creativeresources.threadless.com Open in urlscan Pro
151.101.130.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://emlink.threadless.com/u/nrd.php?p=Bi8kJQn7s0_167536_2730913_1_25&ems_l=3982418&i=1&d=MTcxNDQzNzMy%7CQmk4a0pRbjdzMA==%7...
Effective URL:
https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s...
Submission: On April 24 via api (April 24th 2022, 12:21:28 am UTC) from BE — Scanned from DE

Summary HTTP 72 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 20 domains to perform 72 HTTP transactions. The main IP is 151.101.130.159, located in United States and belongs to FASTLY, US. The main domain is creativeresources.threadless.com.
TLS certificate: Issued by R3 on March 27th 2022. Valid for: 3 months.

This is the only time creativeresources.threadless.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
20	151.101.130.159 151.101.130.159	54113 (FASTLY) (FASTLY)
8	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e031	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
9	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e01c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:401... 2a00:1450:4014:80a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
72	28

1 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

emlink.threadless.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.130.159 (United States)

ASN54113 (FASTLY, US)

creativeresources.threadless.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:f7::5c7b:e031 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e01c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4014:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	threadless.com emlink.threadless.com — Cisco Umbrella Rank: 664040 creativeresources.threadless.com	1 MB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 94 Failed	731 KB
9	typekit.net use.typekit.net — Cisco Umbrella Rank: 469 p.typekit.net — Cisco Umbrella Rank: 572	165 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 jnn-pa.googleapis.com — Cisco Umbrella Rank: 267	24 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 80 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 328	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	416 B
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
2	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 3026 track.hubspot.com — Cisco Umbrella Rank: 2107	2 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 137	113 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4372	517 B
1	google.de www.google.de — Cisco Umbrella Rank: 6544	501 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	70 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 223	1 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2018	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1999	20 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4849	25 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1620	10 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2178	977 B
72	20

	Domain	Requested by
20	creativeresources.threadless.com	creativeresources.threadless.com
9	www.youtube.com	creativeresources.threadless.com www.youtube.com
8	use.typekit.net	creativeresources.threadless.com
4	jnn-pa.googleapis.com	www.youtube.com
3	www.facebook.com	creativeresources.threadless.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google.com	www.youtube.com creativeresources.threadless.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	connect.facebook.net	creativeresources.threadless.com connect.facebook.net
2	www.google-analytics.com	creativeresources.threadless.com www.google-analytics.com
2	fonts.googleapis.com	creativeresources.threadless.com
1	track.hubspot.com
1	forms.hsforms.com	creativeresources.threadless.com
1	forms.hubspot.com	js.hscollectedforms.net
1	www.google.de	creativeresources.threadless.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	p.typekit.net	creativeresources.threadless.com
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	www.youtube.com
1	secure.gravatar.com	creativeresources.threadless.com
1	js.hs-scripts.com	creativeresources.threadless.com
1	emlink.threadless.com
72	27

This site contains links to these domains. Also see Links.

Domain
www.threadless.com
artistshopshelp.threadless.com
drive.google.com
placeit.net
cutencanine.threadless.com
www.instagram.com
shadesofgold.threadless.com
www.skinnycorp.com

Subject Issuer	Validity	Valid
emlink.threadless.com R3	`2022-03-25` - `2022-06-23`	3 months	crt.sh
creativeresources.threadless.com R3	`2022-03-27` - `2022-06-25`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-29` - `2022-04-29`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Frame ID: F8B237B0850AF3812DDFFB466C9C34FA
Requests: 49 HTTP requests in this frame

Frame: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
Frame ID: 8D03A965D9048276A6086E0601CCCEAD
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
Frame ID: 05125DB8D35059CB5CC4E19AE154D31F
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 661E0A3C37621B8630EAA571E191C8D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Earn Double When You Sell Regular T-Shirts in March!

Page URL History Show full URLs

https://emlink.threadless.com/u/nrd.php?p=Bi8kJQn7s0_167536_2730913_1_25&ems_l=3982418&i=1&d=MTcxNDQzNzMy%... Page URL
https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

72
Requests

97 %
HTTPS

93 %
IPv6

20
Domains

27
Subdomains

28
IPs

4
Countries

2582 kB
Transfer

5470 kB
Size

11
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.threadless.com/artist-shops/signup?thref=creativeresources
Title: Start A Shop

Search URL Search Domain Scan URL

URL: https://artistshopshelp.threadless.com/article/899-what-is-managed-pricing
Title: Managed Pricing and Promotions

Search URL Search Domain Scan URL

URL: https://www.threadless.com/artist-shops/signup/doubleyourearnings
Title: Artist Shops

Search URL Search Domain Scan URL

URL: https://www.threadless.com/profile/artist_dashboard/artist-shop/
Title: Managed Pricing and Promotions

Search URL Search Domain Scan URL

URL: https://www.threadless.com/profile/artist_dashboard/artist-shop/promotional-tools/
Title: Promo Tools feature

Search URL Search Domain Scan URL

URL: https://drive.google.com/drive/folders/0BxMYo-ZP7sMDaFh5aC0xMEwwa1U?usp=sharing
Title: custom lifestyle overlay images

Search URL Search Domain Scan URL

URL: https://placeit.net/
Title: PlaceIt

Search URL Search Domain Scan URL

URL: https://placeit.net/c/mockups/?pl_coupon=threadless20&utm_source=affiliates&utm_medium=banner-aff&utm_campaign=placeit_aff_Threadless&utm_content=discount-link
Title: using this link

Search URL Search Domain Scan URL

URL: https://cutencanine.threadless.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CKovNOeDS-N/

Search URL Search Domain Scan URL

URL: https://artistshopshelp.threadless.com/article/662-can-i-arrange-products-on-my-shop-homepage
Title: Homepage Collection builder

Search URL Search Domain Scan URL

URL: https://shadesofgold.threadless.com/

Search URL Search Domain Scan URL

URL: https://www.threadless.com/artist-shops/signup?thref=creativeresourcesfooter
Title: Get Started

Search URL Search Domain Scan URL

URL: https://www.skinnycorp.com/
Title: skinnyCorp LLC

Search URL Search Domain Scan URL

URL: https://www.threadless.com/artist-shops/signup/art?thref=creativeresourcespopup
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.threadless.com/artist-shops/signup?thref=creativeresourcesbanner
Title: LEARN MORE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://emlink.threadless.com/u/nrd.php?p=Bi8kJQn7s0_167536_2730913_1_25&ems_l=3982418&i=1&d=MTcxNDQzNzMy%7CQmk4a0pRbjdzMA==%7COGRiYzA3N2ViNDBjYmNjOTE=%7CMjAyMi0wNC0xOCsxOCUzQTAwJTNBMDA=%7CMjIwNDE4K1NhbGUrQW5ub3VuY2VtZW50%7CMjIwNDE4K1NhbGUrQW5ub3VuY2VtZW50%7CSGFzK25vdCtwdXJjaGFzZWRfYWN0aXZlcytFbWFyc3lz%7C&_esuh=_11_32e3f6b981ed687e54db7820516ec81c95c58c6bb71fa0a424a747c4dc7f556e Page URL
https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK nrd.php Show response
emlink.threadless.com/u/ 1 KB
1 KB 113ms
96ms Document
text/html 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://emlink.threadless.com/u/nrd.php?p=Bi8kJQn7s0_167536_2730913_1_25&ems_l=3982418&i=1&d=MTcxNDQzNzMy%7CQmk4a0pRbjdzMA==%7COGRiYzA3N2ViNDBjYmNjOTE=%7CMjAyMi0wNC0xOCsxOCUzQTAwJTNBMDA=%7CMjIwNDE4K1NhbGUrQW5ub3VuY2VtZW50%7CMjIwNDE4K1NhbGUrQW5ub3VuY2VtZW50%7CSGFzK25vdCtwdXJjaGFzZWRfYWN0aXZlcytFbWFyc3lz%7C&_esuh=_11_32e3f6b981ed687e54db7820516ec81c95c58c6bb71fa0a424a747c4dc7f556e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 78ae6aa2b8661d74a9ea4fe0cded484ae146bbfdaa436a5d1f0f911959f3b545

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 516
Content-Type: text/html; charset=utf-8
Date: Sun, 24 Apr 2022 00:21:22 GMT
Pragma: no-cache
Server: PWS/8.3.1.0.8
Via: 1.1 PS-FRA-01nxn162:2 (W), 1.1 PSdgflkfFRA1je97:16 (W)
X-Px: ms PSdgflkfFRA1je97FRA,ms PS-FRA-01nxn162FRA(origin)
X-Ws-Request-Id: 62649802_PSdgflkfFRA1vg90_6157-45995
x-af: suite34-web3
x-fe: suite34-web3
x-hf: suite-haproxy01d

GET
H2 200 Primary Request / Show response
creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/ 74 KB
21 KB 351ms
312ms Document
text/html 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

395ae9ad7911c2103ebfeefb0ec322c92a946f3d39e1f97b24dd7f3e979962e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://emlink.threadless.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 21402
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 00:21:22 GMT
fastly-restarts: 1
link: <https://creativeresources.threadless.com/wp-json/>; rel="https://api.w.org/" <https://creativeresources.threadless.com/wp-json/wp/v2/posts/6909>; rel="alternate"; type="application/json" <https://creativeresources.threadless.com/?p=6909>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: Flywheel/5.1.0
vary: Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-cacheable: YES
x-content-type-options: nosniff
x-fw-dynamic: TRUE
x-fw-hash: tu7haob4g0
x-fw-serve: TRUE
x-fw-server: Flywheel/5.1.0
x-fw-static: NO
x-fw-type: VISIT
x-fw-version: 5.0.0
x-served-by: cache-fra19178-FRA
x-timer: S1650759682.284870,VS0,VE306
x-xss-protection: 1

GET
H2 200 crn5xkh.js Show response
use.typekit.net/ 18 KB
7 KB 151ms
125ms Script
text/javascript 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/crn5xkh.js

Requested by

Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

582a71f33144f801e7ecdc988637b46dd72aadbf59896218b96a3e9d7c8bb266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sun, 24 Apr 2022 00:21:22 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6815

GET
H2 200 style.min.css
creativeresources.threadless.com/wp-includes/css/dist/block-library/ 81 KB
13 KB 11ms
8ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
content-length: 13391
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.629199,VS0,VE1
etag: W/"624cb15c-145db"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 styles.css
creativeresources.threadless.com/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/ 416 B
432 B 443ms
440ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css?ver=5.9.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

715d95401a0252ab3f290b8d318f8f6bfd0bf1163f025767fa065200c5e6f883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 283
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Sep 2020 15:31:00 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.630248,VS0,VE434
etag: W/"5f4fbab4-1a0"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 wpfront-notification-bar.min.css
creativeresources.threadless.com/wp-content/plugins/wpfront-notification-bar/css/ 3 KB
962 B 11ms
8ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-content/plugins/wpfront-notification-bar/css/wpfront-notification-bar.min.css?ver=3.2.0.011614

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

1e02f8bde4df45b41cf25e130a640bfed493138be1fc6a1f4fca85dbe473c1c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
content-length: 854
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Feb 2022 16:48:19 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.630311,VS0,VE1
etag: W/"61fab5d3-bfc"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 style.css
creativeresources.threadless.com/wp-content/themes/bindery-1.2.0/ 86 KB
19 KB 546ms
544ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-content/themes/bindery-1.2.0/style.css?ver=1.1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

fd15ebae0bf4cccd0fb89956a0253343452d5bb3f26662ae7e6a0ea8591577f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 18822
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 Jan 2019 21:34:48 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.631303,VS0,VE537
etag: W/"5c463af8-15895"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 59ms
23ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quattrocento+Sans%3A400%2C400italic%2C700italic%2C700%7CVesper+Libre%3A700&subset=latin%2Clatin-ext&ver=5.9.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b25d5610ffea1aceaa4df701d4d2789e913566fee930f73caca74eb1360b4755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 00:21:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 00:21:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 00:21:22 GMT

GET
H2 200 pum-site-styles.css
creativeresources.threadless.com/wp-content/uploads/pum/ 18 KB
4 KB 10ms
8ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-content/uploads/pum/pum-site-styles.css?generated=1650576244&ver=1.16.7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

6dd665bbaef9df0cfaeade6956818a6e7391fd56ea3b75594751670113eae7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
content-length: 4033
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Apr 2022 21:24:04 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.631377,VS0,VE1
etag: W/"6261cb74-4938"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jquery.min.js Show response
creativeresources.threadless.com/wp-includes/js/jquery/ 87 KB
33 KB 11ms
10ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
content-length: 34060
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.631441,VS0,VE1
etag: W/"624cb15c-15db1"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jquery-migrate.min.js Show response
creativeresources.threadless.com/wp-includes/js/jquery/ 11 KB
4 KB 10ms
9ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
content-length: 4405
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.631498,VS0,VE1
etag: W/"624cb15c-2bd8"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 wpfront-notification-bar.min.js Show response
creativeresources.threadless.com/wp-content/plugins/wpfront-notification-bar/js/ 4 KB
2 KB 10ms
9ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-content/plugins/wpfront-notification-bar/js/wpfront-notification-bar.min.js?ver=3.2.0.011614

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

a80cb5bc3ef46d56555ebe172e5dab417d4288e58f8ea21107933737063cb717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
content-length: 1670
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Feb 2022 16:48:19 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.631602,VS0,VE1
etag: W/"61fab5d3-11fa"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 asLogo.png
creativeresources.threadless.com/blog/wp-content/uploads/2015/12/ 20 KB
20 KB 11ms
10ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creativeresources.threadless.com/blog/wp-content/uploads/2015/12/asLogo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

b21de372ff7532431ae0e688daf32d993b2551edace23b12d161f93a45d4564d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
content-length: 20097
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Mar 2017 16:21:38 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.192480,VS0,VE1
etag: W/"58c02f92-4f5b"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 20225647.js Show response
js.hs-scripts.com/ 1 KB
977 B 413ms
379ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/20225647.js?integration=WordPress&ver=8.9.22
Requested by: Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73043e4632e165038c6cae26a3eaf52c3e61545ef00b790bfb830e75b47b53fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 80a73761-400d-45dc-9fad-22833e407742
last-modified: Sat, 23 Apr 2022 19:00:59 GMT
server: cloudflare
x-trace: 2B475BD1C95F8877A4EF4E22910E604B3C4D6F6C1D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://creativeresources.threadless.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 700aadb4280a9bd4-FRA
expires: Sun, 24 Apr 2022 00:22:23 GMT

GET
H2 200 vendor.js Show response
creativeresources.threadless.com/wp-content/themes/bindery-1.2.0/js/ 19 KB
7 KB 8ms
8ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-content/themes/bindery-1.2.0/js/vendor.js?ver=1.1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

3056f4c8e4051afc23265ddc8825fb3823f61357e1eb50ebfadc677e2541ae40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
content-length: 7162
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Jan 2017 19:54:45 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.081519,VS0,VE1
etag: W/"5873ea85-4d86"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 theme.js Show response
creativeresources.threadless.com/wp-content/themes/bindery-1.2.0/js/ 32 KB
7 KB 9ms
9ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-content/themes/bindery-1.2.0/js/theme.js?ver=1.1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

de6d795626c42bfe194bc0fed765902acc83f97cf534199c20ea6f1d7f2ac694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
content-length: 7059
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Jan 2017 19:54:45 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.091887,VS0,VE1
etag: W/"5873ea85-7f6f"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 core.min.js Show response
creativeresources.threadless.com/wp-includes/js/jquery/ui/ 20 KB
8 KB 449ms
449ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 7401
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.103500,VS0,VE430
etag: W/"624cb15c-50ea"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pum-site-scripts.js Show response
creativeresources.threadless.com/wp-content/uploads/pum/ 68 KB
19 KB 120ms
120ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1650576244&ver=1.16.7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

34c54099f7fd6e56b3a430486236904479b12312dcdcab225183b1860f2ecc21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 19449
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Apr 2022 21:24:04 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.176661,VS0,VE113
etag: W/"6261cb74-1101b"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 wp-emoji-release.min.js Show response
creativeresources.threadless.com/wp-includes/js/ 18 KB
5 KB 10ms
9ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://creativeresources.threadless.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
content-length: 5424
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.192586,VS0,VE1
etag: W/"624cb15c-4705"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 2 KB
598 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/wp-content/uploads/pum/pum-site-styles.css?generated=1650576244&ver=1.16.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e9fbf3d824fd46e5a95966458246d1f26baae0e47d3dc732e2ce0f51b14d772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/wp-content/uploads/pum/pum-site-styles.css?generated=1650576244&ver=1.16.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Apr 2022 23:22:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 00:21:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 00:21:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 62ms
23ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2793
date: Sat, 23 Apr 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Apr 2022 01:34:50 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: qUoxRPO0q1D1jvXyL8peWJS50tyUXdgyLjtxyRghuKrJWm+fblJXRNGOdz36IIj9I6YPHm7p0B7YH7MRfUbxRA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 24 Apr 2022 00:21:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 search_white.svg
creativeresources.threadless.com/blog/wp-content/uploads/2015/12/ 1 KB
873 B 137ms
137ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creativeresources.threadless.com/blog/wp-content/uploads/2015/12/search_white.svg

Requested by

Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/wp-content/themes/bindery-1.2.0/style.css?ver=1.1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

b9163c71a26c57c0acdfc29bef89ffbeb8b27c68203687d89484678c1c7fa2b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/wp-content/themes/bindery-1.2.0/style.css?ver=1.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 693
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Mar 2017 16:21:41 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.201733,VS0,VE126
etag: W/"58c02f95-46f"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/svg+xml
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET iXSQ0UkV9Ag
www.youtube.com/embed/ Frame 8D03 0
0

GET
H2 200 2a58f45159b4bac3ba0f76870de077db
secure.gravatar.com/avatar/ 9 KB
10 KB 27ms
10ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/2a58f45159b4bac3ba0f76870de077db?s=62&d=mm&r=g
Requested by: Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a04e2561416873c392f2c7a329861c3dbb6a532741b22703b2ba91dc9e0f690

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 24 Apr 2022 00:21:23 GMT
last-modified: Tue, 15 Sep 2020 19:48:20 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="2a58f45159b4bac3ba0f76870de077db.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/2a58f45159b4bac3ba0f76870de077db?s=62&d=mm&r=g>; rel="canonical"
content-length: 9597
expires: Sun, 24 Apr 2022 00:26:23 GMT

GET
H2 200 file-21yZ9ivEAn.png
creativeresources.threadless.com/wp-content/uploads/2021/02/ 37 KB
34 KB 128ms
127ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creativeresources.threadless.com/wp-content/uploads/2021/02/file-21yZ9ivEAn.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

6704b6d5ab32318f45a0bd944e3e4fbe10d7973fbd9c9e4239555821bf98a05e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 34972
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Feb 2021 04:19:31 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.298883,VS0,VE121
etag: W/"6024b053-94aa"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 earn_double.gif
creativeresources.threadless.com/wp-content/uploads/2021/02/ 160 KB
157 KB 250ms
249ms Image
image/gif 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creativeresources.threadless.com/wp-content/uploads/2021/02/earn_double.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

05956db19b4b8296bf0cddb40daf0a371324146ce7165c33cae3f763595a543e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 160384
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Feb 2021 03:26:58 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.298971,VS0,VE232
etag: W/"6024a402-28098"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/gif
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 Screen-Shot-2021-02-10-at-11.38.46-PM-copy-1400x555.png
creativeresources.threadless.com/wp-content/uploads/2021/02/ 827 KB
822 KB 993ms
993ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creativeresources.threadless.com/wp-content/uploads/2021/02/Screen-Shot-2021-02-10-at-11.38.46-PM-copy-1400x555.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

04e84ab1f9e1fe1d01e9a82db09ef2fececc76a0c28ff460421d862ca847aee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 840917
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Feb 2021 18:20:19 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.299023,VS0,VE986
etag: W/"60257563-ceb3f"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 DoubleEarnings_CR_ver1-01-2048x1054.jpg
creativeresources.threadless.com/wp-content/uploads/2021/02/ 156 KB
154 KB 333ms
333ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creativeresources.threadless.com/wp-content/uploads/2021/02/DoubleEarnings_CR_ver1-01-2048x1054.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

895a945a5d56bd073de4038ae0ea8076c3c048b027cdc314aa9d6c5948f5a4a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fw-static: YES
date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 157864
x-xss-protection: 1
x-served-by: cache-fra19178-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Feb 2021 21:54:51 GMT
server: Flywheel/5.1.0
x-timer: S1650759683.332245,VS0,VE325
etag: W/"6024562b-27022"
x-fw-hash: tu7haob4g0
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 iXSQ0UkV9Ag Show response
www.youtube.com/embed/ Frame 0512 62 KB
27 KB 58ms
58ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed

Requested by

Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ea04908530a4282b145a3640de56434f08417d35da9728f760fee9b008bf29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sun, 24 Apr 2022 00:21:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 718941741538586 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 64ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/718941741538586?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

269e52624f89aa7a23e5e92356423b9b0b5931553d997f5742e1f9ccc07d2fb0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 8rni32gNASvFYBBHgNxsIpdQM6QERP9Gtb2LrW3Cg7Z8fjFrFE8RKjYfNHjfne1YCud5xviJu3VCGW3ramml6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 24 Apr 2022 00:21:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1650759683409
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 71ms
21ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1595863696&t=pageview&_s=1&dl=https%3A%2F%2Fcreativeresources.threadless.com%2Fearn-double-on-regular-t-shirts-in-march%2F%3Fsc_src%3Demail_2730913%26sc_lid%3D171443732%26sc_uid%3DBi8kJQn7s0%26sc_llid%3D167536%26sc_eh%3D8dbc077eb40cbcc91%26date%3D2022-04-18%2B18%253A00%253A00%26camp%3D220418%2BSale%2BAnnouncement%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3D220418%2BSale%2BAnnouncement%26sname%3DHas%2Bnot%2Bpurchased_actives%2BEmarsys&dr=https%3A%2F%2Femlink.threadless.com%2F&ul=en-us&de=UTF-8&dt=Earn%20Double%20When%20You%20Sell%20Regular%20T-Shirts%20in%20March!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=978306679&gjid=1203440965&cid=1274895118.1650759683&tid=UA-3478547-27&_gid=1556372763.1650759683&_r=1&_slc=1&z=1728673336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 00:21:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creativeresources.threadless.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/534c466c/ Frame 0512 346 KB
46 KB 48ms
19ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af6f2c85ecc99d72bcc3598161f057c701338bfe66584d9d588dfe3ea6fafd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 09:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47506
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 23 Apr 2023 09:45:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0512 15 KB
16 KB 62ms
24ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 392598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 11:18:05 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/534c466c/www-embed-player.vflset/ Frame 0512 278 KB
86 KB 56ms
29ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095e9c8ccd5f0d3e01056097d0dba6ed3860ede26cda210079d9321b287ea18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87611
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:48:31 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/ Frame 0512 2 MB
524 KB 63ms
37ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78957815b251475c6757b01b8d2b1172210ce4c041365d4f31efd41ba628b1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:50:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 536510
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:50:49 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/534c466c/fetch-polyfill.vflset/ Frame 0512 9 KB
3 KB 39ms
13ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:48:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 35ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=718941741538586&ev=PageView&dl=https%3A%2F%2Fcreativeresources.threadless.com%2Fearn-double-on-regular-t-shirts-in-march%2F%3Fsc_src%3Demail_2730913%26sc_lid%3D171443732%26sc_uid%3DBi8kJQn7s0%26sc_llid%3D167536%26sc_eh%3D8dbc077eb40cbcc91%26date%3D2022-04-18%2B18%253A00%253A00%26camp%3D220418%2BSale%2BAnnouncement%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3D220418%2BSale%2BAnnouncement%26sname%3DHas%2Bnot%2Bpurchased_actives%2BEmarsys&rl=https%3A%2F%2Femlink.threadless.com%2F&if=false&ts=1650759683454&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650759683453.1759091849&it=1650759683347&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 24 Apr 2022 00:21:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 35ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=718941741538586&ev=ViewContent&dl=https%3A%2F%2Fcreativeresources.threadless.com%2Fearn-double-on-regular-t-shirts-in-march%2F%3Fsc_src%3Demail_2730913%26sc_lid%3D171443732%26sc_uid%3DBi8kJQn7s0%26sc_llid%3D167536%26sc_eh%3D8dbc077eb40cbcc91%26date%3D2022-04-18%2B18%253A00%253A00%26camp%3D220418%2BSale%2BAnnouncement%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3D220418%2BSale%2BAnnouncement%26sname%3DHas%2Bnot%2Bpurchased_actives%2BEmarsys&rl=https%3A%2F%2Femlink.threadless.com%2F&if=false&ts=1650759683467&cd[content_type]=creative_resources&cd[content_name]=post_earn-double-on-regular-t-shirts-in-march&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650759683453.1759091849&it=1650759683347&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 24 Apr 2022 00:21:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
453 B 388ms
20ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3478547-27&cid=1274895118.1650759683&jid=978306679&gjid=1203440965&_gid=1556372763.1650759683&_u=IEBAAEAAAAAAAC~&z=645952951

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Apr 2022 00:21:23 GMT
content-type: text/plain
access-control-allow-origin: https://creativeresources.threadless.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/fc5067/0000000000000000000141c9/23/ 18 KB
18 KB 37ms
13ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/fc5067/0000000000000000000141c9/23/l?subset_id=2&fvd=n7&v=3
Requested by: Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b523377fb997ef95a9179eaa9ffe6db1c1977ba84fd3885b3d64bb3c8f741d64

Request headers

Referer: https://creativeresources.threadless.com/
Origin: https://creativeresources.threadless.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
server: nginx
etag: "5f7c9c31e14895b950af7a2c9ca160773781a31f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18396

GET
H2 200 l
use.typekit.net/af/5d42f0/000000000000000000014687/23/ 19 KB
19 KB 39ms
14ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d42f0/000000000000000000014687/23/l?subset_id=2&fvd=n4&v=3
Requested by: Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 52a2ed0e4c5874435541497a0de8bb307fe9675770fc68f38f1251b89d963c16

Request headers

Referer: https://creativeresources.threadless.com/
Origin: https://creativeresources.threadless.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
server: nginx
etag: "c6de4313d0778b23f6ab4da7b8130c4b71bf5d0f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19140

GET
H2 200 l
use.typekit.net/af/477a96/00000000000000000001413e/23/ 15 KB
15 KB 38ms
14ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/477a96/00000000000000000001413e/23/l?subset_id=2&fvd=i4&v=3
Requested by: Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 69d7d4b8423e8fef52e65c886c144934693ff96c8a4f9faa3c0982c49b7ed0d4

Request headers

Referer: https://creativeresources.threadless.com/
Origin: https://creativeresources.threadless.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
server: nginx
etag: "15bfaa59c255952cea8b38b7939c41f728daec92"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15280

GET
H2 200 l
use.typekit.net/af/0944bd/00000000000000000001413f/23/ 14 KB
14 KB 43ms
19ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0944bd/00000000000000000001413f/23/l?subset_id=2&fvd=n6&v=3
Requested by: Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4c0c93fe5a14face1686991de6d350358dccf4a4e896d02c6b2bc65faa679bd8

Request headers

Referer: https://creativeresources.threadless.com/
Origin: https://creativeresources.threadless.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
server: nginx
etag: "9de3d647c561acbd4441bd51dd11b2c4ca146d00"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14512

GET
H2 200 l
use.typekit.net/af/20ab7f/000000000000000000014141/23/ 14 KB
14 KB 43ms
19ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/20ab7f/000000000000000000014141/23/l?subset_id=2&fvd=n7&v=3
Requested by: Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 21eec97503d5355d488a41058584eedd14db4be6353003926397e6584a6963f0

Request headers

Referer: https://creativeresources.threadless.com/
Origin: https://creativeresources.threadless.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
server: nginx
etag: "6a572e76ecaeeb7a5be2a196314be213cec59e4b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14364

GET
H2 200 l
use.typekit.net/af/2348e6/000000000000000000010091/23/ 40 KB
40 KB 52ms
28ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2348e6/000000000000000000010091/23/l?subset_id=2&fvd=n7&v=3
Requested by: Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 47b4c84081cdf6f4542e2913b7fc66ec56fadf3f53abdf42957bc365009256ea

Request headers

Referer: https://creativeresources.threadless.com/
Origin: https://creativeresources.threadless.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
server: nginx
etag: "570cadf85a4f7439bce027a5b51da729237c3fc0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40452

GET
H2 200 l
use.typekit.net/af/d91e8c/000000000000000000010097/23/ 37 KB
38 KB 47ms
23ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d91e8c/000000000000000000010097/23/l?subset_id=2&fvd=n8&v=3
Requested by: Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 11a55e9e454079dc3bcb987cc33610baa638d1497fbfe3ec45ef63c659bb4b14

Request headers

Referer: https://creativeresources.threadless.com/
Origin: https://creativeresources.threadless.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
server: nginx
etag: "c492dbb0faf8091e3c45fafd0ecd86f80c6b03d4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38152

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0512
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

66ms
22ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31b2241bf4b3d16340ccd4bf6bd22d94a3c4f53e14d0b97ed234c462e63c345e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 24 Apr 2022 00:21:23 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0512 29 B
588 B 78ms
14ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:08:11 GMT
x-content-type-options: nosniff
age: 792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Apr 2022 00:23:11 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 36ms
9ms Image
image/gif 2a02:26f0:f7::5c7b:e01c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=crn5xkh&ht=tk&h=creativeresources.threadless.com&f=84.1783.1784.1785.1787.10881.10887&a=269387&js=1.21.0&app=typekit&e=js&_=1650759683668
Requested by: Host: creativeresources.threadless.com
URL: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e01c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 122ms
38ms Preflight
text/html 2a00:1450:4014:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 24 Apr 2022 00:21:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0512 45 KB
22 KB 96ms
43ms XHR
application/json+protobuf 2a00:1450:4014:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

465a782547c1aaa1c664cfabed024a28600b505a5d823c6a3a1242a73830b9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22276
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/ Frame 0512 118 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc2727f6c5fed6de34d38219bc52410773f36d6070471d02ac291ae154160e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:53:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37660
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:53:48 GMT

GET
H2 200 -fGfix5ZuJUOVczo_kjURdYiDBKCRn1s8SwuZEgz-mU.js Show response
www.google.com/js/th/ Frame 0512 35 KB
14 KB 91ms
32ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/-fGfix5ZuJUOVczo_kjURdYiDBKCRn1s8SwuZEgz-mU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f19f8b1e59b8950e55cce8fe48d445d6220c1282467d6cf12c2e644833fa65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 11:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13737
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 11:05:26 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/ Frame 0512 27 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0908f26f913f08109b7ed2df2ddf41da3ebc379fa679950761d214f2ca35b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8163
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:50:50 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 73 KB
25 KB 57ms
35ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20225647.js?integration=WordPress&ver=8.9.22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e

Request headers

Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Origin: https://creativeresources.threadless.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
via: 1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 40002
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.273/bundles/project.js&cfRay=7006dd16bbc99107-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 700aadb7aaa092c9-FRA
last-modified: Fri, 04 Mar 2022 03:24:42 UTC
server: cloudflare
etag: W/"5655d6c20b8fbd0326ccba67c4a94b8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: d8qvQ4NJOEEA6UgWpFiA1cbs11TvqQym
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: U7p86P7BJ_qMqcnIny54BSZmuMnzXWfPTvoUmNtNPmm2UPhMYVE4Ug==
x-hs-target-asset: collected-forms-embed-js/static-1.273/bundles/project.js

GET
H2 200 20225647.js Show response
js.hs-analytics.net/analytics/1650759600000/ 62 KB
20 KB 172ms
142ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1650759600000/20225647.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20225647.js?integration=WordPress&ver=8.9.22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1598b76e0839e001e73ceae92496dcd89ef032ec8e295f3930d4bc2cf82b4729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: EJ53YSVA9865WDYC
x-amz-server-side-encryption: AES256
cf-ray: 700aadb7b8d19a33-FRA
x-amz-id-2: wYauHFUlUmFWNQSdrXSsoT/zEChn3Nn1q667ihESSdwUOcfymLgjIlXKpgZnKTUi7FBqnpKWPUE=
last-modified: Thu, 14 Apr 2022 16:26:15 GMT
server: cloudflare
etag: W/"aa83993779484f33836760751889452c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Sun, 24 Apr 2022 00:26:23 GMT

GET
H2 200 20225647.js Show response
js.hs-banner.com/ 60 KB
16 KB 424ms
395ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/20225647.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20225647.js?integration=WordPress&ver=8.9.22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 461ed6b0c4cef63f9657b07b1cb1c2d0a72b5f173874a7e597a665cb554dc2da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:24 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: RH2SKDFYJYWHM2YR
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: O3DM8/vHWLOijDgWFqu0KzsrHl3nKtCykHD7yPP+ziJHyu8HKxzEsp953KvHXrUVYz6G+uEQ/5Y=
timing-allow-origin: *
last-modified: Thu, 17 Feb 2022 23:49:43 GMT
server: cloudflare
etag: W/"7f958cb71a8bf87a0629387206322397"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: qTGx3KDz4LpYHeJVBdg_CVaI1an3Otiw
access-control-allow-origin: https://creativeresources.threadless.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 700aadb7beb9908a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Sun, 24 Apr 2022 00:26:24 GMT

GET
DATA 200
OK truncated
/ Frame 0512 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQ8WS86nWhbOdjUrq3eNpS7rabtdEA8U0NpzqCoQg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0512 1 KB
1 KB 95ms
27ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQ8WS86nWhbOdjUrq3eNpS7rabtdEA8U0NpzqCoQg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

25a1cba5ec72631539e485fb3e424b7b7c75daab203954a451d5ee3e2aced721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
server: fife
etag: "v1ac"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 28 Mar 2022 11:14:25 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/iXSQ0UkV9Ag/ Frame 0512 70 KB
70 KB 197ms
130ms Image
image/webp 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/iXSQ0UkV9Ag/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8dd86e6c2c254b5d09a98d074d25f4b59c4b61f7fc53755906b7653509200e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:23 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71458
x-xss-protection: 0
server: sffe
etag: "1614121683"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 24 Apr 2022 02:21:23 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 62ms
29ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3478547-27&cid=1274895118.1650759683&jid=978306679&_u=IEBAAEAAAAAAAC~&z=1535071348

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 00:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 62ms
26ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3478547-27&cid=1274895118.1650759683&jid=978306679&_u=IEBAAEAAAAAAAC~&z=1535071348

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 00:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 116 B
1 KB 157ms
137ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=20225647&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1597a472e01ad7345bab65fbead01f56f53aa459951ac5bf821c8aed292d873c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a83ef42b-ba7e-4681-bf70-a46429a7b83c
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5TBsbaSImkevvPibHYnvppGACrauHYHR33AvvwbqyyYY8mcMUK2nPI1cYx31oMVKFa4dKAc31yKoALipP1Hj9nqlOQdnBNskm31F2B%2Badm2jj05CEbTOaTtDzmTapME8tSeQn%2BptemYuNOcdnhO"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://creativeresources.threadless.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 700aadb8887b9944-FRA
access-control-allow-headers: *

GET
H3 204 generate_204
www.youtube.com/ Frame 0512 0
9 B 16ms
13ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?iQnGDw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0512 4 KB
3 KB 85ms
32ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 00:21:24 GMT

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
517 B 151ms
121ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:24 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: cd42f7c9-742b-4622-ab30-e5ed1703be87
cf-ray: 700aadb9b9ed9a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2B68A7E0698911F8D2E3A62DEC7E45875A70E4404D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 661E 0
18 B 18ms
8ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://creativeresources.threadless.com
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://creativeresources.threadless.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 00:21:24 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/100/ Frame 0512 52 KB
15 KB 45ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/100/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 08:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15463
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 16:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 24 Apr 2022 08:52:21 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 36ms
35ms Preflight
text/html 2a00:1450:4014:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 24 Apr 2022 00:21:24 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0512 98 B
141 B 40ms
39ms XHR
application/json+protobuf 2a00:1450:4014:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8be6a5fddb12d63e5122984ac31aada97e71e2369fc6eca41766a013b2f0cbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 24 Apr 2022 00:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 117
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
961 B 175ms
143ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4179873168&v=1.1&a=20225647&ct=blog-post&rcu=https%3A%2F%2Fcreativeresources.threadless.com%2Fearn-double-on-regular-t-shirts-in-march%2F&r=https%3A%2F%2Femlink.threadless.com%2F&pu=https%3A%2F%2Fcreativeresources.threadless.com%2Fearn-double-on-regular-t-shirts-in-march%2F%3Fsc_src%3Demail_2730913%26sc_lid%3D171443732%26sc_uid%3DBi8kJQn7s0%26sc_llid%3D167536%26sc_eh%3D8dbc077eb40cbcc91%26date%3D2022-04-18%2B18%253A00%253A00%26camp%3D220418%2BSale%2BAnnouncement%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3D220418%2BSale%2BAnnouncement%26sname%3DHas%2Bnot%2Bpurchased_actives%2BEmarsys&t=Earn+Double+When+You+Sell+Regular+T-Shirts+in+March!&cts=1650759684244&vi=5d5da4aadd280168a6a53e3cdf3994bb&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativeresources.threadless.com/earn-double-on-regular-t-shirts-in-march/?sc_src=email_2730913&sc_lid=171443732&sc_uid=Bi8kJQn7s0&sc_llid=167536&sc_eh=8dbc077eb40cbcc91&date=2022-04-18+18%3A00%3A00&camp=220418+Sale+Announcement&utm_source=newsletter&utm_medium=email&utm_campaign=220418+Sale+Announcement&sname=Has+not+purchased_actives+Emarsys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 00:21:24 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 69e1b765-c6e3-4bfe-8b14-e3a04d811aab
cf-ray: 700aadbac9c19171-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLLL13MSuCy2NWHl42pGPdCvDTla3YR3SCeq98%2Bo7rJitlYFDnQn5QCDSGmHIumw6pdoIDzpJji0Nm9VNHqlv6StEfgaoECUXlZMPZXjjoI%2BSbEBNvlfCYA6ISVtEugZUItLLd9M2gwGNpfYFXy9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0512 28 B
54 B 31ms
30ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed
X-YouTube-Client-Version: 1.20220420.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtwbTZubWIwbGVpNCiDsJKTBg%3D%3D
X-YouTube-Ad-Signals: dt=1650759683520&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C338&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 24 Apr 2022 00:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 24 Apr 2022 00:21:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/iXSQ0UkV9Ag?feature=oembed

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.threadless.com/	1970-01-20 20:03:51	Name: _ga Value: GA1.2.1274895118.1650759683
.threadless.com/	1970-01-20 02:34:06	Name: _gid Value: GA1.2.1556372763.1650759683
.threadless.com/	1970-01-20 02:32:39	Name: _gat Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: j3r96nq2Aro
.youtube.com/	1970-01-20 06:51:51	Name: VISITOR_INFO1_LIVE Value: pm6nmb0lei4
.threadless.com/	1970-01-20 04:42:15	Name: _fbp Value: fb.1.1650759683453.1759091849
.threadless.com/	1970-01-20 06:51:51	Name: __hstc Value: 189886516.5d5da4aadd280168a6a53e3cdf3994bb.1650759684241.1650759684241.1650759684241.1
.threadless.com/	1970-01-20 06:51:51	Name: hubspotutk Value: 5d5da4aadd280168a6a53e3cdf3994bb
.threadless.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.threadless.com/	1970-01-20 02:32:41	Name: __hssc Value: 189886516.1.1650759684241
.hubspot.com/	1970-01-20 02:32:41	Name: __cf_bm Value: zxI.CJ8PuA4VA01Oz3Jnzk.bYCHjW2lEQuoBJN4lu38-1650759684-0-AZ48uhGE8/t/OQ+z+luvw65+82WJhawdrLfE8hKlnb6eq1aiijqksPzyL/IygX8bgKjyhkDrlVyyCC9S9d/5VK0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
creativeresources.threadless.com
emlink.threadless.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
p.typekit.net
secure.gravatar.com
static.doubleclick.net
stats.g.doubleclick.net
track.hubspot.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.youtube.com
yt3.ggpht.com
www.youtube.com
151.101.130.159
163.171.128.148
2606:4700:4400::6812:21ab
2606:4700::6810:5505
2606:4700::6811:43b0
2606:4700::6811:81ab
2606:4700::6811:d2cc
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:811::2016
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9b
2a00:1450:4014:80a::200a
2a02:26f0:f7::5c7b:e01c
2a02:26f0:f7::5c7b:e031
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e84ab1f9e1fe1d01e9a82db09ef2fececc76a0c28ff460421d862ca847aee1
05956db19b4b8296bf0cddb40daf0a371324146ce7165c33cae3f763595a543e
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0908f26f913f08109b7ed2df2ddf41da3ebc379fa679950761d214f2ca35b298
095e9c8ccd5f0d3e01056097d0dba6ed3860ede26cda210079d9321b287ea18a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11a55e9e454079dc3bcb987cc33610baa638d1497fbfe3ec45ef63c659bb4b14
1597a472e01ad7345bab65fbead01f56f53aa459951ac5bf821c8aed292d873c
1598b76e0839e001e73ceae92496dcd89ef032ec8e295f3930d4bc2cf82b4729
1e02f8bde4df45b41cf25e130a640bfed493138be1fc6a1f4fca85dbe473c1c6
21eec97503d5355d488a41058584eedd14db4be6353003926397e6584a6963f0
25a1cba5ec72631539e485fb3e424b7b7c75daab203954a451d5ee3e2aced721
269e52624f89aa7a23e5e92356423b9b0b5931553d997f5742e1f9ccc07d2fb0
2e9fbf3d824fd46e5a95966458246d1f26baae0e47d3dc732e2ce0f51b14d772
3056f4c8e4051afc23265ddc8825fb3823f61357e1eb50ebfadc677e2541ae40
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
31b2241bf4b3d16340ccd4bf6bd22d94a3c4f53e14d0b97ed234c462e63c345e
34c54099f7fd6e56b3a430486236904479b12312dcdcab225183b1860f2ecc21
395ae9ad7911c2103ebfeefb0ec322c92a946f3d39e1f97b24dd7f3e979962e8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
461ed6b0c4cef63f9657b07b1cb1c2d0a72b5f173874a7e597a665cb554dc2da
465a782547c1aaa1c664cfabed024a28600b505a5d823c6a3a1242a73830b9a0
47b4c84081cdf6f4542e2913b7fc66ec56fadf3f53abdf42957bc365009256ea
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a04e2561416873c392f2c7a329861c3dbb6a532741b22703b2ba91dc9e0f690
4c0c93fe5a14face1686991de6d350358dccf4a4e896d02c6b2bc65faa679bd8
52a2ed0e4c5874435541497a0de8bb307fe9675770fc68f38f1251b89d963c16
582a71f33144f801e7ecdc988637b46dd72aadbf59896218b96a3e9d7c8bb266
6704b6d5ab32318f45a0bd944e3e4fbe10d7973fbd9c9e4239555821bf98a05e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69d7d4b8423e8fef52e65c886c144934693ff96c8a4f9faa3c0982c49b7ed0d4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dd665bbaef9df0cfaeade6956818a6e7391fd56ea3b75594751670113eae7b3
715d95401a0252ab3f290b8d318f8f6bfd0bf1163f025767fa065200c5e6f883
73043e4632e165038c6cae26a3eaf52c3e61545ef00b790bfb830e75b47b53fe
78957815b251475c6757b01b8d2b1172210ce4c041365d4f31efd41ba628b1e5
78ae6aa2b8661d74a9ea4fe0cded484ae146bbfdaa436a5d1f0f911959f3b545
7ea04908530a4282b145a3640de56434f08417d35da9728f760fee9b008bf29b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
895a945a5d56bd073de4038ae0ea8076c3c048b027cdc314aa9d6c5948f5a4a6
8be6a5fddb12d63e5122984ac31aada97e71e2369fc6eca41766a013b2f0cbb7
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a80cb5bc3ef46d56555ebe172e5dab417d4288e58f8ea21107933737063cb717
a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af6f2c85ecc99d72bcc3598161f057c701338bfe66584d9d588dfe3ea6fafd92
b21de372ff7532431ae0e688daf32d993b2551edace23b12d161f93a45d4564d
b25d5610ffea1aceaa4df701d4d2789e913566fee930f73caca74eb1360b4755
b523377fb997ef95a9179eaa9ffe6db1c1977ba84fd3885b3d64bb3c8f741d64
b9163c71a26c57c0acdfc29bef89ffbeb8b27c68203687d89484678c1c7fa2b3
ba8dd86e6c2c254b5d09a98d074d25f4b59c4b61f7fc53755906b7653509200e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc2727f6c5fed6de34d38219bc52410773f36d6070471d02ac291ae154160e69
de6d795626c42bfe194bc0fed765902acc83f97cf534199c20ea6f1d7f2ac694
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9f19f8b1e59b8950e55cce8fe48d445d6220c1282467d6cf12c2e644833fa65
fd15ebae0bf4cccd0fb89956a0253343452d5bb3f26662ae7e6a0ea8591577f3

creativeresources.threadless.com Open in urlscan Pro 151.101.130.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

93 %IPv6

20 Domains

27 Subdomains

28 IPs

4 Countries

2582 kBTransfer

5470 kBSize

11 Cookies

16 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

creativeresources.threadless.com Open in urlscan Pro
151.101.130.159 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

93 %
IPv6

20
Domains

27
Subdomains

28
IPs

4
Countries

2582 kB
Transfer

5470 kB
Size

11
Cookies

72 HTTP transactions
1 data transactions