capitaloneshopping.com Open in urlscan Pro
172.64.145.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://capitaloneshopping.com/onboarding/base
Submission: On May 23 via manual (May 23rd 2024, 2:14:44 am UTC) — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 57 HTTP transactions. The main IP is 172.64.145.19, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is capitaloneshopping.com. The Cisco Umbrella rank of the primary domain is 3200.
TLS certificate: Issued by DigiCert EV RSA CA G2 on August 22nd 2023. Valid for: a year.

This is the only time capitaloneshopping.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	172.64.145.19 172.64.145.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.218.24 13.33.218.24	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
6	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	3.255.41.64 3.255.41.64	16509 (AMAZON-02) (AMAZON-02)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
3	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
57	14

26 172.64.145.19 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

capitaloneshopping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.capitaloneshopping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.capitaloneshopping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.218.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-218-24.fra60.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.255.41.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.132 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	capitaloneshopping.com capitaloneshopping.com — Cisco Umbrella Rank: 3200 cdn.capitaloneshopping.com — Cisco Umbrella Rank: 168909 track.capitaloneshopping.com — Cisco Umbrella Rank: 3394	542 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	4 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 345	31 KB
3	google.de www.google.de — Cisco Umbrella Rank: 7810	191 B
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 89 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	297 B
3	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3095 www.google.com — Cisco Umbrella Rank: 2	306 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	77 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	262 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	3 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1570	577 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 681	7 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1427	48 KB
57	12

	Domain	Requested by
19	capitaloneshopping.com	capitaloneshopping.com
6	www.facebook.com	capitaloneshopping.com
6	bat.bing.com	capitaloneshopping.com bat.bing.com
4	track.capitaloneshopping.com	capitaloneshopping.com
3	www.google.de	capitaloneshopping.com
3	connect.facebook.net	cdn.capitaloneshopping.com connect.facebook.net
3	www.googletagmanager.com	capitaloneshopping.com www.googletagmanager.com
3	cdn.capitaloneshopping.com	capitaloneshopping.com
2	www.google.com	2 redirects
2	googleads.g.doubleclick.net	2 redirects
2	www.googleadservices.com	www.googletagmanager.com
2	sp.analytics.yahoo.com	capitaloneshopping.com
2	s.yimg.com	capitaloneshopping.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.datadoghq-browser-agent.com	capitaloneshopping.com
57	16

This site contains no links.

Subject Issuer	Validity	Valid
capitaloneshopping.com DigiCert EV RSA CA G2	`2023-08-22` - `2024-09-10`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-12` - `2024-12-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-05-09` - `2024-06-26`	2 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-01` - `2024-05-30`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
*.googleadservices.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://capitaloneshopping.com/onboarding/base
Frame ID: 8C9B224BEB47505C47B5EFC6573C63D5
Requests: 57 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D35AEBD94D57C12868C2EF940D66E05C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Onboarding

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

57
Requests

95 %
HTTPS

47 %
IPv6

12
Domains

16
Subdomains

14
IPs

5
Countries

975 kB
Transfer

2812 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954845542/?random=215152834&cv=11&fst=1716430479374&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v876373778za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=eSLPCKfA55YBEOaSp8cD&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMInsCH6NmihgMVTIiDBx3GRw5gMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs HTTP 302
https://www.google.com/pagead/1p-conversion/954845542/?random=215152834&cv=11&fst=1716430479374&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v876373778za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=eSLPCKfA55YBEOaSp8cD&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMInsCH6NmihgMVTIiDBx3GRw5gMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooL0Iril1swm5pWp-ebqTCu_AA66-96KA&random=1239830513 HTTP 302
https://www.google.de/pagead/1p-conversion/954845542/?random=215152834&cv=11&fst=1716430479374&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v876373778za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=eSLPCKfA55YBEOaSp8cD&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMInsCH6NmihgMVTIiDBx3GRw5gMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooL0Iril1swm5pWp-ebqTCu_AA66-96KA&random=1239830513&ipr=y

Request Chain 50

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752647243/?random=1972216357&cv=11&fst=1716430479627&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v889947921za200zb876373778&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=PG27CPfvjpgBEMv48eYC&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIgcSxAkoVZXZlbnQtc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&pscrd=IhMIy_-U6NmihgMV3KGDBx2XQgS_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs HTTP 302
https://www.google.com/pagead/1p-conversion/752647243/?random=1972216357&cv=11&fst=1716430479627&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v889947921za200zb876373778&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=PG27CPfvjpgBEMv48eYC&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIgcSxAkoVZXZlbnQtc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&pscrd=IhMIy_-U6NmihgMV3KGDBx2XQgS_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooL95pMqAVHkh6f2wGqCoiNDX07zvgwdg&random=2772265056 HTTP 302
https://www.google.de/pagead/1p-conversion/752647243/?random=1972216357&cv=11&fst=1716430479627&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v889947921za200zb876373778&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=PG27CPfvjpgBEMv48eYC&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIgcSxAkoVZXZlbnQtc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&pscrd=IhMIy_-U6NmihgMV3KGDBx2XQgS_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooL95pMqAVHkh6f2wGqCoiNDX07zvgwdg&random=2772265056&ipr=y

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request base Show response
capitaloneshopping.com/onboarding/ 10 KB
4 KB 60ms
25ms Document
text/html 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bb4eb49b2eb3dd08230d12b6371af88361434b537de17bdd6907c051a20cf21

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: content-type, x-wb-session, x-wb-extension
access-control-allow-methods: GET
access-control-allow-origin: *
age: 1059
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=1800, max-age=60
cf-cache-status: HIT
cf-ray: 8881889a5a728eb5-FRA
content-encoding: br
content-security-policy: frame-ancestors *.wikibuy.com
content-type: text/html; charset=utf-8
date: Thu, 23 May 2024 02:14:38 GMT
expect-ct: max-age=0
last-modified: Thu, 23 May 2024 01:56:59 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-ingress: true
x-iv-static: true
x-permitted-cross-domain-policies: none
x-tid: 90adae1b-43d3-48ad-bce6-7a3cd0098ac2
x-wb-container: 261621ebefef
x-wb-server: 10
x-xss-protection: 0

GET
H3 200 cof_common.js Show response
capitaloneshopping.com/assets/enterprise/js/ 1 KB
1 KB 154ms
153ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/assets/enterprise/js/cof_common.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d62d1d96b7c8e932c703754a1888f342ad58ffd57793d415d380cd841c7d243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
x-ion-hop: prod
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8881889a8a7e8eb5-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H3 200 index.sHuAcQl0.css
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 33 KB
7 KB 24ms
24ms Stylesheet
text/css 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/index.sHuAcQl0.css

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efd30cb47fd744d658bf646e0a52b400b85e372bb3c667896ecafc9edf7ddc2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 5398026
x-tid: ed3d8ef3-3a01-48f7-8f65-5702b28c2148
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 21 Mar 2024 14:47:32 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: f47df5c1ae29
cf-ray: 8881889a8a7f8eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 hoisted.8yA0A67N.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 2 KB
1 KB 28ms
28ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/hoisted.8yA0A67N.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a76d017185c7950bedb78605688620d6bf1a2f33b14c7aec848ca763effcad75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 563893
x-tid: 38de82ff-b885-4af2-9a9c-3321507ef66a
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 16 May 2024 13:36:25 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: 97c1a6aa07f1
cf-ray: 8881889a8a818eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 c1_shopping_blue.svg
cdn.capitaloneshopping.com/wikibuy-assets/images/upload_content/ 14 KB
6 KB 39ms
29ms Image
image/svg+xml 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.capitaloneshopping.com/wikibuy-assets/images/upload_content/c1_shopping_blue.svg

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

222ba766c01d2142d8af777a1d0f8855b4ebbe4298a8618d8ba0454584867988

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1058
x-ingress: true
x-tid: 2e9be32d-be7d-4b41-8f3f-c77c184d015f
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 May 2024 01:57:00 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1800, max-age=60
x-frame-options: SAMEORIGIN
x-wb-container: 7c538f35bbf7
cf-ray: 8881889aca918eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 cof_common.js Show response
capitaloneshopping.com/assets/enterprise/js/ 284 KB
160 KB 136ms
135ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c647f8e4cb033a92b373743eded65766f269749cf7f13c16c6d5549d464807b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
x-ion-hop: prod
cache-control: public, max-age=3600, immutable
cf-ray: 8881889b8ad88eb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 150 KB
48 KB 41ms
7ms Script
application/javascript 13.33.218.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.218.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-218-24.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:31 GMT
content-encoding: br
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 25
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: uHVSGDPPIHOjm68jejHRbITcj2vxN6yimCDI8I78qyiwN-GpF4LXfQ==

GET
H3 200 StepContainer._Gt3OMpt.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 2 KB
1 KB 27ms
27ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/StepContainer._Gt3OMpt.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85bbac2d5fd0d694ebbe478afdbeec6b9da0f340a954f076125d5c2792d74a83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 401074
x-tid: b938a52a-fbb9-4df1-877c-9b2c4f8a9796
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 18 May 2024 10:50:04 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: 4c754d5c26f3
cf-ray: 8881889d7b7c8eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 client.LwjS8FHb.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 1 KB
1 KB 28ms
27ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/client.LwjS8FHb.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

830beabed4e6d23ba596547510f9aad7dda37c34b4163319584851a3fb8b76d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 6083118
x-tid: 9dc38231-5aee-4140-a068-29b0b2e07aea
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 13 Mar 2024 16:29:20 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: 4ee1e2c9269a
cf-ray: 8881889d7b7e8eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 Footer.S8gCXXPx.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 2 KB
1 KB 24ms
24ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/Footer.S8gCXXPx.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22d0de98da3ced084edd641f4baf754f4f7bb7fdea864d4bf78dbb0eb639a4fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 563893
x-tid: 77752ed6-2d35-402e-88e4-b4c27c6ba944
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 16 May 2024 13:36:25 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: 38d38bcac824
cf-ray: 8881889d7b808eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 lineto-circular-pro-book.woff2
cdn.capitaloneshopping.com/wikibuy-assets/font/ 59 KB
59 KB 40ms
27ms Font
binary/octet-stream 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.capitaloneshopping.com/wikibuy-assets/font/lineto-circular-pro-book.woff2

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

754235af94ace68ec407cdbdbcaab45f4baf868f32feb3ec0bca57adbc0c9193

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://capitaloneshopping.com/
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1059
x-ingress: true
x-tid: 0d8152ae-2226-4842-8eeb-a7b95cc71c9c
x-iv-static: true
x-dns-prefetch-control: off
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 May 2024 01:56:59 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: s-maxage=1800, max-age=60
x-frame-options: SAMEORIGIN
x-wb-container: 9879349f3c8a
cf-ray: 8881889d98a1bba7-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 get-tag-manager-client.at5AwFmK.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 44 KB
18 KB 26ms
24ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/get-tag-manager-client.at5AwFmK.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f0c40a66c568997a411cdcf1188c4c6a4fdaf0e3e055da56dd145a41a48889b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 563895
x-tid: 26f7b222-8e12-4c28-9032-a3d80f08aeca
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 16 May 2024 13:36:23 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: 97c1a6aa07f1
cf-ray: 8881889d8b868eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 ThirdPartyPageViewPixel.astro_astro_type_script_index_0_lang.gRh_VZvu.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 4 KB
2 KB 21ms
19ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ThirdPartyPageViewPixel.astro_astro_type_script_index_0_lang.gRh_VZvu.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbe32c37b7d8d4b38ae5e530bb6fc69af0160776a4777af2a7e00a5f127eb0f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 563895
x-tid: ea096784-e581-4932-b7d7-0e6a6a7209a2
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 16 May 2024 13:36:23 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: 4c754d5c26f3
cf-ray: 8881889d8b878eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 hoisted.vAtgotrC.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 427 B
809 B 40ms
38ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/hoisted.vAtgotrC.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df14f39ae4593046af232505d456f58c7683671b054afebd36a31ca2d52b8c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 563892
x-tid: 57913f0f-32c9-4540-8442-2d0ca91ec073
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 16 May 2024 13:36:26 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: f21f24e4e5e8
cf-ray: 8881889d8b888eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 _commonjsHelpers.5-cIlDoe.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 290 B
707 B 23ms
22ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/_commonjsHelpers.5-cIlDoe.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6a952f6983d4b32731f9e90c648473dc093075ac4eb779aae8cd8e8afef33b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:38 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 6067191
x-tid: 9bc82b7f-5973-4809-bba8-5d750a2858e3
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 13 Mar 2024 20:54:47 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: b0a7caacc010
cf-ray: 8881889d8b8a8eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 step-handler.ovc_AFj3.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 209 KB
69 KB 38ms
36ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/step-handler.ovc_AFj3.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5a5e5de81f061cd7ea716501fabe3cc58b598a9da509e11792f4025a6cf5f7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:39 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 563893
x-tid: a0220135-3dbf-4c89-80d9-a0cc91eec650
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 16 May 2024 13:36:26 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: e3f889eb2f21
cf-ray: 8881889dab918eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 index.ns0du-GL.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 138 KB
46 KB 30ms
29ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/index.ns0du-GL.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

787822bdb2347c0ed11d2304efc87f9cf09239178ff181a2e804b6ad623166bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:39 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 3192904
x-tid: 77b7f529-139a-4745-b6b0-882d96eb9243
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 16 Apr 2024 03:19:35 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: cde4fd3d8012
cf-ray: 8881889dab928eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 index.d0014d1d.vtJWyeCx.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 11 KB
4 KB 26ms
24ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/index.d0014d1d.vtJWyeCx.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6722c3699d9da94603b11afff5aa8d3475b6ef8a582e9b1465e45ba1b3154267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:39 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 5162955
x-tid: 9de360c4-1fe6-4952-b6cd-70eeab9ce77d
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 24 Mar 2024 08:05:24 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: f47df5c1ae29
cf-ray: 8881889dab938eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 session Show response
capitaloneshopping.com/api/v1/ 19 KB
7 KB 222ms
221ms Fetch
application/json 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/api/v1/session

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c40514d55bcb14629bf79f71598c45b53778b1475127c2c0036d99eb06b0be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.capitaloneshopping.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:39 GMT
content-security-policy: frame-ancestors *.capitaloneshopping.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ingress: true
x-tid: 66099de3-f114-416a-955d-366ad46e49cf
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-wb-container: 855a7784f14b
cf-ray: 8881889ddba58eb5-FRA

GET
H3 200 iv-remote-context-messenger.MEcQI6PI.js Show response
capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ 85 KB
28 KB 29ms
29ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/iv-remote-context-messenger.MEcQI6PI.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/get-tag-manager-client.at5AwFmK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

103984d4018d5542f033ddc48560d88a16439b2f8abd19c83a3d73f5fc7ceb4f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://capitaloneshopping.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:39 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 7167998
x-tid: 4dee92ba-349c-4aa7-b3d6-cd1855e7ba64
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Fri, 01 Mar 2024 03:08:01 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=31557600
x-frame-options: SAMEORIGIN
x-wb-container: 4ee1e2c9269a
cf-ray: 8881889ddba78eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H3 200 wa.min.js Show response
cdn.capitaloneshopping.com/analytics/ 481 KB
103 KB 31ms
30ms Script
application/javascript 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.capitaloneshopping.com/analytics/wa.min.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/ThirdPartyPageViewPixel.astro_astro_type_script_index_0_lang.gRh_VZvu.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1ecd23e2e8ea7e9c8311aa8bd1a23ed975cb8da12e18a43bd4c71aab11dc7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:39 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1060
x-ingress: true
x-tid: 4e103710-b9de-4d43-9e27-0a8529ff1a09
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 May 2024 01:56:59 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=1800, max-age=60
x-frame-options: SAMEORIGIN
x-wb-container: a06662140ba4
cf-ray: 8881889ddba88eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
84 KB 48ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-954845542

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/get-tag-manager-client.at5AwFmK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30325cdfa44f4f56a631fda62ef484a5945384fbad3ee13d4578d537d83c4be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85120
x-xss-protection: 0
last-modified: Thu, 23 May 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 02:14:39 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 53ms
14ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/get-tag-manager-client.at5AwFmK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Thu, 23 May 2024 01:40:40 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: SBG9Z52HJH5AP7F9
age: 2041
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: BDJsMgmdxHoVXR9NbuJm1tTnbZAtkDNbwA+psJjacJzWz8r3jzkhvPcJCRtwOH3IAhXWZBiD7mY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 73ms
39ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/ASTRO_GENERATED/onboarding/_astro/get-tag-manager-client.at5AwFmK.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 23 May 2024 02:14:38 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 236567A7B7094548BD089EEE2835AF41 Ref B: FRAEDGE1820 Ref C: 2024-05-23T02:14:39Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 31ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.capitaloneshopping.com
URL: https://cdn.capitaloneshopping.com/analytics/wa.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 May 2024 02:14:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: hHu9TtPbxsWDeGrC9rkpjaOGxmufNMeh3z5k1JKRgMOZv19K+TDszDZuKbKFn2sOcxfgw5R9NfKI3W7BzDsEOg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10197724.json Show response
s.yimg.com/wi/config/ 2 B
471 B 41ms
15ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10197724.json

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1
date: Thu, 23 May 2024 01:49:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 9ECKR4X8FJCRSS1M
age: 1507
content-length: 2
x-amz-id-2: 5d/VGL/GWVGTPqWnrMjEbryD545+BFSgHIAQjJHMsHqUQA1Bw+Hkzx9b3x0T/+FOh+TgXK+HozI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 138003364.js Show response
bat.bing.com/p/action/ 1 KB
841 B 32ms
32ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/138003364.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ff280daab9122103da422be7a53e81b0d450cace666e66466c2b85aee47892d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 23 May 2024 02:14:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 49525E33E1A94C90AEA46E349ACAECB4 Ref B: FRAEDGE1820 Ref C: 2024-05-23T02:14:39Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 36ms
36ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=138003364&Ver=2&mid=377751e3-9361-4a54-bbf1-00f6ac77fa90&sid=3570e6c018aa11ef931ce9b222752dda&vid=3570fe7018aa11efbb41df75439fc705&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Onboarding&p=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&r=&lt=595&evt=pageLoad&sv=1&rn=381216

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 May 2024 02:14:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 63EDF69333314444B19DF7191BFD66CD Ref B: FRAEDGE1820 Ref C: 2024-05-23T02:14:39Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 0c7b42c5-5ebd-446c-994e-8c6d4ae1b1e0
https://capitaloneshopping.com/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://capitaloneshopping.com/0c7b42c5-5ebd-446c-994e-8c6d4ae1b1e0
Requested by: Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-752647243&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-954845542

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b89f3bee36948a572ece20673aa2df058e5540c5d4b45ed2aba5e6cf2035615b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85253
x-xss-protection: 0
last-modified: Thu, 23 May 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 02:14:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
95 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MP31CDMNVT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-954845542

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7dd95e64e9daf1e6cce80dc9c12756b8ec078ba99d0fd0765fa1373101c0a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96932
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 May 2024 02:14:39 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
500 B 121ms
33ms Image
image/gif 3.255.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2023%20May%202024%2002%3A14%3A39%20GMT&n=-2d&b=Onboarding&.yp=10197724&f=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.112 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.112)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.112
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 23 May 2024 02:14:39 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 138003364 Show response
bat.bing.com/p/insights/t/ 712 B
1002 B 175ms
175ms Script
application/x-javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/138003364

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/138003364.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1418576a202202edb023857e3b9a910850188e6cacb43bd744f75aaf3229daeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 23 May 2024 02:14:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0751F8927EF740A89F58637F7A6D7AE0 Ref B: FRAEDGE1820 Ref C: 2024-05-23T02:14:39Z
vary: Accept-Encoding
x-azure-ref: 20240523T021439Z-16659bfbf7fxfsq4ynvp7xsb8000000006wg00000000dm2k
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 604
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H3 200 fetch Show response
capitaloneshopping.com/api/v1/content/ 597 B
676 B 767ms
767ms Fetch
application/json 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/api/v1/content/fetch

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997a0ce5e29580077174e36103076140bf26b248562bfe3ee4e7bbe1b62a19be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.capitaloneshopping.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 23 May 2024 02:14:40 GMT
content-security-policy: frame-ancestors *.capitaloneshopping.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ingress: true
x-tid: 4f8bc3ec-6060-4bd8-b601-c092ced3bbf6
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://capitaloneshopping.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-wb-container: 67aa58196ba8
cf-ray: 8881889fcc578eb5-FRA
access-control-allow-headers: x-wb-session,content-type,x-wb-service,authorization,x-wb-extension

POST
H3 204 i Show response
track.capitaloneshopping.com/ 0
714 B 715ms
682ms XHR
text/plain 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://track.capitaloneshopping.com/i

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 May 2024 02:14:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-ingress: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://capitaloneshopping.com
access-control-allow-credentials: true
cf-ray: 888188a039891cb5-FRA
access-control-allow-headers: Content-type, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Authorization, Cookie
alt-svc: h3=":443"; ma=86400

POST
H3 204 p Show response
track.capitaloneshopping.com/ 0
537 B 797ms
762ms XHR
text/plain 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://track.capitaloneshopping.com/p

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 May 2024 02:14:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-ingress: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://capitaloneshopping.com
access-control-allow-credentials: true
cf-ray: 888188a039921cb5-FRA
access-control-allow-headers: Content-type, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Authorization, Cookie
alt-svc: h3=":443"; ma=86400

POST
H3 204 t Show response
track.capitaloneshopping.com/ 0
1 KB 677ms
648ms XHR
text/plain 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://track.capitaloneshopping.com/t

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 May 2024 02:14:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-ingress: true
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=il4Nyi1yN8ev27DPgwLfdwllfQfM9BdAUV_08Xd2Q70-1716430480-1.0.1.1-Khb1HkV7J9jKoG.ZyiXnCaMfqozumtqdgvkyAekmjVqdXIeci_tvA_zV.KGDOMgu7CanWAb5EwU6FaFz.UZr35FTmR7qm0S5XnjDSIBeq9.QlCEOxVpoPXP.mu532LwiItZZCa.Pmp6roqm0UHKLmWH36_B25THbLqPVHR6tf.M; report-to cf-csp-endpoint
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=il4Nyi1yN8ev27DPgwLfdwllfQfM9BdAUV_08Xd2Q70-1716430480-1.0.1.1-Khb1HkV7J9jKoG.ZyiXnCaMfqozumtqdgvkyAekmjVqdXIeci_tvA_zV.KGDOMgu7CanWAb5EwU6FaFz.UZr35FTmR7qm0S5XnjDSIBeq9.QlCEOxVpoPXP.mu532LwiItZZCa.Pmp6roqm0UHKLmWH36_B25THbLqPVHR6tf.M"}],"group":"cf-csp-endpoint","max_age":86400}
access-control-allow-origin: https://capitaloneshopping.com
access-control-allow-credentials: true
cf-ray: 888188a0398c1cb5-FRA
access-control-allow-headers: Content-type, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Authorization, Cookie
alt-svc: h3=":443"; ma=86400

POST
H3 204 t Show response
track.capitaloneshopping.com/ 0
535 B 707ms
687ms XHR
text/plain 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://track.capitaloneshopping.com/t

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 May 2024 02:14:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-ingress: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://capitaloneshopping.com
access-control-allow-credentials: true
cf-ray: 888188a0398a1cb5-FRA
access-control-allow-headers: Content-type, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Authorization, Cookie
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/954845542/ 3 KB
2 KB 56ms
24ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/954845542/?random=1716430479374&cv=11&fst=1716430479374&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v876373778za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=eSLPCKfA55YBEOaSp8cD&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-954845542

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

8181fc19bdada2df41ab771e2719c09f2aef044cf1518183a38830b16adb4612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1583
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
32 B 38ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=855757074807164&ev=CompleteRegistration&noscript=1&dpoco=0&dpost=0

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 May 2024 02:14:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tr
www.facebook.com/ 0
273 B 37ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=489250921915227&ev=CompleteRegistration&noscript=1&dpoco=0&dpost=0

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 May 2024 02:14:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
77 B 42ms
34ms Image
image/gif 3.255.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Onboarding&.yp=10197724&f=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&enc=UTF-8&yv=1.15.1&et=custom&ec=onboarding&tagmgr=gtm

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.112 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.112)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.112
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 23 May 2024 02:14:39 GMT

GET
H2 200 855757074807164 Show response
connect.facebook.net/signals/config/ 57 KB
12 KB 78ms
76ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/855757074807164?v=2.9.156&r=stable&domain=capitaloneshopping.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d0b234cd9d0205583eb3c4e57954a5fdf8ffea548f8ea28ed1991ea01a327e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 May 2024 02:14:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=63, mss=1326, tbw=63357, tp=-1, tpl=-1, uplat=70, ullat=0
pragma: public
x-fb-debug: Twm6KfgqL0Ip+rP4GlNBK04N8jCdRcRaxWk7f2h/z3MXjcb44zYJd9vF6RxngmZq6JZZ///wTgJPEMIXJgGvFQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/752647243/ 3 KB
2 KB 30ms
29ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/752647243/?random=1716430479627&cv=11&fst=1716430479627&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v889947921za200zb876373778&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=PG27CPfvjpgBEMv48eYC&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-752647243&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

0f97c94025f720a7764e8be928471a2e67795e45f33f34c5223df71d97c37263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1569
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 43ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MP31CDMNVT&_ng=1&gtm=45je45m0h2v9137914095za200zb876373778&_p=1716430479017&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1930141321.1716430480&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716430479&sct=1&seg=0&dl=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&dt=Onboarding&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1240
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MP31CDMNVT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitaloneshopping.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 60ms
19ms Ping
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-MP31CDMNVT&cid=1930141321.1716430480&gtm=45je45m0h2v9137914095za200zb876373778&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MP31CDMNVT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitaloneshopping.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 39ms
17ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-MP31CDMNVT&cid=1930141321.1716430480&gtm=45je45m0h2v9137914095za200zb876373778&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=408473465

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/954845542/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954845542/?random=215152834&cv=11&fst=1716430479374&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v876373778za200&gcd=13l3l3l2l1&dma_cps=s...
https://www.google.com/pagead/1p-conversion/954845542/?random=215152834&cv=11&fst=1716430479374&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v876373778za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&...
https://www.google.de/pagead/1p-conversion/954845542/?random=215152834&cv=11&fst=1716430479374&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v876373778za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u...

42 B
64 B

20ms
20ms

Image
image/gif

216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/954845542/?random=215152834&cv=11&fst=1716430479374&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v876373778za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=eSLPCKfA55YBEOaSp8cD&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMInsCH6NmihgMVTIiDBx3GRw5gMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooL0Iril1swm5pWp-ebqTCu_AA66-96KA&random=1239830513&ipr=y

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/954845542/?random=215152834&cv=11&fst=1716430479374&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v876373778za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=eSLPCKfA55YBEOaSp8cD&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMInsCH6NmihgMVTIiDBx3GRw5gMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooL0Iril1swm5pWp-ebqTCu_AA66-96KA&random=1239830513&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.7.34 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 35ms
32ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.34

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/138003364

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

05196bbc70bbbb7e8b6775fd38c82a3eedff7ee9a81c2b330083f8086df45754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 23 May 2024 02:14:38 GMT
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 15075
last-modified: Wed, 22 May 2024 16:14:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC132F9B3D7D4ECDAFD2B6C0ADB73144 Ref B: FRAEDGE1820 Ref C: 2024-05-23T02:14:39Z
etag: W/"0x8DC7A7A45EEC82D"
vary: Accept-Encoding
x-azure-ref: 20240523T021439Z-16659bfbf7fxfsq4ynvp7xsb800000000700000000007pnp
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d2882c53-401e-0078-316c-ac8d23000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

GET
H3 200 489250921915227 Show response
connect.facebook.net/signals/config/ 29 KB
6 KB 71ms
70ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/489250921915227?v=2.9.156&r=stable&domain=capitaloneshopping.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

cdab8314825bc46acfd7f8e5c9c9705bd55bd7d51b2059f0ae0e1d7790014d87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 May 2024 02:14:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=33, mss=1232, tbw=4643, tp=12, tpl=0, uplat=63, ullat=0
pragma: public
x-fb-debug: eyCWuyoMrPeYheBCzboLiUxFXXI8vhvMd6cS5V8KutgHTh14FarvS+t95zkcI4KJSVekC5vC3yd+useLhMYumQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/752647243/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752647243/?random=1972216357&cv=11&fst=1716430479627&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v889947921za200zb876373778&gcd=13l3l3l2...
https://www.google.com/pagead/1p-conversion/752647243/?random=1972216357&cv=11&fst=1716430479627&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v889947921za200zb876373778&gcd=13l3l3l2l1&dma_cps=sypham&dma...
https://www.google.de/pagead/1p-conversion/752647243/?random=1972216357&cv=11&fst=1716430479627&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v889947921za200zb876373778&gcd=13l3l3l2l1&dma_cps=sypham&dma=...

42 B
64 B

21ms
21ms

Image
image/gif

216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/752647243/?random=1972216357&cv=11&fst=1716430479627&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v889947921za200zb876373778&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=PG27CPfvjpgBEMv48eYC&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIgcSxAkoVZXZlbnQtc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&pscrd=IhMIy_-U6NmihgMV3KGDBx2XQgS_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooL95pMqAVHkh6f2wGqCoiNDX07zvgwdg&random=2772265056&ipr=y

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 May 2024 02:14:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/752647243/?random=1972216357&cv=11&fst=1716430479627&bg=ffffff&guid=ON&async=1&gtm=45be45m0h2v889947921za200zb876373778&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&label=PG27CPfvjpgBEMv48eYC&hn=www.googleadservices.com&frm=0&tiba=Onboarding&gtm_ee=1&npa=1&pscdl=noapi&auid=412070371.1716430479&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIgcSxAkoVZXZlbnQtc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&pscrd=IhMIy_-U6NmihgMV3KGDBx2XQgS_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooL95pMqAVHkh6f2wGqCoiNDX07zvgwdg&random=2772265056&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
473 B 194ms
192ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=855757074807164&ev=onboardingInstall2&dl=https%3A%2F%2Fcapitaloneshopping.com%2Fonboarding%2Fbase&rl=&if=false&ts=1716430479784&cd[domain]=capitaloneshopping.com&cd[country]=DE&cd[features]=%5B%22ab_control_search_landing%22%2C%22ab_join_wikibuy_landing_original_content%22%2C%22ab_search_landing%22%2C%22account_delete%22%2C%22a_clip_on%22%2C%22a_coup_cta_1%22%2C%22a_coup_on_202301%22%2C%22a_coup_on_v8%22%2C%22a_coup_tooltip_ctrl%22%2C%22aff_interstitial%22%2C%22aff_interstitial_ease%22%2C%22aff_interstitial_set_location%22%2C%22aff_interstitial_set_location_ease%22%2C%22agree_tos_action%22%2C%22airbnb_conquesting%22%2C%22algorithmic_control%22%2C%22allow_account%22%2C%22allow_no_savings%22%2C%22amz_class_on%22%2C%22apply_page_coupons%22%2C%22apply_page_coupons_amazon%22%2C%22apply_savings_no_dismissal_ctrl%22%2C%22ar_bau_notif_cta_v_2%22%2C%22auth_gate_cashback%22%2C%22auth_gate_coupons%22%2C%22az_mk_res%22%2C%22b_a_grey_only%22%2C%22bau_notif_ctrl%22%2C%22bazaar_search_data_disabled_for_target%22%2C%22bedbathandbeyond_norb%22%2C%22big_commerce_delay_test%22%2C%22big_coup_on%22%2C%22blog_takeover_control%22%2C%22booking_test%22%2C%22c1_account_linking%22%2C%22capital_one_no_consent_linking%22%2C%22capitalone_tv_iteration_3%22%2C%22captcha_on_payment%22%2C%22carousel_personalized%22%2C%22cb_cta_ui_control%22%2C%22cb_dewey_overrides%22%2C%22cb_on_atc_control%22%2C%22cb_show_amount_above_five%22%2C%22celebrate_link_control%22%2C%22cesars_test_feature_plz_ignore_control%22%2C%22checkout_livechat_olark%22%2C%22ci_youtube_variant_control%22%2C%22click_state_onboarding%22%2C%22cm_test_new_coupon_inclusion%22%2C%22cm_test_use_site_cache_data%22%2C%22cm_use_program_client_rules%22%2C%22content_data%22%2C%22coup_arg_test%22%2C%22coup_checkpoint_202401_test%22%2C%22coup_copy_jan_22_test%22%2C%22coup_hub_desc%22%2C%22coup_modal_auto_dismiss%22%2C%22coupon_ab_ranker_2%22%2C%22coupon_bau_notif_activate%22%2C%22coupon_bau_notif_dismiss%22%2C%22coupon_bau_notif_red%22%2C%22coupon_lg_control%22%2C%22coupon_max_run_v_2_202404_test_20%22%2C%22coupon_non_rerun%22%2C%22coupon_notif_bau_button%22%2C%22coupon_notif_bau_safari_ctrl%22%2C%22coupon_notif_control%22%2C%22coupon_run_max_ctrl%22%2C%22coupon_savings_likelihood%22%2C%22coupon_selective_non_rerun%22%2C%22coup_pre_obs_test%22%2C%22coup_shift_left%22%2C%22coup_snip_off%22%2C%22coup_throttle_apr_23_b%22%2C%22coup_up_funnel_ctrl%22%2C%22c_ranker_trash_day%22%2C%22c_r_bagel_ctrl%22%2C%22credits_dismiss_reminder_control%22%2C%22credits_redemption_prompt_control%22%2C%22c_t_pin_off%22%2C%22cws_variant_1%22%2C%22datadog_web_on%22%2C%22deal_card_avg_savings%22%2C%22deals_feed_red_cashback%22%2C%22deals_launch%22%2C%22debug_priceline_ctrl%22%2C%22delete_single_run%22%2C%22desktop_onboarding_mobile_qr_beginning%22%2C%22dewey_price_comparison%22%2C%22direct_activation%22%2C%22disable_hotels_airbnb%22%2C%22disable_mark_control%22%2C%22disable_pusher%22%2C%22disable_tc_notifs_ctrl%22%2C%22dsg_incrementality_test_july_2023_control%22%2C%22ease_offers_personalized%22%2C%22ebay_coupon_target%22%2C%22eb_o_ck%22%2C%22enable_amazon_marketplace%22%2C%22enable_homepage_recommended_products%22%2C%22enable_lightning_deal_pricing%22%2C%22energy_free_nights_weekends_on%22%2C%22enforce_whitelist_seller%22%2C%22error_page_view_log%22%2C%22etsy_generic_codes_test%22%2C%22exclude_non_verified%22%2C%22expanded_table%22%2C%22ext_alternative_logo_2%22%2C%22ext_amz_cart%22%2C%22ext_amz_checkout%22%2C%22ext_cashback_notif_preferences%22%2C%22ext_cc_no_cred2_control%22%2C%22ext_cc_no_credit%22%2C%22ext_clo_control%22%2C%22ext_cnc_img_logo%22%2C%22ext_comm_solar_copy_test%22%2C%22ext_comm_solar_new_merchant_on%22%2C%22ext_comm_solar_rwrds_amt_test%22%2C%22ext_coupon_cta%22%2C%22ext_coupons_streamlined_click_ctrl%22%2C%22ext_deferred_coupon_rewards%22%2C%22ext_dewey_ensure_url_trigger%22%2C%22ext_disable_feedback%22%2C%22ext_email_create_account_notification_control%22%2C%22ext_energy_arbor_copy_test_2%22%2C%22ext_energy_arbor_on%22%2C%22ext_energy_arbor_test_copy_on%22%2C%22ext_energy_cse_on%22%2C%22ext_energy_notif_rewards_in_cta_on%22%2C%22ext_energy_powersetter_copy_test_on%22%2C%22ext_energy_ptc_link_subpage_on%22%2C%22ext_energy_smartenergy_on%22%2C%22ext_energy_tx_inmarket_merchant_on%22%2C%22ext_evarsplit%22%2C%22ext_fallback_low_success_2%22%2C%22ext_found_rewards%22%2C%22ext_front_book_elevated_passback_ctrl%22%2C%22ext_hide_rewards_rate_ctl%22%2C%22ext_hotel_show_savings_only%22%2C%22ext_hotel_trusted_price%22%2C%22ext_instacart_promo_ctrl%22%2C%22ext_modal_savings_emphasis_ctrl%22%2C%22ext_ndewey%22%2C%22ext_ne_new_merchant_on%22%2C%22ext_notif_animation_ctrl%22%2C%22ext_notif_brand_size_ctrl%22%2C%22ext_notif_center_ctrl%22%2C%22ext_notif_drag%22%2C%22ext_notif_drag_ctrl%22%2C%22ext_notif_snooze%22%2C%22ext_onpoint_rewards_test_on%22%2C%22ext_other_origins%22%2C%22ext_other_origins_alphapaw%22%2C%22ext_other_origins_bestbuy%22%2C%22ext_other_origins_bettymills%22%2C%22ext_other_origins_embarkvet%22%2C%22ext_other_origins_factorysupplyoutlet%22%2C%22ext_other_origins_grizzly%22%2C%22ext_other_origins_microcenter%22%2C%22ext_other_origins_mrostop%22%2C%22ext_other_origins_petco%22%2C%22ext_other_origins_petsmart%22%2C%22ext_other_origins_toolnut%22%2C%22ext_other_origins_tractorsupply%22%2C%22ext_other_origins_zestypaws%22%2C%22ext_other_show%22%2C%22ext_post_flight_control%22%2C%22ext_powersetter_new_lp_on%22%2C%22ext_red_cta_202305%22%2C%22ext_referrals_conf_modal_ctrl%22%2C%22ext_reliant_conquest_notif_1%22%2C%22ext_rewards_cart%22%2C%22ext_runV3%22%2C%22ext_sametab_test_domains_ctrl%22%2C%22ext_sh_on_control%22%2C%22ext_shorten_notif_text_ctrl%22%2C%22ext_smaller_dismissal%22%2C%22ext_solar_conquest_notif_off%22%2C%22ext_stand_down_timer_reset%22%2C%22ext_tx_energy_ohm_connect_test_rwd_amt_on%22%2C%22ext_vpp_notif_rwrds%22%2C%22ext_vpp_rewards_testing%22%2C%22ext_warn_sd%22%2C%22ext_wl_test%22%2C%22fallback_drop_off%22%2C%22farfetch_tiered_rate_test%22%2C%22feature_campaign_control%22%2C%22feed_full_width_carousel_enabled%22%2C%22feed_mobile_design_new_no_dots%22%2C%22financial_product_cof_link%22%2C%22financial_products_control%22%2C%22force_store_install%22%2C%22fp_deals_esb_stnd%22%2C%22fp_ext_alt_landing_two_card%22%2C%22gate_modal_iteration_4%22%2C%22gate_modal_products%22%2C%22great_deals_pill_test%22%2C%22growth_nav_bar_removal_true%22%2C%22headline_auto_code_app%22%2C%22hhl_control%22%2C%22hide_amazon_mp_when_os%22%2C%22hide_amazon_pla%22%2C%22hide_other_offers_on_pla%22%2C%22history_sync_control%22%2C%22hold_utm_params%22%2C%22home_depot_great_and_trending_deals_not_allowed%22%2C%22home_feed_content_data%22%2C%22homepage_feed_12_px_between_items%22%2C%22homepage_feed_alert_freshness_1%22%2C%22homepage_feed_best_unpersonalized_products_all%22%2C%22homepage_feed_cap_great_deals%22%2C%22homepage_feed_carousel_sort_by_event_type%22%2C%22homepage_feed_carousel_title_hidden%22%2C%22homepage_feed_enhanced_filters_no_search%22%2C%22homepage_feed_exclusive_offers_purple%22%2C%22homepage_feed_ftc_disclosure_first_item_on%22%2C%22homepage_feed_generic_store_placement_on%22%2C%22homepage_feed_generic_tile_all_merchants%22%2C%22homepage_feed_great_deals_popularity_sorting%22%2C%22homepage_feed_max_retargeting_age_30%22%2C%22homepage_feed_merchant_logo_in_generic_event_tile%22%2C%22homepage_feed_new_expiring_offers_off%22%2C%22homepage_feed_paginate_head_response%22%2C%22homepage_feed_price_after_rewards_enable%22%2C%22homepage_feed_regression_sorting%22%2C%22homepage_feed_show_all_placements%22%2C%22homepage_feed_show_popular_product_coupons%22%2C%22homepage_feed_show_solo_emails%22%2C%22homepage_feed_sort_by_expected_order%22%2C%22homepage_feed_sort_placements_with_other_items%22%2C%22homepage_feed_sort_unpersonalized_users_by_popularity%22%2C%22homepage_feed_sort_with_gbm_no_lstm%22%2C%22homepage_feed_ui_update_feb_2024%22%2C%22homepage_feed_uncap_generic_store_tiles%22%2C%22homepage_feed_uncap_price_drops%22%2C%22homepage_feed_unpersonalized_ui_v_2%22%2C%22homepage_feed_use_decisioning_engine%22%2C%22homepage_feed_use_gb_model%22%2C%22homepage_freshness_n_equals_2%22%2C%22home_personalization_mirage%22%2C%22hotel_inline_conquesting_ctrl%22%2C%22hotel_partner_promo%22%2C%22hotel_search_offers_ctrl%22%2C%22hp_deals_section_show%22%2C%22hp_growth_test_variant_2%22%2C%22hybrid_match_survey%22%2C%22immediate_notif_v_2_control%22%2C%22ims_over_walmart%22%2C%22install_bail_feedback%22%2C%22instant_airfare_variant%22%2C%22instant_amazon_variant%22%2C%22instant_gaming_variant%22%2C%22instant_sporting_goods_variant%22%2C%22instant_target_variant%22%2C%22instant_tv_iteration_4%22%2C%22instock_preheader_changes%22%2C%22international_placements_filtering%22%2C%22internet_best_deals_active%22%2C%22ip_full_adding_is_only_way%22%2C%22ip_swoosh%22%2C%22is_academy_qualified%22%2C%22is_adidas_qualified%22%2C%22is_allbirds_qualified%22%2C%22is_c_1_microsoft_ca_qualified%22%2C%22is_chewy_qualified%22%2C%22is_cleanup%22%2C%22is_joesnewbalanceoutlet_qualified%22%2C%22is_microsoft_qualified%22%2C%22is_oakley_qualified%22%2C%22is_tatcha_qualified%22%2C%22is_workspace_google_qualified%22%2C%22july_linked_cards_control_ui%22%2C%22landing_fm_2%22%2C%22landing_mobile_email_passive%22%2C%22landing_parallax%22%2C%22launch_control_deployment_notes_admin%22%2C%22lpaca_mobile_piggybank_test_b_heropadding%22%2C%22lpaca_mobile_wallet_test_a_copy%22%2C%22lpaca_sem_apparel_shoes_control%22%2C%22lpaca_sem_apparel_womens_test_a%22%2C%22lpaca_sem_beauty_test_a%22%2C%22lpaca_sem_mobile_apparel_shoes_all_control%22%2C%22lpaca_sem_mobile_apparel_shoes_hoka_control%22%2C%22lpaca_sem_mobile_home_all_control%22%2C%22lpaca_sem_mobile_home_hexclad_control%22%2C%22lpaca_sem_pizza_control%22%2C%22lpaca_sem_placeholder_true%22%2C%22lpaca_sem_travel_flights_branded_dept%22%2C%22lpaca_sem_travel_flights_general_instant%22%2C%22lpaca_sem_travel_flights_general_location_dept%22%2C%22lto_referral_date_5_12_1_23%22%2C%22mag_coup_on%22%2C%22magento_delay_test%22%2C%22mirage_personalization_lego%22%2C%22m_nb_addtosafari_variant_4%22%2C%22m_nb_mobile_onboarding_no_bonus_v_1%22%2C%22mob_clo_ob_ctl%22%2C%22mob_eb_vs_on%22%2C%22mobile_all_incentives_onboarding_control%22%2C%22mobile_all_incentives_onboarding_v_2_control%22%2C%22mobile_all_incentives_onboarding_v_3_b%22%2C%22mobile_desktop_incentive_10_dollar%22%2C%22mobile_desktop_incentive_app_onboarding%22%2C%22mobile_desktop_incentive_control%22%2C%22mobile_desktop_incentive_qualified%22%2C%22mobile_ext_all_desktop_coup_sites%22%2C%22mobile_ext_apply_savings_no_reward%22%2C%22mobile_ext_app_syncing_enabled_v_7%22%2C%22mobile_ext_async_tigger_bg%22%2C%22mobile_ext_auto_dismiss_coupon_result_control%22%2C%22mobile_ext_auto_dismiss_coupon_result_v_2_control%22%2C%22mobile_ext_auto_launch_hotels_experience%22%2C%22mobile_ext_auto_redirect_post_sign_in_test%22%2C%22mobile_ext_bg_storage_ctrl%22%2C%22mobile_ext_blocks_rewards_dismiss_cta_control%22%2C%22mobile_ext_bonus_main_decline_cta_c%22%2C%22mobile_ext_bonus_main_header_d%22%2C%22mobile_ext_bonus_main_positive_cta_b%22%2C%22mobile_ext_bonus_offer_amount_10%22%2C%22mobile_ext_bonus_wait_header_a%22%2C%22mobile_ext_checkout_sitehub_enabled%22%2C%22mobile_ext_coup_result_auto_dismiss%22%2C%22mobile_ext_cta_align_color_red_control%22%2C%22mobile_ext_cta_button_color_blue_control%22%2C%22mobile_ext_cta_button_color_red_v_2%22%2C%22mobile_ext_dewey_ensure_url_trigger%22%2C%22mobile_ext_dismiss_control%22%2C%22mobile_ext_express_checkout_notif_control%22%2C%22mobile_ext_immediate_notif_control%22%2C%22mobile_ext_immediate_notif_coup_count_1%22%2C%22mobile_ext_incentivized_permissions_prompt_control%22%2C%22mobile_ext_incognito_same_tab_control%22%2C%22mobile_ext_large_screen_notif_position_control%22%2C%22mobile_ext_no_site_hub_widget%22%2C%22mobile_ext_notif_animation_removed%22%2C%22mobile_ext_notif_dismiss_control%22%2C%22mobile_ext_notif_dismiss_no_thanks_test_b_v_2%22%2C%22mobile_ext_notification_modals_control%22%2C%22mobile_ext_notification_v_2%22%2C%22mobile_ext_notif_modal_non_monetized%22%2C%22mobile_ext_notif_timeout_control%22%2C%22mobile_ext_onboarding_steps_avoid_apple_menu_test%22%2C%22mobile_ext_perm_badge%22%2C%22mobile_ext_permissions_prompt_enabled_v_2%22%2C%22mobile_ext_permissions_prompt_limit_control%22%2C%22mobile_ext_perm_prompt_4_a%22%2C%22mobile_ext_popup_notif_flow%22%2C%22mobile_ext_popup_notif_flow_control%22%2C%22mobile_ext_popup_permissions_review_control%22%2C%22mobile_ext_popup_permissions_review_onboarding_2%22%2C%22mobile_ext_private_mode_detection_control%22%2C%22mobile_ext_pv_injection_17_4%22%2C%22mobile_ext_pv_injection_control%22%2C%22mobile_ext_ref_post_checkout_ctrl%22%2C%22mobile_ext_reprompt_comp_activations%22%2C%22mobile_ext_reward_rate_app_control%22%2C%22mobile_ext_reward_rate_desktop_v_2%22%2C%22mobile_ext_rewards_badge%22%2C%22mobile_ext_rewards_listen_for_coupon_notif%22%2C%22mobile_ext_roo_coupon_code_count_5_max%22%2C%22mobile_ext_secondary_cta_variant_secondary_control%22%2C%22mobile_ext_shadow_sign_in_prompt%22%2C%22mobile_ext_sitehub_checkouts_fallback%22%2C%22mobile_ext_site_hub_widget_variant_a%22%2C%22mobile_ext_smaller_notif_control%22%2C%22mobile_ext_smaller_notif_control_v_2%22%2C%22mobile_ext_successful_enablement_no_steps%22%2C%22mobile_ext_track_did_not_sign_in%22%2C%22mobile_ext_using_blocks_mirage%22%2C%22mobile_roo_cust_sav_test%22%2C%22mobile_safari_instructions_onboarding_test_f%22%2C%22mobile_safari_instructions_review_control%22%2C%22mobile_short_onboarding%22%2C%22mobile_sign_up_cta_copy_test_b%22%2C%22mobile_ungated_app_ext_onboarding_b%22%2C%22mobilewebext_activate_ctrl%22%2C%22mobilewebext_rewardsonly_test%22%2C%22mobilewebext_yes_overlay%22%2C%22mob_l1tile%22%2C%22mob_ob_1%22%2C%22mob_ss_enabled%22%2C%22mpn_brand_product_match_flag%22%2C%22multimerchant_preheader_control%22%2C%22my_credits_page%22%2C%22name_on_ca_no_name%22%2C%22neimanm_incrementality_test_july_2023_test%22%2C%22new_referrals_user_gate%22%2C%22new_user_30_d%22%2C%22non_referred_is_eligible_feature_gate%22%2C%22n_or_1%22%2C%22no_throttle_activate_later_ctl%22%2C%22notif_reactivation_base%22%2C%22n_pt_1%22%2C%22ob_full_personalization_control%22%2C%22ob_gate_deals%22%2C%22offer_tt_auto_show%22%2C%22offer_tt_control%22%2C%22onboarding_no_clo%22%2C%22onboarding_qr_custom%22%2C%22oos_on%22%2C%22original_instant_images_airbnb%22%2C%22original_instant_images_apple%22%2C%22original_instant_images_fitness%22%2C%22original_instant_images_office_supplies%22%2C%22origin_removal_off%22%2C%22palette_excl%22%2C%22parallax_landing%22%2C%22parallel_content_excl%22%2C%22payout_force_unverified%22%2C%22payout_sort%22%2C%22payout_sort_c%22%2C%22pb_affiliate%22%2C%22pb_landing_w1_post%22%2C%22pb_migration%22%2C%22pc_250_passback%22%2C%22pc_amazon_202108_3_b%22%2C%22pc_pinned_tabs%22%2C%22pc_pinned_tabs_cart_checkout%22%2C%22personalized_first_email%22%2C%22personalized_placements%22%2C%22platform_monitor%22%2C%22POS_LINK_ONLY%22%2C%22postcheckout_modal_dtm_control_03202024%22%2C%22postcheckout_modal_dtm_control_05222024%22%2C%22postcheckout_modal_dtm_variant_4_05092024%22%2C%22postcoupon_p2_g1%22%2C%22post_email_sub_info_modal%22%2C%22prevent_fb_extensionInstalled%22%2C%22price_comparison_rewards_as_savings%22%2C%22pricedrop_preheader_changes%22%2C%22product_card_new%22%2C%22product_page_modal_image_control_none_sub_control_copy_v_0%22%2C%22product_return_notification%22%2C%22randomize_auto_coupons_ctl%22%2C%22randomize_auto_coupons_v_2_other%22%2C%22referral_inc_control%22%2C%22referrals_ios_portal_1_1%22%2C%22referrals_ios_portal_lto_header%22%2C%22referrals_ios_tile_control%22%2C%22referrals_ios_tile_verbiage_1%22%2C%22referrals_is_disabled_feature_gate%22%2C%22referrals_mobile_feed_marketing%22%2C%22referrals_portal_banner_test_1_2%22%2C%22retargeting_multi_product_single_send_zero%22%2C%22retargeting_preheader_changes%22%2C%22rewards_dismissal_2%22%2C%22rewards_dismissal_3%C2%A0%22%2C%22right_side_filter%22%2C%22roo_cust_sav_ctrl%22%2C%22roo_decimal_test%22%2C%22roo_price_diff%22%2C%22roo_prompt_202311_test%22%2C%22row_design%22%2C%22rpc_enabled%22%2C%22r_test_20240306_b%22%2C%22same_tab_affiliate%22%2C%22same_tab_affiliate_filtered_sites%22%2C%22send_back_to_app_sheet%22%2C%22send_timing_metrics%22%2C%22sephora_audience%22%2C%22sf_review%22%2C%22shop_202306_excl%22%2C%22show_best_on_web%22%2C%22show_blog%22%2C%22show_browser_notification_button%22%2C%22show_collections%22%2C%22show_currency%22%2C%22show_custom_notification%22%2C%22show_deals_sidebar%22%2C%22show_events%22%2C%22show_events_and_carousel_in_homepage_feed%22%2C%22show_events_in_carousel_and_feed%22%2C%22show_exclusive_retarget_ui%22%2C%22show_faq_search%22%2C%22show_faq_side_nav%22%2C%22show_homepage_feed_design_v_2%22%2C%22show_homepage_storelinks_6%22%2C%22show_hotel_notif%22%2C%22show_invite_friends%22%2C%22show_mobile_referrals%22%2C%22show_password_reqs%22%2C%22show_personalized_deals_feed_title%22%2C%22show_price_comparison%22%2C%22show_proof_ctrl%22%2C%22show_referrals_homepage_banner%22%2C%22show_retargeted_product_coupons_in_feed%22%2C%22show_retargeting_on_homepage%22%2C%22show_rewards%22%2C%22show_rewards_status%22%2C%22show_social_login%22%2C%22show_total_after_credits%22%2C%22simple_blog%22%2C%22sitehub_p2_g1%22%2C%22skip_account%22%2C%22skip_reload_202401_test%22%2C%22solo_preheader_changes%22%2C%22spa_prompt%22%2C%22square_coup_on%22%2C%22storepage_coup_action_color_test%22%2C%22storepage_coup_flyout_ctrl%22%2C%22storepage_integrated_cta_ctrl%22%2C%22storepage_overhead_cta_ctrl%22%2C%22store_test_page_variant%22%2C%22store_test_variant_12%22%2C%22streamline_events_off%22%2C%22target_audience%22%2C%22test_hotel_offers_ctrl%22%2C%22test_hotel_partner_promo%22%2C%22test_hotel_search_offers_ctrl%22%2C%22top_hatter_hp_or%22%2C%22trendingcoupon_preheader_changes%22%2C%22try_codes_demo_control%22%2C%22trymore_coup_off%22%2C%22ui_copy_control%22%2C%22universal_pc_canonical%22%2C%22unsubscribe_popup_twograybuttons%22%2C%22update_pla%22%2C%22use_interstitial%22%2C%22use_mv3_ss_requester_control%22%2C%22use_new_pc_cart_pricing%22%2C%22use_platforms%22%2C%22use_program_rules%22%2C%22user_contributed_codes%22%2C%22user_contributed_codes_tigger%22%2C%22use_redirect_v2%22%2C%22use_store_img_tag%22%2C%22use_walmart_api%22%2C%22v_2_homepage%22%2C%22visit_merchant_install_gate%22%2C%22wb_api_site%22%2C%22wb_coup_v3%22%2C%22wb_hotel_dynamic_vendor_metas_ctrl%22%2C%22wb_hotel_search_ext_on%22%2C%22wb_hotel_search_off%22%2C%22wb_hotel_search_safari_on%22%2C%22wb_hotels_similarity_recommender_off%22%2C%22wb_mobile_add_features_to_dd%22%2C%22wb_mobile_alerts_push_notif_test%22%2C%22wb_mobile_all_pdeals_b%22%2C%22wb_mobile_alternate_signup_ui_off%22%2C%22wb_mobile_android_13_notif_permission%22%2C%22wb_mobile_announcement_tile_no_animation_control%22%2C%22wb_mobile_app_sign_up_paginated_control%22%2C%22wb_mobile_autocoup_icon_on%22%2C%22wb_mobile_bonus_offer_mobile_ext_on_switch%22%2C%22wb_mobile_button_integration_on%22%2C%22wb_mobile_c_1_oauth_existing_sign_in%22%2C%22wb_mobile_capital_one_linking%22%2C%22wb_mobile_captcha_cancellation_detection%22%2C%22wb_mobile_category_browse_on%22%2C%22wb_mobile_category_feed_card_control%22%2C%22wb_mobile_dc_green_deal_control%22%2C%22wb_mobile_delete_shared_workers%22%2C%22wb_mobile_dewey_ensure_url_trigger_control%22%2C%22wb_mobile_enable_stores_favorite_button%22%2C%22wb_mobile_existing_sign_in_v_2%22%2C%22wb_mobile_ext_install_prompt_cta_a%22%2C%22wb_mobile_ext_install_prompt_modal%22%2C%22wb_mobile_ext_onboarding_use_template%22%2C%22wb_mobile_ext_session_sharing%22%2C%22wb_mobile_favorites_onboarding_v2%22%2C%22wb_mobile_favorite_stores_redesign_on%22%2C%22wb_mobile_fav_stores_vertical_scroll_expanded%22%2C%22wb_mobile_has_new_onboarding%22%2C%22wb_mobile_home_event_tile%22%2C%22wb_mobile_home_feed_filters_control%22%2C%22wb_mobile_home_feed_headers_control%22%2C%22wb_mobile_home_feed_one_column%22%2C%22wb_mobile_home_screen_infinite_scroll%22%2C%22wb_mobile_hotels%22%2C%22wb_mobile_hotels_bottom_tab%22%2C%22wb_mobile_hotels_off%22%2C%22wb_mobile_impact_tracking_enabled%22%2C%22wb_mobile_lifetime_savings_display%22%2C%22wb_mobile_limited_time_icon_on%22%2C%22wb_mobile_lto_badge%22%2C%22wb_mobile_mag_coup_on%22%2C%22wb_mobile_merchant_display_name_wildcard%22%2C%22wb_mobile_mobile_affiliate_channel_on%22%2C%22wb_mobile_mobile_ext_bonus_incentive%22%2C%22wb_mobile_new_app_header_a%22%2C%22wb_mobile_new_favorite_stores%22%2C%22wb_mobile_new_ftux%22%2C%22wb_mobile_new_merchant_query%22%2C%22wb_mobile_nimbus_switch_v_2%22%2C%22wb_mobile_no_announcement_tile_control%22%2C%22wb_mobile_one_home_feed_test%22%2C%22wb_mobile_open_in_browser%22%2C%22wb_mobile_passwordless_sign_in%22%2C%22wb_mobile_pdeals_sort_a%22%2C%22wb_mobile_personalized_deals_count_b%22%2C%22wb_mobile_personalized_deals_feed%22%2C%22wb_mobile_personalized_deals_parity_w_web_test%22%2C%22wb_mobile_personalized_deals_top_of_feed%22%2C%22wb_mobile_placeholder_feature_flag%22%2C%22wb_mobile_prevent_welcome_search_on%22%2C%22wb_mobile_price_compare_drawer_auto%22%2C%22wb_mobile_price_protection_onboarding_step_off%22%2C%22wb_mobile_push_notif_continue_shopping_off%22%2C%22wb_mobile_push_notification_feed%22%2C%22wb_mobile_push_notif_remove_secondary_settings%22%2C%22wb_mobile_referrals_on_off_switch%22%2C%22wb_mobile_referrals_ytd%22%2C%22wb_mobile_safari_extension%22%2C%22wb_mobile_safari_extension_bottom_sheet%22%2C%22wb_mobile_search_personalized_deals_control%22%2C%22wb_mobile_shopify_on%22%2C%22wb_mobile_show_all_favorites%22%2C%22wb_mobile_signin_linking_on%22%2C%22wb_mobile_sign_in_screen_flow%22%2C%22wb_mobile_sign_up_test_a%22%2C%22wb_mobile_slash_api_endpoints%22%2C%22wb_mobile_square_coup_on%22%2C%22wb_mobile_stay_in_app_prompt%22%2C%22wb_mobile_suggested_stores_order_rank_a%22%2C%22wb_mobile_sug_stores_mailbox_purchases_off%22%2C%22wb_mobile_sug_stores_new_personalization_v_1_min_on%22%2C%22wb_mobile_sug_stores_vertical_scroll_v1_on%22%2C%22wb_mobile_tigger_enabled%22%2C%22wb_mobile_tile_homepage_on%22%2C%22wb_mobile_tile_order_fso%22%2C%22wb_mobile_use_programs%22%2C%22wb_mobile_using_blocks_control%22%2C%22wb_mobile_web_onboarding_control%22%2C%22wb_mobile_woo_coup_on%22%2C%22wb_mobile_xdaysleft_badge_on%22%2C%22wb_new_design%22%2C%22wbv2_list_est%22%2C%22wb_web_signin_linking_on%22%2C%22web_branded_home_header_bold%22%2C%22web_hold_on_modal_generic_nonimage_variant%22%2C%22web_hold_on_modal_subc_nonimage_variant%22%2C%22web_hold_on_modal_subu_nonimage_variant%22%2C%22web_onboarding_mobile_qr_headline_3%22%2C%22web_onboarding_show_introduction_step%22%2C%22web_onboarding_wave_5_qr_headline_3%22%2C%22welcome_hero%22%2C%22w_ext_disable_wireless_device_search%22%2C%22w_ext_enable_wireless_device_result%22%2C%22w_ext_enable_wireless_pc_cart%22%2C%22w_ext_price_comparison_treatment%22%2C%22w_ext_tmo_alt_illustration_text_top%22%2C%22w_ext_tmobile_conquesting%22%2C%22w_ext_tmobile_show_notification%22%2C%22w_ext_use_wireless_service_pc%22%2C%22woo_coup_on%22%2C%22worker_init_fetch%22%2C%22wr_path_1_control%22%2C%22w_tmobile_conquest_vm_tag_100%22%2C%22w_web_device_page%22%2C%22w_web_energy_savings_page%22%2C%22w_web_landing_page%22%2C%22w_web_landing_page_v_2%22%2C%22w_web_show_prepaid_page%22%2C%22w_web_show_provider_filter%22%2C%22wyfr_pdp%22%2C%22xm_landing_mobile_4%22%2C%22xm_landing_persado2_2%22%2C%22xm_landing_persado_variant_6%22%2C%22yadayadayada_control%22%5D&cd[hasOrdered]=false&cd[roles]=%5B%22shadow%22%2C%22user%22%5D&cd[view]=onboarding&cd[pagePath]=%2Fonboarding%2Fbase&sw=1600&sh=1200&v=2.9.156&r=stable&a=seg&ec=0&o=4126&fbp=fb.1.1716430479783.616478471&ler=empty&cdl=API_unavailable&it=1716430479390&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf5f6eb154c0be695","source_keys":["1","2"]},{"key_piece":"0x5e2c47f4101f4d2e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 23 May 2024 02:14:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=7039, tp=-1, tpl=-1, uplat=179, ullat=1
pragma: no-cache
x-fb-debug: vfjssanizGj1mgFBAfr8WvaWY4mi5Khno3Y/ek0BV0LpRIhRK2EiiluzZOEw7+1+3VwjRxebbmnbpn7ZU0JcXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 14ms
13ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489250921915227&ev=onboardingInstall2&dl=https%3A%2F%2Fcapitaloneshopping.com&rl=&if=false&ts=1716430479796&cd[country]=DE&sw=1600&sh=1200&v=2.9.156&r=stable&a=seg&ec=0&o=4124&fbp=fb.1.1716430479783.616478471&ler=empty&cdl=API_unavailable&pm=1&hrl=b49b37&it=1716430479390&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&rqm=GET

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://capitaloneshopping.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=3219, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 May 2024 02:14:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 188ms
187ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=489250921915227&ev=onboardingInstall2&dl=https%3A%2F%2Fcapitaloneshopping.com&rl=&if=false&ts=1716430479796&cd[country]=DE&sw=1600&sh=1200&v=2.9.156&r=stable&a=seg&ec=0&o=4124&fbp=fb.1.1716430479783.616478471&ler=empty&cdl=API_unavailable&pm=1&hrl=b49b37&it=1716430479390&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&rqm=FGET

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://capitaloneshopping.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x58be91614408091f","source_keys":["1","2"]},{"key_piece":"0x075421ef27d514d5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 23 May 2024 02:14:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=3365, tp=-1, tpl=-1, uplat=174, ullat=0
pragma: no-cache
x-fb-debug: k3ToSu3UySpg0b9+vsJv/AB54A2GG+X4qoAFN0VeMVkt4Vih84qqSDygY49urvOYg3qlhmIg45XymMvwMu3sYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame D35A 0
0 24ms
12ms Document
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/onboarding/base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-origin: null
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 02:14:39 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2774, tp=-1, tpl=-1, uplat=5, ullat=5

POST
H2 204 t Show response
bat.bing.com/p/insights/c/ 0
213 B 106ms
105ms XHR
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/t

Requested by

Host: capitaloneshopping.com
URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-webinsights-gzip
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 May 2024 02:14:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0B5F59B79CCF41BEBF1AFFFB2E700396 Ref B: FRAEDGE1820 Ref C: 2024-05-23T02:14:39Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://capitaloneshopping.com
access-control-allow-credentials: true
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 favicon.ico
capitaloneshopping.com/ 105 KB
16 KB 27ms
27ms Other
image/vnd.microsoft.icon 172.64.145.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capitaloneshopping.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.145.19 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

661137c65ebb1315932e93a40a87ae58c0f4437789d1b17a67610f6fbba20450

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:14:40 GMT
content-security-policy: frame-ancestors *.wikibuy.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 2825
x-ingress: true
x-tid: 489921bf-64f6-4af7-bd41-25dca26f658a
x-iv-static: true
x-dns-prefetch-control: off
content-encoding: br
x-wb-server: 10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 May 2024 01:27:35 GMT
server: cloudflare
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: s-maxage=31557600, max-age=86400
x-frame-options: SAMEORIGIN
x-wb-container: f21f24e4e5e8
cf-ray: 888188a40d928eb5-FRA
access-control-allow-headers: content-type, x-wb-session, x-wb-extension
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capitaloneshopping.com/	1970-01-20 20:47:12	Name: __cf_bm Value: YXKhyxJ2_YotSMi9wWkHjpsAOrauYL3C6Vf063hBCYE-1716430478-1.0.1.1-xEZk14LCyKw_7fI_L919KD8a3GjAF1CQo23vECLw2KgkW6Z0GgSpReZ3GM2SCzDFv5hfAc1HVIahpgxRi76bRw
.capitaloneshopping.com/	1970-01-21 06:23:10	Name: w82S5kL1 Value: A_acOqOPAQAAQdoblRwGzigRB6_zoqOV4P1ol_NQR17eqfpcXbXmgtqfDZJLAZJGdW6ucnvuwH8AAEB3AAAAAA\|1\|0\|ade9fb61ab466b53f623e2a86f08780a29538cc0
.capitaloneshopping.com/	1970-01-21 05:32:46	Name: ajs_group_id Value: null
.bing.com/	1970-01-21 06:08:46	Name: MUID Value: 0D7F16D0F4886C3D0D590258F5886D66
.capitaloneshopping.com/	1970-01-21 06:23:10	Name: wb_session Value: WB%20ahN2ms8BKhQfHGPk2f2lqjslo0b0FQx5Mf6T8xLRcGmLvtCZ%2F9W3CM%2FARr4%2FbkZ8pYNB428SkQWcM1nb%2FFcD6RvtsvACZ%2FtVb3BLj8G3myIovXK%2BSaoUmuEl5LLI8kCvO%2BKXpopd5eWKHiuecMht6CuChCAiMMMlQ9QqQkmnlnVnNtethzNa%2B9xGheONwPEASeQQEuxQ77SGc7xVcEyU7kGSW438Q9%2FGkKZiJMlfpxTX80kGSmzWmrwyBoljC7OoysZg
.capitaloneshopping.com/	1970-01-20 20:57:15	Name: wb_session_status Value: 0
.capitaloneshopping.com/	1970-01-20 22:56:46	Name: _gcl_au Value: 1.1.412070371.1716430479
.capitaloneshopping.com/	1970-01-21 05:32:46	Name: ajs_user_id Value: %22f361e6b2-4063-50a6-8020-c8b756984008%22
.capitaloneshopping.com/	1970-01-21 05:32:46	Name: ajs_anonymous_id Value: %22db56b18f-8df1-4946-bdae-c296c093c266%22
.bat.bing.com/	1970-01-21 06:08:46	Name: MSPTC Value: ayQYPpyfgXgNo1QzcO6nKCbXWY_FbCb5SrsfxnYQO5U
.capitaloneshopping.com/	1970-01-21 06:23:10	Name: _ga Value: GA1.1.1930141321.1716430480
.capitaloneshopping.com/	1970-01-21 06:23:10	Name: _ga_MP31CDMNVT Value: GS1.1.1716430479.1.1.1716430479.60.0.0
.doubleclick.net/	1970-01-20 20:47:11	Name: test_cookie Value: CheckForPermission
.capitaloneshopping.com/	1970-01-20 20:48:36	Name: _uetsid Value: 3570e6c018aa11ef931ce9b222752dda\|5rt0kn\|2\|fm0\|0\|1604
.capitaloneshopping.com/	1970-01-20 22:56:46	Name: _fbp Value: fb.1.1716430479783.616478471
.capitaloneshopping.com/	1970-01-21 06:08:46	Name: _uetvid Value: 3570fe7018aa11efbb41df75439fc705\|cxe03t\|1716430479947\|1\|1\|bat.bing.com/p/insights/c/t
capitaloneshopping.com/	1970-01-20 20:47:11	Name: _dd_s Value: rum=0&expire=1716431379029

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://capitaloneshopping.com/onboarding/base Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://capitaloneshopping.com/assets/enterprise/js/cof_common.js?seed=AAA1LaOPAQAAHLDegtzKChjPOOH0NFPTF_e9r6mLtGqVD69FG5tckHPA9LR6&ivo6KuRhOr--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://capitaloneshopping.com/onboarding/base Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://capitaloneshopping.com/onboarding/base Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://capitaloneshopping.com/onboarding/base Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://capitaloneshopping.com/onboarding/base Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://capitaloneshopping.com/onboarding/base Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.wikibuy.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
capitaloneshopping.com
cdn.capitaloneshopping.com
connect.facebook.net
googleads.g.doubleclick.net
region1.analytics.google.com
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
track.capitaloneshopping.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.33.218.24
142.250.185.132
142.250.186.162
157.240.0.6
172.217.16.194
172.64.145.19
2001:4860:4802:34::36
216.58.206.35
2620:1ec:c11::237
2a00:1288:80:807::1
2a00:1450:4001:810::2008
2a00:1450:400c:c09::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.255.41.64
05196bbc70bbbb7e8b6775fd38c82a3eedff7ee9a81c2b330083f8086df45754
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f97c94025f720a7764e8be928471a2e67795e45f33f34c5223df71d97c37263
103984d4018d5542f033ddc48560d88a16439b2f8abd19c83a3d73f5fc7ceb4f
1418576a202202edb023857e3b9a910850188e6cacb43bd744f75aaf3229daeb
15c40514d55bcb14629bf79f71598c45b53778b1475127c2c0036d99eb06b0be
1d62d1d96b7c8e932c703754a1888f342ad58ffd57793d415d380cd841c7d243
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
222ba766c01d2142d8af777a1d0f8855b4ebbe4298a8618d8ba0454584867988
22d0de98da3ced084edd641f4baf754f4f7bb7fdea864d4bf78dbb0eb639a4fd
2bb4eb49b2eb3dd08230d12b6371af88361434b537de17bdd6907c051a20cf21
30325cdfa44f4f56a631fda62ef484a5945384fbad3ee13d4578d537d83c4be5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4f0c40a66c568997a411cdcf1188c4c6a4fdaf0e3e055da56dd145a41a48889b
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
661137c65ebb1315932e93a40a87ae58c0f4437789d1b17a67610f6fbba20450
6722c3699d9da94603b11afff5aa8d3475b6ef8a582e9b1465e45ba1b3154267
6df14f39ae4593046af232505d456f58c7683671b054afebd36a31ca2d52b8c0
754235af94ace68ec407cdbdbcaab45f4baf868f32feb3ec0bca57adbc0c9193
787822bdb2347c0ed11d2304efc87f9cf09239178ff181a2e804b6ad623166bb
7c647f8e4cb033a92b373743eded65766f269749cf7f13c16c6d5549d464807b
8181fc19bdada2df41ab771e2719c09f2aef044cf1518183a38830b16adb4612
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
830beabed4e6d23ba596547510f9aad7dda37c34b4163319584851a3fb8b76d8
85bbac2d5fd0d694ebbe478afdbeec6b9da0f340a954f076125d5c2792d74a83
997a0ce5e29580077174e36103076140bf26b248562bfe3ee4e7bbe1b62a19be
9d0b234cd9d0205583eb3c4e57954a5fdf8ffea548f8ea28ed1991ea01a327e5
a5a5e5de81f061cd7ea716501fabe3cc58b598a9da509e11792f4025a6cf5f7d
a76d017185c7950bedb78605688620d6bf1a2f33b14c7aec848ca763effcad75
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b7dd95e64e9daf1e6cce80dc9c12756b8ec078ba99d0fd0765fa1373101c0a40
b89f3bee36948a572ece20673aa2df058e5540c5d4b45ed2aba5e6cf2035615b
bbe32c37b7d8d4b38ae5e530bb6fc69af0160776a4777af2a7e00a5f127eb0f7
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cdab8314825bc46acfd7f8e5c9c9705bd55bd7d51b2059f0ae0e1d7790014d87
ddd1ecd23e2e8ea7e9c8311aa8bd1a23ed975cb8da12e18a43bd4c71aab11dc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd30cb47fd744d658bf646e0a52b400b85e372bb3c667896ecafc9edf7ddc2d
f6a952f6983d4b32731f9e90c648473dc093075ac4eb779aae8cd8e8afef33b2
ff280daab9122103da422be7a53e81b0d450cace666e66466c2b85aee47892d0

capitaloneshopping.com Open in urlscan Pro 172.64.145.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

95 %HTTPS

47 %IPv6

12 Domains

16 Subdomains

14 IPs

5 Countries

975 kBTransfer

2812 kBSize

17 Cookies

0 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

capitaloneshopping.com Open in urlscan Pro
172.64.145.19 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

95 %
HTTPS

47 %
IPv6

12
Domains

16
Subdomains

14
IPs

5
Countries

975 kB
Transfer

2812 kB
Size

17
Cookies

57 HTTP transactions
1 data transactions