f19dbed073e985d7fa2dc8d66d61d7fd5dc5ac073d25a654661d0ccc709
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0755de9edee41abdef304a877ee3174f92c3429feaf7c06437822970addbb4f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4f114478cd8e6b2c0d5149374a3144891e372bd19cc11f36b54ff9ee11ee51e
b5e23b8a07f8ca75528d2d0ced949ec8fea7ed045350cbcd3465bd73755355b0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
c884edb70fc56e7fcb2f061ba3c1d7e667e1057cd28acedf88ad18914d54fd2f
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
c9b526a3738ea42d7245d515355a956a2cba08e97a6e8cc2b70e7e23a14ef927
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc3581f40fb5f316c1767033ff759995805722cb448c8308d8a7817979137574
cec8a00815b83465a93afd7fa10e11b489d8db485fb3ea2cd86c3038cf9975a6
cf04fbb61967a455efa3fbef1f13541174269b8c7d67e75e047dbd23ad341e2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac
db3d76607629aa2b5e44c2c52384d9a30722377a83647dd066aea10f16d9efe4
dbbec42909b8362c43bc9e81c1475cdd3a280e7fa2df8c7a5d08d83f4f989e79
dcf25d89aca1c61564e5eb9cd5b58f8fa2de9d1b799369f65ec5377ce021d9ad
dd238bcc6981097d1045a17cfd19a2417ee0b5fea3ab159b35a4d767855876d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7473c9f2a9669a45104b31ad19fc9c8570a8c0b710112402275fd686fda81c3
ecd93802562255dff45c0aa90f8e57693ce3fc103c8e3033a5c1dbe2d1574769
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f27cbb938e4953803fa9d0e8687e0cb6cf504e2f16be76fefac138ecc35fb37f
f5338bda66d91c36614b7e6c2224f554ccd357505e9b84a60cbe3ce7ca6fec7a