www.loloestrin.com Open in urlscan Pro
18.66.248.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reattest.loloestrin.com/
Effective URL:
https://www.loloestrin.com/savings-card/activation
Submission: On November 28 via api (November 28th 2023, 12:42:18 am UTC) from TR — Scanned from DE

Summary HTTP 186 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 41 domains to perform 186 HTTP transactions. The main IP is 18.66.248.93, located in United States and belongs to AMAZON-02, US. The main domain is www.loloestrin.com. The Cisco Umbrella rank of the primary domain is 775208.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 30th 2023. Valid for: 7 months.

This is the only time www.loloestrin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.180.132.181 159.180.132.181	62763 (ABBVIE) (ABBVIE)
1 46	18.66.248.93 18.66.248.93	16509 (AMAZON-02) (AMAZON-02)
22	23.35.236.237 23.35.236.237	16625 (AKAMAI-AS) (AKAMAI-AS)
7	184.24.77.156 184.24.77.156	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.24.77.146 184.24.77.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
6	63.140.62.22 63.140.62.22	16509 (AMAZON-02) (AMAZON-02)
1 1	54.77.1.126 54.77.1.126	16509 (AMAZON-02) (AMAZON-02)
10	54.194.149.91 54.194.149.91	16509 (AMAZON-02) (AMAZON-02)
1 1	18.184.223.197 18.184.223.197	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
3 4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	172.64.151.238 172.64.151.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	199.127.207.184 199.127.207.184	26120 (RHYTHMONE) (RHYTHMONE)
4 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	54.243.20.188 54.243.20.188	14618 (AMAZON-AES) (AMAZON-AES)
1	3.228.144.86 3.228.144.86	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.234.12.204 34.234.12.204	14618 (AMAZON-AES) (AMAZON-AES)
1	52.16.155.12 52.16.155.12	16509 (AMAZON-02) (AMAZON-02)
1 1	52.48.81.28 52.48.81.28	16509 (AMAZON-02) (AMAZON-02)
7 7	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1 1	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
2	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
7	104.18.131.236 104.18.131.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
2	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
2	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
2	23.35.237.37 23.35.237.37	16625 (AKAMAI-AS) (AKAMAI-AS)
3	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
4	23.197.137.224 23.197.137.224	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	108.157.5.251 108.157.5.251	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
3	142.250.74.202 142.250.74.202	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1 6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	108.157.1.118 108.157.1.118	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.184.241 142.250.184.241	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	23.48.23.8 23.48.23.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
186	46

1 159.180.132.181 (Webster, United States) 1 redirects

ASN62763 (ABBVIE, US)

reattest.loloestrin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 18.66.248.93 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-93.dus51.r.cloudfront.net

www.allergansavingscard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.loloestrin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 23.35.236.237 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-237.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.24.77.156 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-156.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.77.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-146.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 63.140.62.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-22.data.adobedc.net

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smetrics.abbvie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.1.126 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-1-126.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.194.149.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.223.197 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-223-197.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.238 (United States)

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.184 (United States)

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.20.188 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-20-188.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.144.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-144-86.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.12.204 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-12-204.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.155.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-155-12.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.81.28 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-81-28.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.66.49 (United States) 7 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.170.64 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.131.236 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f110.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-37.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.197.137.224 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-137-224.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

540-ymb-856.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.5.251 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-5-251.dus51.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

4169376.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.241 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f17.1e100.net

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-8.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	loloestrin.com 1 redirects reattest.loloestrin.com www.loloestrin.com — Cisco Umbrella Rank: 775208	779 KB
27	google.com drive.google.com — Cisco Umbrella Rank: 318 apis.google.com — Cisco Umbrella Rank: 112 www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 28 adservice.google.com — Cisco Umbrella Rank: 105	590 KB
22	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 466	442 KB
11	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 7942 dpm.demdex.net — Cisco Umbrella Rank: 228	11 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
8	everesttech.net 8 redirects cm.everesttech.net — Cisco Umbrella Rank: 1275 sync-tm.everesttech.net — Cisco Umbrella Rank: 709	1 KB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 506 p.typekit.net — Cisco Umbrella Rank: 621	124 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	118 KB
7	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 353 js.adsrvr.org — Cisco Umbrella Rank: 1610 insight.adsrvr.org — Cisco Umbrella Rank: 584	6 KB
6	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 874	2 KB
6	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 245 4169376.fls.doubleclick.net — Cisco Umbrella Rank: 318490	2 KB
5	abbvie.com smetrics.abbvie.com — Cisco Umbrella Rank: 146761	3 KB
4	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3497	13 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	178 KB
4	yahoo.com 4 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	1 KB
3	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 1855	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	1 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1161	35 KB
2	mktoresp.com 540-ymb-856.mktoresp.com — Cisco Umbrella Rank: 166859	636 B
2	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3094	459 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	132 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	993 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 522	500 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	1 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1979 beacon.krxd.net — Cisco Umbrella Rank: 758	529 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 938	659 B
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 504
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3239	248 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 924	453 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 376	755 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 865	205 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1218	35 B
1	clickagy.com 1 redirects aorta.clickagy.com — Cisco Umbrella Rank: 2013	432 B
1	scanscout.com dt.scanscout.com — Cisco Umbrella Rank: 62130
1	media6degrees.com idpix.media6degrees.com — Cisco Umbrella Rank: 1911	205 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1384	402 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 415	98 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 560	479 B
1	allergansavingscard.com 1 redirects www.allergansavingscard.com	603 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
186	41

	Domain	Requested by
45	www.loloestrin.com	www.loloestrin.com
22	assets.adobedtm.com	www.loloestrin.com assets.adobedtm.com
10	dpm.demdex.net	www.loloestrin.com assets.adobedtm.com
10	drive.google.com	www.loloestrin.com drive.google.com www.gstatic.com
9	www.gstatic.com	drive.google.com www.google.com www.gstatic.com
8	play.google.com	www.gstatic.com
7	cdn.cookielaw.org	assets.adobedtm.com cdn.cookielaw.org
7	sync-tm.everesttech.net	7 redirects
7	use.typekit.net	www.loloestrin.com use.typekit.net
6	tr.snapchat.com	1 redirects sc-static.net
5	smetrics.abbvie.com	assets.adobedtm.com
4	munchkin.marketo.net	www.loloestrin.com assets.adobedtm.com munchkin.marketo.net
4	connect.facebook.net	www.loloestrin.com connect.facebook.net
4	www.google.com	www.loloestrin.com www.google.com
4	apis.google.com	drive.google.com apis.google.com content.googleapis.com
4	match.adsrvr.org	2 redirects js.adsrvr.org
4	cm.g.doubleclick.net	3 redirects www.loloestrin.com
3	content.googleapis.com	apis.google.com
3	ib.adnxs.com	2 redirects www.loloestrin.com
3	ups.analytics.yahoo.com	3 redirects
2	pixel.tapad.com	2 redirects
2	js.adsrvr.org	4169376.fls.doubleclick.net insight.adsrvr.org
2	4169376.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	sc-static.net	www.loloestrin.com tr.snapchat.com
2	540-ymb-856.mktoresp.com	munchkin.marketo.net
2	players.brightcove.net	www.loloestrin.com
2	www.googletagmanager.com	www.loloestrin.com
2	www.facebook.com	www.loloestrin.com
2	us-u.openx.net	1 redirects www.loloestrin.com
2	dsum-sec.casalemedia.com	1 redirects www.loloestrin.com
1	hb.yahoo.net	js.adsrvr.org
1	insight.adsrvr.org	js.adsrvr.org
1	csp.withgoogle.com	www.loloestrin.com
1	adservice.google.com	4169376.fls.doubleclick.net
1	fonts.gstatic.com	www.google.com
1	pixel.onaudience.com	1 redirects
1	image2.pubmatic.com	www.loloestrin.com
1	pixel.rubiconproject.com	www.loloestrin.com
1	sync.crwdcntrl.net	1 redirects
1	beacon.krxd.net	www.loloestrin.com
1	usermatch.krxd.net	1 redirects
1	rtb.adentifi.com	www.loloestrin.com
1	aorta.clickagy.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dt.scanscout.com	www.loloestrin.com
1	idpix.media6degrees.com	www.loloestrin.com
1	d.turn.com	1 redirects
1	idsync.rlcdn.com	www.loloestrin.com
1	aa.agkn.com	1 redirects
1	cm.everesttech.net	1 redirects
1	adobedc.demdex.net	assets.adobedtm.com
1	p.typekit.net	use.typekit.net
1	www.allergansavingscard.com	1 redirects
1	reattest.loloestrin.com	1 redirects
0	sync.search.spotxchange.com Failed	www.loloestrin.com
186	55

This site contains links to these domains. Also see Links.

Domain
www.rxabbvie.com
hcp.loloestrin.com
www.facebook.com
www.instagram.com
www.fda.gov
www.abbvie.com
privacy.abbvie
www.onetrust.com

Subject Issuer	Validity	Valid
www.humira.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-30` - `2024-05-14`	7 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adobedc.demdex.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-22` - `2024-11-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-21` - `2024-05-21`	a year	crt.sh
*.tremorvideodsp.com Go Daddy Secure Certificate Authority - G2	`2022-12-03` - `2024-01-04`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
smetrics.abbvie.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-11-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-30` - `2024-05-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-06` - `2023-12-05`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
hb.yahoo.net R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.loloestrin.com/savings-card/activation
Frame ID: 10D8F5EEEF571D58D78349B3B4C1E602
Requests: 62 HTTP requests in this frame

Frame: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
Frame ID: 7F0F1F39FA4A3F0E3FCD5B0FB17C61FE
Requests: 50 HTTP requests in this frame

Frame: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
Frame ID: 2B38D1DE7002DE5EF985664843318B33
Requests: 23 HTTP requests in this frame

Frame: https://dpm.demdex.net/ibs:dpid=21&dpuuid=216843104714000057082
Frame ID: BEE472CF3528A66954B85194A337347D
Requests: 21 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fdrive.google.com
Frame ID: 68DD8906497FD98526B1E5EE314D6BF9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LevZtUiAAAAAHzlZ-XUtNXEyiztsdQJbX3dG5eu&co=aHR0cHM6Ly93d3cubG9sb2VzdHJpbi5jb206NDQz&hl=en&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=v7skm3p6ttx8
Frame ID: 608C2E8DB8A56B2E27121F3619E4EFE8
Requests: 8 HTTP requests in this frame

Frame: https://4169376.fls.doubleclick.net/activityi;dc_pre=CM2rw4S75YIDFdUx4AodT-UGOg;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=941492650.1701132134;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation
Frame ID: D7A0BA54E1097B3087C7A5FA44BC4FCC
Requests: 3 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__
Frame ID: 79BD08CA70CF47FD1CB6369AE0B77E2E
Requests: 6 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=ade82443-9d89-4afa-be49-7a4d8948b742&u_scsid=c8a9d6a0-480f-44d0-ad8c-5a6f40f26d00&u_sclid=3d47a610-d9e6-410b-953e-b61e8b0b2a3a
Frame ID: F2DFDC0550BB5B0F881FE449560D0796
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LevZtUiAAAAAHzlZ-XUtNXEyiztsdQJbX3dG5eu
Frame ID: F19007D389AE344C78D2EE50A2F6289D
Requests: 3 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1700683571276&pnid=140&pcid=f32713d9-5785-4aad-be27-10d439216cfc
Frame ID: 7008EA319AE6B904A26544A98F103A3E
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=30m8xed&ref=https%3A%2F%2Fwww.loloestrin.com%2F&upid=nf0cjwc&upv=1.1.0
Frame ID: 29FDDE2DAA9F5BC493C98738243A2B03
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315&google_gid=CAESEMpHl79dfSoiIt7weuOBFrA&google_cver=1
Frame ID: C653675DE427B458214707100E7FCCC3
Requests: 1 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1SS1M3UmhKRTJ1R3U2VmJTOXN1TE5LanI1M0tpN3ZIVX5B&gdpr=0&ovsid=a77df7d4-51a7-4f0c-9337-6b0287c29315&dpid=55953
Frame ID: 1268E329473A50A49B8CA5C17C3626D0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=143344489344674133&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315
Frame ID: B47E119D6B51A0DF4ABC1A9194A812F8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Savings Program Enrollment | Lo Loestrin® FeBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://reattest.loloestrin.com/ HTTP 301
https://www.allergansavingscard.com/loloestrin?guid=rd_pat_reattest_site_redirect_LOL124712 HTTP 301
https://www.loloestrin.com/savings-card/activation Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/clientlibs/
/etc\.clientlibs/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

186
Requests

87 %
HTTPS

11 %
IPv6

41
Domains

55
Subdomains

46
IPs

6
Countries

4079 kB
Transfer

13958 kB
Size

59
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rxabbvie.com/pdf/lo-loestrin-fe_pi.pdf#page=21
Title: Patient Information

Search URL Search Domain Scan URL

URL: https://www.rxabbvie.com/pdf/lo-loestrin-fe_pi.pdf
Title: Prescribing Information

Search URL Search Domain Scan URL

URL: https://hcp.loloestrin.com/?uid=05992c2bE1f1lm0g2y
Title: Healthcare Professionals

Search URL Search Domain Scan URL

URL: https://www.facebook.com/LoLoestrinFe

Search URL Search Domain Scan URL

URL: https://www.instagram.com/loloestrinferx/

Search URL Search Domain Scan URL

URL: https://www.fda.gov/medwatch
Title: www.fda.gov/medwatch

Search URL Search Domain Scan URL

URL: https://www.abbvie.com/termsofuse.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://privacy.abbvie/
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.abbvie.com/contactus.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.abbvie.com/

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reattest.loloestrin.com/ HTTP 301
https://www.allergansavingscard.com/loloestrin?guid=rd_pat_reattest_site_redirect_LOL124712 HTTP 301
https://www.loloestrin.com/savings-card/activation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://cm.everesttech.net/cm/dd?d_uuid=92232215453143947243277430175639391371 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZWU3ZAAAAJOCDANx

Request Chain 52

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=92232215453143947243277430175639391371 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=216843104714000057082

Request Chain 54

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2942070683537599134

Request Chain 55

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=OTIyMzIyMTU0NTMxNDM5NDcyNDMyNzc0MzAxNzU2MzkzOTEzNzE= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=OTIyMzIyMTU0NTMxNDM5NDcyNDMyNzc0MzAxNzU2MzkzOTEzNzE=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI46TU14Wp5s5zxDaA6lMtc&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 57

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.loloestrin.com&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.loloestrin.com&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=a77df7d4-51a7-4f0c-9337-6b0287c29315

Request Chain 59

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=92232215453143947243277430175639391371&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=92232215453143947243277430175639391371&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-cV6CTVhE2pEt8og9nFIvjL.eN7eDPC3vWEw-~A

Request Chain 60

https://aorta.clickagy.com/pixel.gif?ch=124&cm=92232215453143947243277430175639391371&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:f16e0eb4f1c695c40d95f6bc7b8f8d10

Request Chain 62

https://usermatch.krxd.net/um/v2?partner=adobe&id=92232215453143947243277430175639391371 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=92232215453143947243277430175639391371

Request Chain 63

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=92232215453143947243277430175639391371?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Request Chain 64

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WldVM1pBQUFBSk9DREFOeA==

Request Chain 65

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZWU3ZAAAAJOCDANx&expires=90

Request Chain 66

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWU3ZAAAAJOCDANx HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWU3ZAAAAJOCDANx&C=1

Request Chain 67

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZWU3ZAAAAJOCDANx HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZWU3ZAAAAJOCDANx

Request Chain 68

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWU3ZAAAAJOCDANx HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZWU3ZAAAAJOCDANx

Request Chain 69

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZWU3ZAAAAJOCDANx

Request Chain 70

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZWU3ZAAAAJOCDANx&img=1

Request Chain 71

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZWU3ZAAAAJOCDANx&t=2592000&o=0

Request Chain 72

https://pixel.onaudience.com/?partner=130&mapped=92232215453143947243277430175639391371&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

Request Chain 128

https://4169376.fls.doubleclick.net/activityi;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=941492650.1701132134;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation HTTP 302
https://4169376.fls.doubleclick.net/activityi;dc_pre=CM2rw4S75YIDFdUx4AodT-UGOg;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=941492650.1701132134;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation

Request Chain 168

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1701132134344&u_scsid=a2c96ae2-0850-4c42-b5a6-5c13fae42840&u_sclid=a2959382-9441-487f-a768-8c582564c7bb HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1700683571276%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1700683571276%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1700683571276&pnid=140&pcid=f32713d9-5785-4aad-be27-10d439216cfc

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTc3ZGY3ZDQtNTFhNy00ZjBjLTkzMzctNmIwMjg3YzI5MzE1&gdpr=0&gdpr_consent=&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315&google_gid=CAESEMpHl79dfSoiIt7weuOBFrA&google_cver=1

Request Chain 180

https://ups.analytics.yahoo.com/ups/55953/sync?uid=a77df7d4-51a7-4f0c-9337-6b0287c29315&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=a77df7d4-51a7-4f0c-9337-6b0287c29315&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1SS1M3UmhKRTJ1R3U2VmJTOXN1TE5LanI1M0tpN3ZIVX5B&gdpr=0&ovsid=a77df7d4-51a7-4f0c-9337-6b0287c29315&dpid=55953

Request Chain 181

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=143344489344674133&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315

186 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request activation Show response
www.loloestrin.com/savings-card/
Redirect Chain

http://reattest.loloestrin.com/
https://www.allergansavingscard.com/loloestrin?guid=rd_pat_reattest_site_redirect_LOL124712
https://www.loloestrin.com/savings-card/activation

96 KB
19 KB

510ms
498ms

Document
text/html

18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

a4021872b5faba47d487c375fa1fa9a8366dae03490741972c610ff54d6f581c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, s-maxage=86400 no-cache="set-cookie"
content-encoding: gzip
content-length: 18489
content-type: text/html;charset=utf-8
date: Tue, 28 Nov 2023 00:42:10 GMT
etag: "17e11-60b26f2284c9c-gzip"
last-modified: Mon, 27 Nov 2023 19:02:39 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-id: 1Rg8Ra_bff4ChFo4BZVfuiz8FFQ48dqezbMz0hbYq6LSbpsLLflwYQ==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish

Redirect headers

cache-control: no-cache="set-cookie"
content-length: 258
content-type: text/html; charset=iso-8859-1
date: Tue, 28 Nov 2023 00:42:10 GMT
location: https://www.loloestrin.com/savings-card/activation
server: Apache
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-id: xGuJqpHisD-03NkuQvbkXQOqQbCyq0xVyDXuYz0rtIbthvK8-iq_ww==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront

GET
H2 200 clientlib.min.d2454d9f632f1f286ab2bca6de3f7e29.js Show response
www.loloestrin.com/etc/clientlibs/common-elements/clientlibs/plugins/ 88 KB
31 KB 158ms
157ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/common-elements/clientlibs/plugins/clientlib.min.d2454d9f632f1f286ab2bca6de3f7e29.js

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

bedd21590b00f58ad33b7733409968ff6542237b8e9de82a6b7cf120246889fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Mon, 27 Nov 2023 19:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 18867
x-vhost: publish
x-cache: Hit from cloudfront
content-length: 31319
last-modified: Fri, 10 Feb 2023 19:08:59 GMT
server: Apache
etag: "16064-5f45d3ac9e8c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: YF9lNRd5a1Tj8bQMcus3fskOwFFuqi1lO7SIlSHqvIzWxBFtrBW0RA==

GET
H2 200 css-clientlib-all.min.7627c27d174a7f2ef94afcc71b8aef66.css
www.loloestrin.com/etc/clientlibs/common-elements/clientlibs/v1/ 240 KB
36 KB 102ms
102ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/common-elements/clientlibs/v1/css-clientlib-all.min.7627c27d174a7f2ef94afcc71b8aef66.css

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

feeae3c9f726f2775030a6e50b07f1e76921697018fb95b261f13e14d7408a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Mon, 27 Nov 2023 19:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 18867
x-vhost: publish
x-cache: Hit from cloudfront
content-length: 36263
last-modified: Mon, 27 Nov 2023 18:17:12 GMT
server: Apache
etag: "3bfb0-60b264f939a00-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: VxSzdm_cZnDqUGAi9OqSIZyJCsxQ2HXXQON2WPF2BTZWQC3h2lUzTA==

GET
H2 200 loloestrin.css
www.loloestrin.com/content/dam/loloestrin/css/ 685 KB
60 KB 185ms
184ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

47437fc59bb566bdc8582269237b5f8e98967bb07159fe325d6f0abc79e21e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Mon, 27 Nov 2023 19:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 18867
x-vhost: publish
x-cache: Hit from cloudfront
content-length: 60949
last-modified: Tue, 03 Oct 2023 09:30:09 GMT
server: Apache
etag: "ab40d-606cc896d4a40-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: RYg7yZiccpSXUZQHIKHyo3BfyLsJZms2_NbjLcVQMYuOElK6bLSd9A==

GET
H2 200 lolo-savings-program.css
www.loloestrin.com/content/dam/loloestrin/css/ 6 KB
2 KB 425ms
425ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/content/dam/loloestrin/css/lolo-savings-program.css

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

da5084386f6409a04b7f695f0e769e87ef03b0e117b7f23ed25e2d581320d665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 1195
last-modified: Fri, 22 Sep 2023 05:32:29 GMT
server: Apache
etag: "17ae-605ebef35d540-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: LDafuF836ow1lPhuO2OP2PdvWzO9ZwjSXKrbsJn-ne0TLVs0qEIxxw==

GET
H2 200 launch-450e00021d4f.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/ 1 MB
207 KB 439ms
31ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 56a5b60a73cd2fa22af5a3d057a803035ba79062643d01bcd7b6fbfb4d6367dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:20 GMT
server: AkamaiNetStorage
etag: "50f93d1f7e4a93a7fd204f5b604a5d5d:1700719940.467172"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 211618
expires: Tue, 28 Nov 2023 01:42:12 GMT

GET
H2 200 lo-loestrin-fe-norethindrone-acetate-ethinyl-estradiol-tablets-ethinyl-estradiol-tablets-ferrous-fum.png
www.loloestrin.com/content/dam/loloestrin/images/logo/ 30 KB
31 KB 432ms
432ms Image
image/png 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.loloestrin.com/content/dam/loloestrin/images/logo/lo-loestrin-fe-norethindrone-acetate-ethinyl-estradiol-tablets-ethinyl-estradiol-tablets-ferrous-fum.png

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

a425662c57b1b8b431c5ec9cbfab50034d987f02906aa71d38a0e9308de50041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 30797
last-modified: Thu, 05 Jan 2023 10:15:20 GMT
server: Apache
etag: "784d-5f18194053e00"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: jKGh7ivKk0FMdIDfms-cbeMO3D8ewnjfGk6TPHp-T1Tt-0VDQ0vnDw==

GET
H2 200 iframeResizer.min.9b797f1f5fc075d8fb70c01ad90030aa.js Show response
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/aemformcontainer/third-party/ 12 KB
5 KB 415ms
414ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/aemformcontainer/third-party/iframeResizer.min.9b797f1f5fc075d8fb70c01ad90030aa.js

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

c565650c32a528c09b33ac25c901da58ab9a0d21c42442697931c6e1e2e9a601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 4765
last-modified: Wed, 18 Jan 2023 23:44:38 GMT
server: Apache
etag: "2e0d-5f292663d6580-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: A_aIS4lGVeSlWSbnCe2qWZ7u1NYh0Z4ROipuru4BWUqP05SLIuJr-w==

GET
H2 200 formapp.min.e1f830cf54aef8d08cf10bb83ba01acd.css
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/aemformcontainer/ 16 B
460 B 419ms
419ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/aemformcontainer/formapp.min.e1f830cf54aef8d08cf10bb83ba01acd.css

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

56bba22cfb91420da5617d5798f7109995a02709ab2b24638aab648e93a74f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 16
last-modified: Wed, 02 Oct 2019 11:04:27 GMT
server: Apache
etag: "10-593eb6ead44c0"
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: fr9vyc1UF67rxRKY86lkrvYb_4hi5fQylCrxrfUOWUU-aHa0DplX1g==

GET
H2 200 formapp.min.9e0f0b02dcc1cacaf62040ad09b59263.js Show response
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/aemformcontainer/ 3 KB
2 KB 132ms
131ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/aemformcontainer/formapp.min.9e0f0b02dcc1cacaf62040ad09b59263.js

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

1625a425e13dc98d675cc89937ec8058c82a5c14541509674c8fe13894c73382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 1109
last-modified: Wed, 18 Jan 2023 23:44:38 GMT
server: Apache
etag: "cd8-5f292663d6580-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: 87vMQJy7du-fQSfTWWayhKgPvGyuoU-8fvUSy3nIwT98QLqkie-rig==

GET
H2 200 clientlib-component.min.88a8613c1d8142e017efb4ec8e3ccb40.js Show response
www.loloestrin.com/etc.clientlibs/common-elements/v1/components/content/container/ 1 KB
1 KB 51ms
51ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/common-elements/v1/components/content/container/clientlib-component.min.88a8613c1d8142e017efb4ec8e3ccb40.js

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

6631454376a4f4e17e347cf3885fd6626d6be356b0b28517215e83d0eedc1c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Mon, 27 Nov 2023 19:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 18868
x-vhost: publish
x-cache: Hit from cloudfront
content-length: 529
last-modified: Fri, 10 Feb 2023 19:08:58 GMT
server: Apache
etag: "5f4-5f45d3abaa680-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: e4wO0G9VhyIo-SWuB2BpcAhLHIGoxr6sDVkwsB_P4zrSQIxtnCM-yA==

GET
H2 200 lolo_logo_tc.png
www.loloestrin.com/content/dam/loloestrin/images/logo/ 18 KB
19 KB 424ms
424ms Image
image/png 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.loloestrin.com/content/dam/loloestrin/images/logo/lolo_logo_tc.png

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

d504d5f904e308c4dc701b090b25fa02ffe4e3d8b2e5085f1aa619d142f4c3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 18592
last-modified: Wed, 18 Jan 2023 08:31:01 GMT
server: Apache
etag: "48a0-5f285a2e45b40"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: z2Lxi2aIdszhxaaay53994ltwkExk-0kCXTwoElCd3VZFzxhpH9CRQ==

GET
H2 200 components.min.990041d9859c95c454dcd58e4da4fbda.js Show response
www.loloestrin.com/etc/clientlibs/common-elements/clientlibs/v1/ 138 KB
38 KB 50ms
50ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/common-elements/clientlibs/v1/components.min.990041d9859c95c454dcd58e4da4fbda.js

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

617b6505d667af18dddef3c8222ec63e685bafc94906e549d50d045a7f18623e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Mon, 27 Nov 2023 19:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 18868
x-vhost: publish
x-cache: Hit from cloudfront
content-length: 38507
last-modified: Mon, 27 Nov 2023 18:17:12 GMT
server: Apache
etag: "22702-60b264f939a00-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: yJ_8pcX5bdUNIfjWyzDP8hQlpoedCkkiLyVcjd3rm9eA5fZkkhHIjg==

GET
H2 200 aui5pue.css
use.typekit.net/ 6 KB
1 KB 612ms
154ms Stylesheet
text/css 184.24.77.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/aui5pue.css

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-24-77-156.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f642efd7411b17d6a89b07ad4f986f5d6caf09e5bacb98ea251d5101b57233de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 28 Nov 2023 00:42:11 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 975

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 429ms
32ms Stylesheet
text/css 184.24.77.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=aui5pue&ht=tk&f=139.173.175.13407.15498.15506.15510.37396&a=69843321&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/aui5pue.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:11 GMT
last-modified: Fri, 14 Jul 2023 12:44:32 GMT
server: nginx
etag: "64b14330-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 aemform.iframe.en.html Show response
www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/ Frame 7F0F 280 KB
26 KB 465ms
464ms Document
text/html 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

398c810eef105d9a424018ce34724150222dd7e9d9f11093cdebfe16ad57fb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Referer: https://www.loloestrin.com/savings-card/activation
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 26156
content-type: text/html;charset=utf-8
date: Tue, 28 Nov 2023 00:42:12 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-id: zBiJQp25DJEV97Dj9stBRgpXIE5UdQlBApziPS2D-IFdzXNd5ehMvA==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN SAMEORIGIN
x-vhost: publish

GET
H2 200 viewer Show response
drive.google.com/viewerng/ Frame 2B38 9 KB
4 KB 910ms
452ms Document
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

GSE /

Resource Hash

e549f1ce1b74e9d0791a60cb5864596a6e5f5d5d20f76557fc958303d1fed5f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y0gIMYjQlrdK8EN5DmLtXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.loloestrin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-y0gIMYjQlrdK8EN5DmLtXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Tue, 28 Nov 2023 00:42:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.loloestrin.com/content/dam/loloestrin/images/logo/lo-loestrin-fe-norethindrone-acetate-ethinyl-estradiol-tablets-ethinyl-estradiol-tablets-ferrous-fum.png

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

a425662c57b1b8b431c5ec9cbfab50034d987f02906aa71d38a0e9308de50041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Hit from cloudfront
content-length: 30797
last-modified: Thu, 05 Jan 2023 10:15:20 GMT
server: Apache
etag: "784d-5f18194053e00"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: n549jcWEBpSPUHXxJIPyfgb_AFw9Qw0p5SFPgt9Z3QIo0FDv6FKTyQ==

GET
H2 200 lolo-fb-vector.png
www.loloestrin.com/content/dam/loloestrin/images/icon/ 5 KB
5 KB 129ms
128ms Image
image/png 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.loloestrin.com/content/dam/loloestrin/images/icon/lolo-fb-vector.png

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

23d7949eed9b2fa0876201f1b2877b6975b52ee5f508de207646ecbf320f369f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 4696
last-modified: Wed, 09 Nov 2022 23:34:20 GMT
server: Apache
etag: "1258-5ed1218833700"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: MftQ8XEoHxmFPwiGc6avM0zu0WpyMjLQh20CJiWp-Ob8Fjt9-z0ffA==

GET
H2 200 lolo-insta-vector.png
www.loloestrin.com/content/dam/loloestrin/images/icon/ 5 KB
6 KB 415ms
415ms Image
image/png 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.loloestrin.com/content/dam/loloestrin/images/icon/lolo-insta-vector.png

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

f6b86a9f9e78e8d5befc3898dd9898d77ad7378a3dfb8c0f8bf0dfd306f62861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 5359
last-modified: Wed, 09 Nov 2022 23:34:21 GMT
server: Apache
etag: "14ef-5ed1218927940"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: 2Ch2fOQamH_MKRg9vNXWMngBAeZXNrPhpIq7xUVbsjq0L7eLiRnXIg==

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 29 KB
29 KB 483ms
31ms Font
application/font-woff2 184.24.77.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-156.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

Referer: https://www.loloestrin.com/
Origin: https://www.loloestrin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
server: nginx
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29820

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 16 KB
17 KB 524ms
72ms Font
application/font-woff2 184.24.77.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-156.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer: https://www.loloestrin.com/
Origin: https://www.loloestrin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
server: nginx
etag: "d6bfc4d27afeb61a1128d9c149ee5ed369aa27c3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16832

GET
H2 200 abbv_iconFont.woff
www.loloestrin.com/etc/clientlibs/common-elements/clientlibs/framework/ui/fonts/ 42 KB
21 KB 158ms
157ms Font
application/x-font-woff 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/common-elements/clientlibs/framework/ui/fonts/abbv_iconFont.woff

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc/clientlibs/common-elements/clientlibs/v1/css-clientlib-all.min.7627c27d174a7f2ef94afcc71b8aef66.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

98224c7dc793e670e557a96221339918cc205d4fc8829a96ba66d44035f63d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.loloestrin.com/etc/clientlibs/common-elements/clientlibs/v1/css-clientlib-all.min.7627c27d174a7f2ef94afcc71b8aef66.css
Origin: https://www.loloestrin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 20855
last-modified: Wed, 16 Oct 2019 22:02:52 GMT
server: Apache
etag: "a9e0-5950e4322fb00-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-font-woff
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: BuFJZrfx_48Ya7u6uH20nrkqQvbGkeD2zKMjFRCSWmOyLH4MIKgL3w==

GET
H2 200 l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ 16 KB
17 KB 533ms
82ms Font
application/font-woff2 184.24.77.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?subset_id=2&fvd=n6&v=3
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/content/dam/loloestrin/css/loloestrin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-156.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5c9f600b175a870a39e534669ba425e642b0e3b79946273b04f36278fb14c89d

Request headers

Referer: https://www.loloestrin.com/
Origin: https://www.loloestrin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
server: nginx
etag: "f7ba7c34d63f92790ab459c7b134839b4c87ad09"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16744

GET
H2 200 l
use.typekit.net/af/5804aa/00000000000000007735c3d4/30/ 14 KB
14 KB 543ms
91ms Font
application/font-woff2 184.24.77.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5804aa/00000000000000007735c3d4/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/aui5pue.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-156.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c6d0284bf70d7e02523f93337303bb3be3b6b5e92ff49dba2ed848d6dfc40a37

Request headers

Referer: https://use.typekit.net/aui5pue.css
Origin: https://www.loloestrin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
server: nginx
etag: "f2165abf9a2635db4a57a59498c358ea343e77c8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14636

GET
H2 200 Offer.svg
www.loloestrin.com/content/dam/loloestrin/images/ 18 KB
7 KB 357ms
357ms Image
image/svg+xml 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.loloestrin.com/content/dam/loloestrin/images/Offer.svg

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

5acf7eeee1f06a2cc25b8785051fcb9cff772cdeb82dcda7dee657ccb3b2828c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-disposition: attachment; filename="Offer.svg"
content-length: 6143
last-modified: Mon, 27 Feb 2023 09:07:54 GMT
server: Apache
etag: "4766-5f5aad0730e80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: vdwQNLmfV6kVghaFZmL2KxmhwireGOWja-_LDF8WCSiHjnlFvjEePA==

GET
H2 200 AbbVieLogo-Preferred-White.png
www.loloestrin.com/content/dam/loloestrin/images/logo/ 17 KB
18 KB 144ms
144ms Image
image/png 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.loloestrin.com/content/dam/loloestrin/images/logo/AbbVieLogo-Preferred-White.png

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

6101e985d41f31fcdc65993ac356df0521cbcabfe0fdee8cda781e0610745eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/savings-card/activation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 17423
last-modified: Mon, 09 Jan 2023 14:38:04 GMT
server: Apache
etag: "440f-5f1d5b6fe4b00"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: y6ILB_L9ogSz9B6nnQZtS6475CXGtZ1fyICgN_a6yw6iNiZ676yQrg==

POST
H2 200 acquire Show response
adobedc.demdex.net/ee/v1/identity/ 6 KB
2 KB 160ms
59ms Fetch
application/json 63.140.62.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/identity/acquire?configId=88c3dbfc-94a4-4ee5-b793-9e50c0fa6756&requestId=b791e209-fe33-49f3-bbab-c7ddea8e12b6

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-22.data.adobedc.net

Software

jag /

Resource Hash

54ae7afdb312f859dcdd472bf4ff167c168f2af17a95401bde73cc689471d80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.loloestrin.com/savings-card/activation
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.loloestrin.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: b791e209-fe33-49f3-bbab-c7ddea8e12b6

GET
H2 200 iframeContentResizer.min.6a2625c6a4792200d2a0357418974291.css
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/aemformcontainer/third-party/ Frame 7F0F 183 B
622 B 330ms
325ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/aemformcontainer/third-party/iframeContentResizer.min.6a2625c6a4792200d2a0357418974291.css

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

cf5a208271a62cd706a7de3f41cbabaae530d7b33b8d6fbbcff6faa8933cc51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 138
last-modified: Wed, 02 Oct 2019 11:04:27 GMT
server: Apache
etag: "b7-593eb6ead44c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: UfYW5puspu3UswOP_LZD3RSJLNtGdXfqOocztoOfN6j3_I-cfcOKnw==

GET
H2 200 iframeContentResizer.min.653d043f9e5ea8e1f5195f8543a92c3d.js Show response
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/aemformcontainer/third-party/ Frame 7F0F 13 KB
5 KB 333ms
328ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/aemformcontainer/third-party/iframeContentResizer.min.653d043f9e5ea8e1f5195f8543a92c3d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

6e496092fa5b06d0652cd3abfafeef6194602a9f2e7339e6529536a3e6a6fb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 5016
last-modified: Wed, 18 Jan 2023 23:44:38 GMT
server: Apache
etag: "340e-5f292663d6580-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: SjgleFmcDFW-VEkuznaTHB81XeJj8xAYLM_7jV5f9t8d8t7nCoMk2w==

GET
H2 200 core.min.240438958c3e80245e573831f0bce282.css
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guidetheme2/ Frame 7F0F 1 KB
923 B 141ms
137ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guidetheme2/core.min.240438958c3e80245e573831f0bce282.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

6b267ae7688c8897f3ed055b71094b1f07554a53c33f9f7fd9ba3f48311c3e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 438
last-modified: Wed, 18 Jan 2023 23:44:38 GMT
server: Apache
etag: "51b-5f292663d6580-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: _5pr3lEvr4bh_LEkswbrqwzpSryYfx7wvP6tEskGu77-N-N6hr0hfw==

GET
H2 200 en.min.44187caf9b0f2fb5ae3e6d561d8d3e50.js Show response
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/I18N/ Frame 7F0F 251 KB
76 KB 428ms
423ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/I18N/en.min.44187caf9b0f2fb5ae3e6d561d8d3e50.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

cb7d4fa6ae031d186746232dc5ca448396f3a66f2c491589bd115f8e97ce2b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
last-modified: Wed, 18 Jan 2023 23:44:53 GMT
server: Apache
etag: "3ecbd-5f29267224740-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: dz8pdickV4-qTkwH15L5TiaZ37rqXcEJlnHuj2Vj6xj5gZngoEtgSw==

GET
H2 200 framework.min.d41d8cd98f00b204e9800998ecf8427e.js Show response
www.loloestrin.com/etc/clientlibs/abbvieforms/v1/ Frame 7F0F 0
470 B 329ms
324ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/abbvieforms/v1/framework.min.d41d8cd98f00b204e9800998ecf8427e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 0
last-modified: Tue, 10 Mar 2020 14:19:45 GMT
server: Apache
etag: "0-5a080cfbbc240"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: crR6PI7INWCkFGnXwPsa_AaV_PuWQwb6mLW3WtrGxDhosDVp8ZhvOQ==

GET
H2 200 components.min.a348370b890570de84577e6133a5758e.js Show response
www.loloestrin.com/etc/clientlibs/abbvieforms/v1/ Frame 7F0F 79 KB
17 KB 139ms
135ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/abbvieforms/v1/components.min.a348370b890570de84577e6133a5758e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

b8a5b04adf1980122f9a66c585265c7b5016356cd0cf573084d4d6d830cf4619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 16706
last-modified: Wed, 08 Nov 2023 18:53:10 GMT
server: Apache
etag: "13d49-609a89937f180-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: DrAMwK76GX00YR5454TmhHc0ptz3aQXv3DJ8zEZfVQvdCsfVhU9aEw==

GET
H2 200 base.min.ebe42b63fd60589bc2b13f5f1bf0bf12.js Show response
www.loloestrin.com/etc/clientlibs/abbvieforms/v1/ Frame 7F0F 392 KB
73 KB 144ms
140ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/abbvieforms/v1/base.min.ebe42b63fd60589bc2b13f5f1bf0bf12.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

cfd45460079db46add4401c76314089a69c608eb1c15b26289218bb0e56b9bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
last-modified: Mon, 27 Nov 2023 18:15:02 GMT
server: Apache
etag: "61f4a-60b2647d3f580-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: oNshES5KZc21756CS7nWpYPiJxSPNUSsfDIlL4HwqIxfUVUadv2L5w==

GET
H2 200 guideRuntime.min.2452c1bb1bfbe2cbf69e4f55d3e12a8c.css
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/ Frame 7F0F 7 KB
2 KB 327ms
323ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guideRuntime.min.2452c1bb1bfbe2cbf69e4f55d3e12a8c.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

2315f717fc23e2ee29c923123faf154502a9b27a1438a5d3af9e94c2804e0c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 1856
last-modified: Wed, 18 Jan 2023 23:44:53 GMT
server: Apache
etag: "1c94-5f29267224740-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: ipRXXkIue1V87IJJZnPwp8wqUrlI7xt8l890gvCOalqfh-DqUyfCQw==

GET
H2 200 csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js Show response
www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/ Frame 7F0F 5 KB
2 KB 146ms
142ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

5c2069789c2150a899bdf1d9dc8f28606248fb43f97de95e9d771405aea5347f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 1894
last-modified: Wed, 02 Oct 2019 11:03:45 GMT
server: Apache
etag: "13bb-593eb6c2c6640-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: bFSZ--YleQADoKuQZDlmLedDuDPW_ujdWKFbbLHHiL4nbv4N-7PHwQ==

GET
H2 200 guideChartReducer.min.122eb9761ea30e5a5ddf94243246fbd3.js Show response
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/ Frame 7F0F 1 KB
958 B 340ms
337ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guideChartReducer.min.122eb9761ea30e5a5ddf94243246fbd3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

0934baa78ed8f46faf74cf2f48f2ea0c09ec1e85b9da6d95cc847ddb35915e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 462
last-modified: Wed, 02 Oct 2019 11:04:27 GMT
server: Apache
etag: "5c0-593eb6ead44c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: 4X3LQMAxQKcynu4EiGAZv2KNdkeILeXOAJSdJQJM4oVv-uTgrVySvA==

GET
H2 200 guideRuntime.min.4e4834647557f26c52dec877fec2a201.js Show response
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/ Frame 7F0F 731 KB
167 KB 342ms
340ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guideRuntime.min.4e4834647557f26c52dec877fec2a201.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

e4239a31579aae67392841bc05cd4089491dc85e59e4f77115900b1fc0fe57f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
last-modified: Wed, 18 Jan 2023 23:44:53 GMT
server: Apache
etag: "b6ba3-5f29267224740-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: uG-98Lt3ijodTqJb_0UgzuAzA1HAYsEE6Qh-fu4nnkQy15b42eSGyA==

GET
H2 200 widgets.min.dc0a050433ba8fe6afe7f45ce73c03f7.css
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/ Frame 7F0F 8 KB
2 KB 133ms
130ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/widgets.min.dc0a050433ba8fe6afe7f45ce73c03f7.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

94a71156a5d39b0e0a5a748d1f79e39a1a63c447e9cd19809a345e02e7a2ac36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 1685
last-modified: Wed, 02 Oct 2019 11:04:27 GMT
server: Apache
etag: "1f72-593eb6ead44c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: ERBM5Zb_8kUWxg2BRk92opTnIu0zg1HBP2DvUTWi6WKVXj56R4Okig==

GET
H2 200 widgets.min.ef1ea3c65d91222219f0183777c8f1f7.js Show response
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/ Frame 7F0F 47 KB
13 KB 341ms
339ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/widgets.min.ef1ea3c65d91222219f0183777c8f1f7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

325d7728a4a32b2ee608f6dc8e032b61ba4096115ed4fce08cdf7e7c03685294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 13243
last-modified: Wed, 08 Mar 2023 15:42:10 GMT
server: Apache
etag: "bb65-5f6655f075880-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: J3rD54b7QmSMEWWQ1pVKnsJ4j1g1z52lWq-gU7XKwtyVUnpf8a7LjQ==

GET
H2 200 timebased.min.6e474a19023786a03f769ed209e32753.js Show response
www.loloestrin.com/etc.clientlibs/fd/fp/components/clientlibs/autosave/strategies/ Frame 7F0F 2 KB
1 KB 313ms
311ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/fp/components/clientlibs/autosave/strategies/timebased.min.6e474a19023786a03f769ed209e32753.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

2dbef786ae6e4df752314774f57ebf3d14569f3fa6aa26a387c88903605f3813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 736
last-modified: Wed, 02 Oct 2019 11:03:22 GMT
server: Apache
etag: "8de-593eb6acd7280-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: lWhPOZB5kTX6dOMqkYh0mFabsBJ19bZBxj8GEmMocK4Qkwh-AVYuSQ==

GET
H2 200 noConflict.min.9823628fe9bf6fd40c9f84ff8cbc189c.js Show response
www.loloestrin.com/etc.clientlibs/fd/xfaforms/clientlibs/ Frame 7F0F 182 B
590 B 137ms
136ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/xfaforms/clientlibs/noConflict.min.9823628fe9bf6fd40c9f84ff8cbc189c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

679ae9f84783f460006e08489ce63f29ff598a6ef92036f3b028327858aab26f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 97
last-modified: Wed, 02 Oct 2019 11:03:23 GMT
server: Apache
etag: "b6-593eb6adcb4c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: yMMYY-WA1kkrAidvwsFwm6sxJ8NP9JrXiG-PLQ0ShZT-xF2iVe6Xqg==

GET
H2 200 contentpage.min.ea2c4b1adf4b8fcadc9f1c578a1dd457.css
www.loloestrin.com/etc.clientlibs/fd/channelcore/clientlibs/ Frame 7F0F 571 B
671 B 134ms
133ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/channelcore/clientlibs/contentpage.min.ea2c4b1adf4b8fcadc9f1c578a1dd457.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

3ecffa256d55f5b142108a2e9b68c3d21e2ff3a34a8a0639d908368205b09407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 187
last-modified: Wed, 02 Oct 2019 11:03:32 GMT
server: Apache
etag: "23b-593eb6b660900-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: pKArQB1opOvXmp2zOhQ84Y94lpJuDZeQnAOYlEQDai_wNds17FopmA==

GET
H2 200 common.min.da9e6770f7ffb2f52d92b932080f3247.css
www.loloestrin.com/etc.clientlibs/fd/afaddon/clientlibs/adobesign/ Frame 7F0F 862 B
820 B 320ms
319ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/afaddon/clientlibs/adobesign/common.min.da9e6770f7ffb2f52d92b932080f3247.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

3f87b1b70981138c316da9e6fa6a2b43950bf9471720cd530fdb86fbba99decf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 334
last-modified: Wed, 02 Oct 2019 14:39:02 GMT
server: Apache
etag: "35e-593ee6e162d80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: iSxL8VXMHFqIBQKBXveTdokDFoqFQb-gBKtmkIQV-RirYgrJiU_Qsw==

GET
H2 200 common.min.f30f8fff03f98cd3215c5aae37a7ff62.css
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guidetheme2/ Frame 7F0F 67 KB
12 KB 316ms
315ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guidetheme2/common.min.f30f8fff03f98cd3215c5aae37a7ff62.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

d0f055d1c0822f2a6973c50e600860239a7934d7840aa87c164488c0152bbe7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 12192
last-modified: Wed, 18 Jan 2023 23:44:53 GMT
server: Apache
etag: "10bc2-5f29267224740-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: uKH0ydLD-0iWR96GVvEMLf7bLanIIX2gBCiTdDbwuWy5QAHIJ_rBLA==

GET
H2 200 common.min.7070f1b25f6191a438378d5397fc6487.css
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guidetheme2/legacy/620/ Frame 7F0F 2 KB
968 B 310ms
309ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guidetheme2/legacy/620/common.min.7070f1b25f6191a438378d5397fc6487.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

a0187623f36e60dc42b459d7e98e3cce91487a719a577caaeade0cb3753cc4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 482
last-modified: Wed, 02 Oct 2019 11:04:27 GMT
server: Apache
etag: "6b8-593eb6ead44c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: fNLiN7bi0W5WaA5PJwFVTgRiUfW1VyD-kkKS5zhEyEyJ7-zpzXGjFw==

GET
H2 200 admp-forms-base-theme.min.5866b05c80115e485881ddb0f8daefaa.css
www.loloestrin.com/etc/clientlibs/fd/themes/admp/ Frame 7F0F 79 KB
13 KB 323ms
322ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/fd/themes/admp/admp-forms-base-theme.min.5866b05c80115e485881ddb0f8daefaa.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

e6107f7ecd73f873ec463e5047ba642205eefe9e501edf3d553f0ea41443818d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 12551
last-modified: Wed, 08 Nov 2023 18:53:10 GMT
server: Apache
etag: "13aa5-609a89937f180-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: 41jf0i_gEPGeO9mHTVurM06ZmZAnrgiZ19Aq1kXe1fQ5opnEm3vA0w==

GET
H2 200 lolo-savings-program.css
www.loloestrin.com/content/dam/loloestrin/css/forms/ Frame 7F0F 19 KB
3 KB 313ms
313ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/content/dam/loloestrin/css/forms/lolo-savings-program.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

2b677626e40f9275634ad8e2e6f35512f425ede2e07df85a6e3ab25eaef19816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 2832
last-modified: Fri, 22 Sep 2023 08:35:17 GMT
server: Apache
etag: "4b3b-605ee7cf43b40-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: 689q_hH-HupjlPV2n01EkJQIeBgfHdD4bNFUKqAlMhbktwQvo0fYew==

GET
H2 200 framework.min.f6153601e2b120014b12299b7577c349.css
www.loloestrin.com/etc/clientlibs/abbvieforms/v1/ Frame 7F0F 44 KB
6 KB 321ms
320ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/abbvieforms/v1/framework.min.f6153601e2b120014b12299b7577c349.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

2e493828b1fc7bb1b993c258808f621f7cf6c2963768d9b4a2ae9b057e07f4d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 5244
last-modified: Fri, 24 Feb 2023 19:01:41 GMT
server: Apache
etag: "ae8e-5f576c275cf40-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: 7QKENF6umOqBOATlbbDBQVTuoPaGI3pzEv4sDJjYHxQSdtr7oODZ6g==

GET
H2 200 components.min.16549365e3caf546ce0024a7d92f319b.css
www.loloestrin.com/etc/clientlibs/abbvieforms/v1/ Frame 7F0F 18 KB
4 KB 311ms
310ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/abbvieforms/v1/components.min.16549365e3caf546ce0024a7d92f319b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

14a623315553370fe83110c65e3a7b36c259fbc78700b02f907bc76b7083d04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 3870
last-modified: Fri, 25 Aug 2023 18:35:39 GMT
server: Apache
etag: "49ec-603c39c79d4c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: SvKuKOiSyFXGFRGajTw8lUtAkMCK9Z_UEjFemPY-iYPq9Zo1OS1PEg==

GET
H2 200 base.min.d41d8cd98f00b204e9800998ecf8427e.css
www.loloestrin.com/etc/clientlibs/abbvieforms/v1/ Frame 7F0F 0
460 B 128ms
128ms Stylesheet
text/css 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/etc/clientlibs/abbvieforms/v1/base.min.d41d8cd98f00b204e9800998ecf8427e.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 0
last-modified: Tue, 10 Mar 2020 14:20:37 GMT
server: Apache
etag: "0-5a080d2d53740"
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=432000, s-maxage=2592000
accept-ranges: bytes
x-amz-cf-id: wggW2Mq4VIi_RPMkUYc-NjzpQ-P1RnUZ0opqO_Ke4rDk0ZjXHdb0Qw==

GET
H2

200

ibs:dpid=411&dpuuid=ZWU3ZAAAAJOCDANx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=92232215453143947243277430175639391371
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZWU3ZAAAAJOCDANx

42 B
717 B

48ms
48ms

Image
image/gif

54.194.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZWU3ZAAAAJOCDANx

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

54.194.149.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-039b58785.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: qbIBQQd4TCc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZWU3ZAAAAJOCDANx
Date: Tue, 28 Nov 2023 00:42:12 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2

200

ibs:dpid=21&dpuuid=216843104714000057082
dpm.demdex.net/ Frame BEE4
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=92232215453143947243277430175639391371
https://dpm.demdex.net/ibs:dpid=21&dpuuid=216843104714000057082

42 B
717 B

168ms
43ms

Image
image/gif

54.194.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=216843104714000057082

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

54.194.149.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-005ca7536.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: GLReuNSXTb4=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=216843104714000057082
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame BEE4 0
98 B 116ms
36ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=92232215453143947243277430175639391371
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

ibs:dpid=470&dpuuid=2942070683537599134
dpm.demdex.net/ Frame BEE4
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2942070683537599134

42 B
717 B

49ms
49ms

Image
image/gif

54.194.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=2942070683537599134

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

54.194.149.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-00cd77fef.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: aKABpQo6QSU=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=2942070683537599134
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

ibs:dpid=771&dpuuid=CAESEI46TU14Wp5s5zxDaA6lMtc&google_cver=1
dpm.demdex.net/ Frame BEE4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=OTIyMzIyMTU0NTMxNDM5NDcyNDMyNzc0MzAxNzU2MzkzOTEzNzE=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=OTIyMzIyMTU0NTMxNDM5NDcyNDMyNzc0MzAxNzU2MzkzOTEzNzE=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI46TU14Wp5s5zxDaA6lMtc&google_cver=1?gdpr=0&gdpr_consent=

42 B
718 B

121ms
42ms

Image
image/gif

54.194.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI46TU14Wp5s5zxDaA6lMtc&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

54.194.149.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0a36f617d.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: jidn5AqDQ8s=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI46TU14Wp5s5zxDaA6lMtc&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hbpix
idpix.media6degrees.com/orbserv/ Frame BEE4 43 B
205 B 808ms
379ms Image
image/gif 172.64.151.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=92232215453143947243277430175639391371
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.64.151.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 20 Jun 2023 14:57:18 GMT
server: cloudflare
etag: "6491be4e-2b"
content-type: image/gif
accept-ranges: bytes
cf-ray: 82ce91d71ffc367a-FRA
content-length: 43

GET
H2

200

ibs:dpid=903&dpuuid=a77df7d4-51a7-4f0c-9337-6b0287c29315
dpm.demdex.net/ Frame BEE4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.loloestrin.com&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.loloestrin.com&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=a77df7d4-51a7-4f0c-9337-6b0287c29315

42 B
717 B

42ms
42ms

Image
image/gif

54.194.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=a77df7d4-51a7-4f0c-9337-6b0287c29315

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

54.194.149.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0a8662b63.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: BaNdjPEFQxU=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=a77df7d4-51a7-4f0c-9337-6b0287c29315
date: Tue, 28 Nov 2023 00:42:12 GMT
server: Kestrel
content-length: 189

GET
H/1.1 404
Not Found uid
dt.scanscout.com/ssframework/ Frame BEE4 0
0 369ms
115ms Image
application/json 199.127.207.184
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.scanscout.com/ssframework/uid?UIAA=92232215453143947243277430175639391371&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.127.207.184 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H2

200

ibs:dpid=30646
dpm.demdex.net/ Frame BEE4
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=92232215453143947243277430175639391371&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=92232215453143947243277430175639391371&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-cV6CTVhE2pEt8og9nFIvjL.eN7eDPC3vWEw-~A

42 B
717 B

141ms
44ms

Image
image/gif

54.194.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-cV6CTVhE2pEt8og9nFIvjL.eN7eDPC3vWEw-~A

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

54.194.149.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0422bf190.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: ojVjH79uQoY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-cV6CTVhE2pEt8og9nFIvjL.eN7eDPC3vWEw-~A
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

ibs:dpid=79908&dpuuid=c:f16e0eb4f1c695c40d95f6bc7b8f8d10
dpm.demdex.net/ Frame BEE4
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=124&cm=92232215453143947243277430175639391371&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:f16e0eb4f1c695c40d95f6bc7b8f8d10

42 B
728 B

43ms
42ms

Image
image/gif

54.194.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:f16e0eb4f1c695c40d95f6bc7b8f8d10

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

54.194.149.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-06164c850.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Lk0H3l1GRO0=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 300
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 28 Nov 2023 00:42:12 GMT
server: Aorta/20231117.93abd8dbd
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
location: https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:f16e0eb4f1c695c40d95f6bc7b8f8d10
access-control-allow-origin: *
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 892c44eea1f9
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 204 CookieSyncAdobe
rtb.adentifi.com/ Frame BEE4 0
35 B 384ms
118ms Image
text/plain 3.228.144.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdobe
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.144.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-144-86.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BEE4
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=92232215453143947243277430175639391371
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=92232215453143947243277430175639391371

0
338 B

266ms
106ms

Image
text/plain

52.16.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=92232215453143947243277430175639391371
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Server: 52.16.155.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-155-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-served-by: beacon-n006-dub-prod.krxd.net
date: Tue, 28 Nov 2023 00:42:13 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1701132133
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=92232215453143947243277430175639391371
date: Tue, 28 Nov 2023 00:42:13 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a004-ash-prod.krxd.net

GET
H2

200

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame BEE4
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=92232215453143947243277430175639391371?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
731 B

54ms
54ms

Image
image/gif

54.194.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

54.194.149.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-052072f40.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 07/izdXISFI=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 104,300
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
cache-control: no-cache
x-server: 10.45.5.26
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BEE4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WldVM1pBQUFBSk9DREFOeA==

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WldVM1pBQUFBSk9DREFOeA==

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230039-FRA
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701132133.936770,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WldVM1pBQUFBSk9DREFOeA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame BEE4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZWU3ZAAAAJOCDANx&expires=90

42 B
755 B

176ms
29ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZWU3ZAAAAJOCDANx&expires=90
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ef823186f233724f4775c0c4b9549d14
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230039-FRA
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701132133.936766,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZWU3ZAAAAJOCDANx&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame BEE4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWU3ZAAAAJOCDANx
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWU3ZAAAAJOCDANx&C=1

43 B
332 B

43ms
42ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWU3ZAAAAJOCDANx&C=1
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MPpKhYOHR097qpXHazetBuYFj0DTTZAMbmsZ8t9hiKszRiGR%2FLBJt1TgeBkNv178D1tqOpBpENy2ChLtQYZ3g77I01REBte8r9HQOZEHF4IpPfAffpw0g2ZOeDhuVMeEQdst7xaaplqiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ce91d7fe3e1d8a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBVtmuALyc7FVxx%2FPvNJwjCvfhUBi1qWsA4TT4EQzVhRfxbvIlMqqD1iNhdbUR8QEOnhQg7tACAw5sQ700dapL1jRSQEga8SFvfmOLAZs734Koo8r1z%2F3YUBdnlOXxyGiefwJqyCm8rpQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=ZWU3ZAAAAJOCDANx&C=1
cache-control: no-cache
cf-ray: 82ce91d79e031d8a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

bounce
ib.adnxs.com/ Frame BEE4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZWU3ZAAAAJOCDANx
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZWU3ZAAAAJOCDANx

43 B
901 B

38ms
37ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZWU3ZAAAAJOCDANx

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:13 GMT
an-x-request-uuid: c22d5da1-935c-4be7-a8dd-50cb22029150
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.133.93.105; 31.133.93.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:13 GMT
an-x-request-uuid: dcb58db2-f989-4636-83da-e38626f186fc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZWU3ZAAAAJOCDANx
cache-control: no-store, no-cache, private
x-proxy-origin: 31.133.93.105; 31.133.93.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BEE4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWU3ZAAAAJOCDANx
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZWU3ZAAAAJOCDANx

43 B
180 B

48ms
47ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZWU3ZAAAAJOCDANx
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZWU3ZAAAAJOCDANx
date: Tue, 28 Nov 2023 00:42:13 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BEE4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZWU3ZAAAAJOCDANx

1 B
453 B

129ms
29ms

Image
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZWU3ZAAAAJOCDANx
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 00:42:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-fra-eddf8230039-FRA
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701132133.961420,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZWU3ZAAAAJOCDANx
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET

partner
sync.search.spotxchange.com/ Frame BEE4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZWU3ZAAAAJOCDANx&img=1

0
0

GET
H2

200

b.php
www.facebook.com/fr/ Frame BEE4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZWU3ZAAAAJOCDANx&t=2592000&o=0

43 B
864 B

483ms
84ms

Image
image/gif

157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZWU3ZAAAAJOCDANx&t=2592000&o=0

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:42:13 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: public
x-fb-debug: 0zrQwWKHlNgKdX8Lo6SWHJumTy0TFvMJ974sQJFiv+4qPsXXbccCGS/C108OCDkZjR9IPKTpt5g6zV5uteedZA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Mon, 27 Nov 2023 16:42:13 PST

Redirect headers

x-served-by: cache-fra-eddf8230039-FRA
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701132133.961363,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZWU3ZAAAAJOCDANx&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame BEE4
Redirect Chain

https://pixel.onaudience.com/?partner=130&mapped=92232215453143947243277430175639391371&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

42 B
731 B

50ms
50ms

Image
image/gif

54.194.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Server

54.194.149.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0be72ca59.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: yPo8ubCRTmM=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 104,300
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
content-length: 0

POST
H2 200 acquire Show response
smetrics.abbvie.com/ee/irl1/v1/identity/ 522 B
711 B 166ms
59ms Fetch
application/json 63.140.62.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.abbvie.com/ee/irl1/v1/identity/acquire?configId=88c3dbfc-94a4-4ee5-b793-9e50c0fa6756&requestId=3fedbeca-53eb-443d-8c00-666d8a74d4ed

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-22.data.adobedc.net

Software

jag /

Resource Hash

7d3984b8457aaf7fbfb77f09cdaddb44aa1ba3da391ef393867dee7b3959ffee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.loloestrin.com/savings-card/activation
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.loloestrin.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 3fedbeca-53eb-443d-8c00-666d8a74d4ed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 497ms
71ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-4169376

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c9eae6ece2a419cf5eb5b06e8914bf682cc72cd69a398699faf881a9a12802da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67264
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 00:42:13 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 452ms
50ms Script
application/javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /EzX6ku1+i8ak28m1WuIrw==
age: 70462
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 17:38:25 GMT
server: cloudflare
etag: 0x8DBEB81D4AA9473
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7f5edf5c-201e-004a-17b1-1d9a0c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ce91d9bedb3816-FRA

GET
H2 200 id Show response
dpm.demdex.net/ 5 KB
2 KB 140ms
42ms XHR
application/json 54.194.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?&d_orgid=C2C7C77B56E2C5147F000101@AdobeOrg&d_ver=2&d_mid=91821990879154193513308187678076119096

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.194.149.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-149-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e78ccb25f54d611789d04e4b472489e971c95e6de209eb18af0bd6a76dbafdd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-09f0ac7a1.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: gHVw9BRUQ3o=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.loloestrin.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 1607
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 interact Show response
smetrics.abbvie.com/ee/irl1/v1/ 951 B
639 B 110ms
110ms Fetch
application/json 63.140.62.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.abbvie.com/ee/irl1/v1/interact?configId=88c3dbfc-94a4-4ee5-b793-9e50c0fa6756&requestId=3eb37eea-7ef4-45b2-9737-16c27d0b7db4

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-22.data.adobedc.net

Software

jag /

Resource Hash

a0d4ff4980982a9a50d01fe29071f098e2724ea7d84292af6b41a0826c3040b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.loloestrin.com/savings-card/activation
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.loloestrin.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 3eb37eea-7ef4-45b2-9737-16c27d0b7db4

GET
H2 200 rs=AC2dHMKYv7lzsefkG1DNIXkpR18WCu3Lxg
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.T_7tdSA8M9Q.L.W.O/am=EAY/d=0/ Frame 2B38 426 KB
53 KB 497ms
42ms Stylesheet
text/css 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.T_7tdSA8M9Q.L.W.O/am=EAY/d=0/rs=AC2dHMKYv7lzsefkG1DNIXkpR18WCu3Lxg

Requested by

Host: drive.google.com
URL: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

3fa8313c4592a95fd6971196bae4dd6817246c19ec6646b2f47076c556f652a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54005
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 02:05:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 13:04:26 GMT

GET
H2 200 thumb
drive.google.com/viewerng/ Frame 2B38 115 KB
116 KB 67ms
67ms Image
image/webp 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://drive.google.com/viewerng/thumb?ds=AON1mFz8XyDI9iDvD8E1E8Pq8S9pXyzp7hwGOAo926qB3dYgm2QNNBICjQtjwifUfUJpbOLgXxhIOC9nmzCRYk1cc6OGQV0JqceJph96UqgMr-xZBHPodLeAvRYWrj6-TGv9TBVYhierrfmqw6irmEu_PlPexnHUSQ8k4gtfKY67UFSNJE074_QPF2jyUwEst92rOPCRmQuQfOmeCGJ67gRJZYuPddN_myZc2mNHdFfIlSedMQS9WrQ1yQOE1YX7VcWiBXOgHcGePnw8DWpRub1Ioi2c3Eh7NMKylXmvDmeamYqwZSAzWUd6CP114OFbeafoQSUJ3MxhvzHQkhzVHyvXl1nxdQfdRmiU1EW5IO_59kUxxiEtataKYq_wiIsOtLVBUlB_wP7ijQ0nDPg_Yq_kdvQ4cOMxNA%3D%3D&ck=lantern&authuser&w=800&webp=true&p=proj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

GSE /

Resource Hash

eb40363534b9cac37016a884cae2ba8c0cd402a4fed3910ac5258ae9014d97a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NrPiJNFzdL8e3FgFCIX_MQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-NrPiJNFzdL8e3FgFCIX_MQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/webp
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Tue, 28 Nov 2023 00:42:12 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/ Frame 2B38 1 MB
468 KB 597ms
143ms Script
text/javascript 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

b1e16244a3e5e266d49b305f455f49afe63132bb5ca0dbee4571d2209bf1dbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 23:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 478881
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 08:07:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 23:34:31 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame 2B38 18 KB
7 KB 510ms
46ms Script
text/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

sffe /

Resource Hash

51a90876ab23d81f4362e7339bd25aa1094f71e88125cc0e9816360afa35f67e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 00:42:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7117
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "1086fc741f289a52"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 00:42:13 GMT

POST cspreport
drive.google.com/ Frame 2B38 0
0

GET
H2 200 busy-state.gif
www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guideRuntime/resources/images/ Frame 7F0F 19 KB
20 KB 148ms
148ms Image
image/gif 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guideRuntime/resources/images/busy-state.gif

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guidetheme2/core.min.240438958c3e80245e573831f0bce282.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

7b9b9349bdea9da6dee05fb5b3825f9bd23b489bfc81163d6f016c57d82f05ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/etc.clientlibs/fd/af/runtime/clientlibs/guidetheme2/core.min.240438958c3e80245e573831f0bce282.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-cache: Miss from cloudfront
content-length: 19570
last-modified: Wed, 02 Oct 2019 11:04:27 GMT
server: Apache
etag: "4c72-593eb6ead44c0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=86400, public
accept-ranges: bytes
x-amz-cf-id: _PomTmM3W5TMqX7QLMrZkN-QPt651TMeABiItmLN8GWFgyfQkIsAVQ==

GET
H2 200 token.json Show response
www.loloestrin.com/libs/granite/csrf/ Frame 7F0F 2 B
436 B 135ms
133ms XHR
application/json 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loloestrin.com/libs/granite/csrf/token.json

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-93.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 28 Nov 2023 00:42:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: DUS51-P1
x-vhost: publish
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json;charset=iso-8859-1
cache-control: no-cache
content-length: 2
x-amz-cf-id: QtUmsPxqQHL0MqMR1YrapTw1ZIujBXM728Dey_z7N5ntl5LXWq7xgw==
expires: -1

POST
H2 200 interact Show response
smetrics.abbvie.com/ee/irl1/v1/ 587 B
429 B 69ms
69ms Fetch
application/json 63.140.62.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.abbvie.com/ee/irl1/v1/interact?configId=88c3dbfc-94a4-4ee5-b793-9e50c0fa6756&requestId=5acea859-7c3f-4df2-80ee-b3a0e12b291e

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-22.data.adobedc.net

Software

jag /

Resource Hash

fc210a0266990fef6e2191eef404631fc20203bb378a8a2e800dc7bd05cb2ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.loloestrin.com/savings-card/activation
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.loloestrin.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 5acea859-7c3f-4df2-80ee-b3a0e12b291e

GET
H2 200 launch-450e00021d4f.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/ Frame 7F0F 1 MB
207 KB 32ms
32ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 56a5b60a73cd2fa22af5a3d057a803035ba79062643d01bcd7b6fbfb4d6367dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:20 GMT
server: AkamaiNetStorage
etag: "50f93d1f7e4a93a7fd204f5b604a5d5d:1700719940.467172"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 211618
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ Frame 7F0F 1 KB
1 KB 529ms
68ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=onloadRecaptchaCallback&render=explicit&hl=en

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

0332cf3c3577f387c14e9fe0e47a187db303ef6d894c44a7606389585d4cb701

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 28 Nov 2023 00:42:13 GMT

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ Frame 7F0F 29 KB
29 KB 40ms
40ms Font
application/font-woff2 184.24.77.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/content/dam/loloestrin/css/forms/lolo-savings-program.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-156.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

Referer: https://www.loloestrin.com/
Origin: https://www.loloestrin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
server: nginx
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29820

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ Frame 7F0F 16 KB
17 KB 58ms
58ms Font
application/font-woff2 184.24.77.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/content/dam/loloestrin/css/forms/lolo-savings-program.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-156.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer: https://www.loloestrin.com/
Origin: https://www.loloestrin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
server: nginx
etag: "d6bfc4d27afeb61a1128d9c149ee5ed369aa27c3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16832

POST
H2 200 acquire Show response
smetrics.abbvie.com/ee/irl1/v1/identity/ Frame 7F0F 522 B
398 B 70ms
68ms Fetch
application/json 63.140.62.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.abbvie.com/ee/irl1/v1/identity/acquire?configId=88c3dbfc-94a4-4ee5-b793-9e50c0fa6756&requestId=561ab54b-9bee-4a02-9267-6147725afef3

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-22.data.adobedc.net

Software

jag /

Resource Hash

d29115e7be398b881d5f3172ba8c0acc528f04e9775f8bc5ca09fac5d5f1378a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.loloestrin.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 561ab54b-9bee-4a02-9267-6147725afef3

POST
H2 200 acquire Show response
smetrics.abbvie.com/ee/irl1/v1/identity/ Frame 7F0F 522 B
397 B 67ms
67ms Fetch
application/json 63.140.62.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.abbvie.com/ee/irl1/v1/identity/acquire?configId=88c3dbfc-94a4-4ee5-b793-9e50c0fa6756&requestId=0df9e161-76dd-4062-b78e-8b1258791805

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-22.data.adobedc.net

Software

jag /

Resource Hash

eda25cd98b6fa93502af92e92905c223649fefb1123c3f4973f5753d381456f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0/aemform.iframe.en.html?dataRef=&wcmmode=DISABLED
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.loloestrin.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 0df9e161-76dd-4062-b78e-8b1258791805

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 7F0F 180 KB
66 KB 370ms
229ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-4169376

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2e237cb65d251f5c833133623cb4499a2c134cc4de0d41f78c35a39117920fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67267
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 00:42:13 GMT

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/1029485116001/Mcp9TXMkPT_default/ Frame 7F0F 860 KB
229 KB 285ms
134ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/1029485116001/Mcp9TXMkPT_default/index.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bad780338b0e72863af554fc54519c19dbfdb176a79e9f894e22c2a353baf5b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id: dIKFCqiXcshO9wdprohce.7yEXg_O6eP
Content-Encoding: gzip
Date: Tue, 28 Nov 2023 00:42:13 GMT
x-amz-request-id: 2TZXXVSEXFVM1GF3
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 234156
x-amz-id-2: tdF/fxMNewFSPYlp85Ln4QTqiViZu1bUBeutX6KMl23uVfy4v29bLje1Ph1UL49nvR39pDD+gsU=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-etou8220076-FRA
Last-Modified: Thu, 27 Jul 2023 17:33:19 GMT
Server: AmazonS3
X-Timer: S1690479346.173139,VS0,VE644
ETag: "3ba3f4131c0ad3fe0e4d0e475710ebd5"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=155
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 7F0F 202 KB
54 KB 498ms
56ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 00:42:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: FNq9gwA9FKPQH+lTsBl1cEl0CmMjX9iInKzEsKu3nrjx//iDmum7eAUb09eYWtWj9b9ckpiQqdKqzZFOVr8wzA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RC3d4c54dfe107411c9be54fabdb34f6b3-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ Frame 7F0F 1 KB
812 B 63ms
62ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RC3d4c54dfe107411c9be54fabdb34f6b3-source.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0d5cd91f8f935edd7fc5bc6e21d6f4101a810a66d1bf155d8a53fe5ec73dbfb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 554
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ Frame 7F0F 1 KB
1 KB 253ms
85ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 00:42:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 RCb5f5cdde901e4d19bd9c7f642a810247-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ Frame 7F0F 12 KB
3 KB 49ms
49ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCb5f5cdde901e4d19bd9c7f642a810247-source.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f3885defe8eb0e627e1e438c6628013a0c12c3a319adcabd0881a84339976d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 2530
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H2 200 RCcb6e91654eeb48bd96f504d3ef14a46b-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ Frame 7F0F 7 KB
2 KB 44ms
43ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCcb6e91654eeb48bd96f504d3ef14a46b-source.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 03642ce896ebdc8f4c0011e3f5c2b58e54c8d9cb73cf148d98daa55f74bb74e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1921
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H2 200 RC90fcc21599b24af6acb0eea293ba369c-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ Frame 7F0F 2 KB
789 B 63ms
62ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RC90fcc21599b24af6acb0eea293ba369c-source.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1740f3258ee67bd6fda5f1c3755a58b9f5121431349d7af0fcef03d456fb02e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 531
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H2 200 8816f7de-875e-480b-9c4f-a9dfca029eee.json Show response
cdn.cookielaw.org/consent/8816f7de-875e-480b-9c4f-a9dfca029eee/ 3 KB
2 KB 485ms
64ms XHR
application/x-javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8816f7de-875e-480b-9c4f-a9dfca029eee/8816f7de-875e-480b-9c4f-a9dfca029eee.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65db08da7d6203eeaa518d2b802f784689cdd4c1a954474bb0b6d6d5dae14d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 68886
content-md5: lM0LvTKyIfgT57eOeAyqjg==
content-length: 1457
x-ms-lease-status: unlocked
last-modified: Wed, 08 Mar 2023 14:51:11 GMT
server: cloudflare
etag: 0x8DB1FE48F1A5D9C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6b1fbfc9-901e-003d-4441-0d4f98000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ce91dcdb166951-FRA
expires: Wed, 29 Nov 2023 00:42:13 GMT

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/1029485116001/Mcp9TXMkPT_default/ 860 KB
229 KB 286ms
137ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/1029485116001/Mcp9TXMkPT_default/index.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bad780338b0e72863af554fc54519c19dbfdb176a79e9f894e22c2a353baf5b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id: dIKFCqiXcshO9wdprohce.7yEXg_O6eP
Content-Encoding: gzip
Date: Tue, 28 Nov 2023 00:42:13 GMT
x-amz-request-id: 2TZXXVSEXFVM1GF3
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 234156
x-amz-id-2: tdF/fxMNewFSPYlp85Ln4QTqiViZu1bUBeutX6KMl23uVfy4v29bLje1Ph1UL49nvR39pDD+gsU=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-etou8220076-FRA
Last-Modified: Thu, 27 Jul 2023 17:33:19 GMT
Server: AmazonS3
X-Timer: S1690479346.173139,VS0,VE644
ETag: "3ba3f4131c0ad3fe0e4d0e475710ebd5"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=155
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 410ms
186ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 00:42:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: FNq9gwA9FKPQH+lTsBl1cEl0CmMjX9iInKzEsKu3nrjx//iDmum7eAUb09eYWtWj9b9ckpiQqdKqzZFOVr8wzA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RC3d4c54dfe107411c9be54fabdb34f6b3-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 1 KB
812 B 62ms
62ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RC3d4c54dfe107411c9be54fabdb34f6b3-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0d5cd91f8f935edd7fc5bc6e21d6f4101a810a66d1bf155d8a53fe5ec73dbfb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 554
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H2 200 RCa18be9c0102946dfa62f4a2128cd9d65-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ Frame 7F0F 17 KB
4 KB 64ms
64ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCa18be9c0102946dfa62f4a2128cd9d65-source.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 666315a79b6cacad6dd6f6010e60043c7d312596ca9838335621fb7e4b8f7b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 3514
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 96ms
60ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 00:42:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 RCb5f5cdde901e4d19bd9c7f642a810247-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 12 KB
3 KB 67ms
67ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCb5f5cdde901e4d19bd9c7f642a810247-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f3885defe8eb0e627e1e438c6628013a0c12c3a319adcabd0881a84339976d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 2530
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ Frame 7F0F 11 KB
5 KB 133ms
73ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 00:42:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 07 Mar 2024 00:42:13 GMT

GET
H2 200 RCcd55c862da184e79801366fa52b3dc87-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ Frame 7F0F 1 KB
864 B 59ms
59ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCcd55c862da184e79801366fa52b3dc87-source.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: aae9b539f8d569b99ab23f86e93af931bd5ce08f68c50df1ce6bc45c20648fce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 606
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H2 200 RCcb6e91654eeb48bd96f504d3ef14a46b-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 7 KB
2 KB 66ms
65ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCcb6e91654eeb48bd96f504d3ef14a46b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 03642ce896ebdc8f4c0011e3f5c2b58e54c8d9cb73cf148d98daa55f74bb74e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1921
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 7F0F 465 KB
186 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=onloadRecaptchaCallback&render=explicit&hl=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.loloestrin.com/
Origin: https://www.loloestrin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190682
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 00:02:21 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 178ms
102ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 00:42:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 07 Mar 2024 00:42:13 GMT

GET
H2 200 RC90fcc21599b24af6acb0eea293ba369c-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 2 KB
789 B 70ms
70ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RC90fcc21599b24af6acb0eea293ba369c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1740f3258ee67bd6fda5f1c3755a58b9f5121431349d7af0fcef03d456fb02e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 531
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ Frame 2B38 101 KB
36 KB 58ms
57ms Script
text/javascript 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

4e901ebb09fa9903e237ef74d0578bede0331fb3ef264ea7dabf79f894dd9556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36058
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 17:41:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 00:59:52 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/ Frame 2B38 317 KB
108 KB 47ms
47ms Script
text/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

sffe /

Resource Hash

c9643422ad1a6e19b5456a3c678900d6a7c5514cfca3d96d38086117ad619c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 19:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110558
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 19:24:11 GMT

GET
H3 200 auth_warmup Show response
drive.google.com/ Frame 68DD 0
23 B 196ms
195ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fdrive.google.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-VBAOGYfWCVwFUn0fjZerkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-VBAOGYfWCVwFUn0fjZerkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Tue, 28 Nov 2023 00:42:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 440ms
38ms Preflight
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://drive.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://drive.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 28 Nov 2023 00:42:14 GMT
expires: Tue, 28 Nov 2023 00:42:14 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2B38 131 B
155 B 133ms
48ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 00:42:14 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 608C 61 KB
35 KB 76ms
75ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LevZtUiAAAAAHzlZ-XUtNXEyiztsdQJbX3dG5eu&co=aHR0cHM6Ly93d3cubG9sb2VzdHJpbi5jb206NDQz&hl=en&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=v7skm3p6ttx8

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

bd5797afa0d4675fd842779635c4b3aa428894c3f655dd4707e4f59ecb5df73d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V-yq-6Ht5KOHMHjUdgqPeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.loloestrin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-V-yq-6Ht5KOHMHjUdgqPeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 00:42:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK visitWebPage
540-ymb-856.mktoresp.com/webevents/ Frame 7F0F 2 B
318 B 799ms
113ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://540-ymb-856.mktoresp.com/webevents/visitWebPage?_mchNc=1701132133770&_mchCn=&_mchId=540-YMB-856&_mchTk=_mch-loloestrin.com-1701132133770-13605&_mchHo=www.loloestrin.com&_mchPo=&_mchRu=%2Fcontent%2Floloestrin%2Fen-us%2Fsavings-card%2Factivation%2Fjcr%3Acontent%2Fcontentpar%2Fcontainer%2Fcontainerparsys%2Fcolumns%2F0%2Faemform.iframe.en.html&_mchPc=https%3A&_mchVr=163&_mchEcid=C2C7C77B56E2C5147F000101%40AdobeOrg%3A%3A91821990879154193513308187678076119096&_mchHa=&_mchRe=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation&_mchQp=dataRef%3D__-__wcmmode%3DDISABLED
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 00:42:14 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 2eb44aee-29b8-415d-854b-26604cdcb393

GET
H2 200 RCb1aadf0044094ce4a32d4705f0172eee-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 854 B
779 B 44ms
44ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCb1aadf0044094ce4a32d4705f0172eee-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f1087936a0d52c68e019c392daafc6887ff0369a14419c75fa295ccc03d8d44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 522
expires: Tue, 28 Nov 2023 01:42:13 GMT

POST
H/1.1 200
OK visitWebPage
540-ymb-856.mktoresp.com/webevents/ 2 B
318 B 759ms
111ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://540-ymb-856.mktoresp.com/webevents/visitWebPage?_mchNc=1701132133807&_mchCn=&_mchId=540-YMB-856&_mchTk=_mch-loloestrin.com-1701132133770-13605&_mchHo=www.loloestrin.com&_mchPo=&_mchRu=%2Fsavings-card%2Factivation&_mchPc=https%3A&_mchVr=163&_mchEcid=C2C7C77B56E2C5147F000101%40AdobeOrg%3A%3A91821990879154193513308187678076119096&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 00:42:14 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: f969ed5d-193d-40bc-b58d-5e03267326ca

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 608C 55 KB
24 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LevZtUiAAAAAHzlZ-XUtNXEyiztsdQJbX3dG5eu&co=aHR0cHM6Ly93d3cubG9sb2VzdHJpbi5jb206NDQz&hl=en&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=v7skm3p6ttx8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 19:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 19:52:39 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 608C 465 KB
186 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 22:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190682
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 22:38:04 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 40 KB
17 KB 217ms
71ms Script
application/javascript 108.157.5.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-251.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: d61a6b3234c115e36708d7bbf28cc53c3dc234feddecbba63f52dbca4254145e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17231
x-amz-cf-id: Lg7ictRDXhIk-GGnFUTeypJk0UOfNPy5fSYvyEp_8gB0D7ubRyMyQA==

GET
H2 200 RC3c4e18fcd9004c12a602adfb1ee855e2-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 2 KB
973 B 56ms
56ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RC3c4e18fcd9004c12a602adfb1ee855e2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c973e78035e93fd4781a930b334d78f26395dc229d07244837a28475f8e9916f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 715
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H2 200 3517640498343586 Show response
connect.facebook.net/signals/config/ Frame 7F0F 133 KB
35 KB 105ms
105ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3517640498343586?v=2.9.138&r=stable&domain=www.loloestrin.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

1fec60f58e74621e0ccc294cd1ead82b076c9d24ba4a409200fbe36f0f6523d7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 00:42:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 7Sh6nwCi4EyjMI0hM1Ud8KtcjJDcebQgjI8sbvDqxHVyoc3BJkdxGjxvSP6kjVjap6Gd0e+r7ZDSkc74Q0o2rw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CM2rw4S75YIDFdUx4AodT-UGOg;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=941492650.1701132134;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;ua... Show response
4169376.fls.doubleclick.net/ Frame D7A0
Redirect Chain

https://4169376.fls.doubleclick.net/activityi;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=941492650.1701132134;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;...
https://4169376.fls.doubleclick.net/activityi;dc_pre=CM2rw4S75YIDFdUx4AodT-UGOg;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=941492650.1701132134;gtm=45fe3b81;gcd=11l1l1l1l1;dma_...

868 B
570 B

50ms
49ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4169376.fls.doubleclick.net/activityi;dc_pre=CM2rw4S75YIDFdUx4AodT-UGOg;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=941492650.1701132134;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4169376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

424718f0685d12f70f5b388f4929feab026c54091d33ca917c881fba5651da50

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.loloestrin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 460
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 00:42:14 GMT
expires: Tue, 28 Nov 2023 00:42:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 00:42:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4169376.fls.doubleclick.net/activityi;dc_pre=CM2rw4S75YIDFdUx4AodT-UGOg;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=941492650.1701132134;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 RCa18be9c0102946dfa62f4a2128cd9d65-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 17 KB
4 KB 49ms
49ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCa18be9c0102946dfa62f4a2128cd9d65-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 666315a79b6cacad6dd6f6010e60043c7d312596ca9838335621fb7e4b8f7b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 3514
expires: Tue, 28 Nov 2023 01:42:13 GMT

GET
H3 200 meta Show response
drive.google.com/viewerng/ Frame 2B38 37 B
85 B 43ms
43ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/viewerng/meta?id=ACFrOgBmOHOxvQ0jUHlBTk0c8nsFc15h_uRoGpmL9VEJPgyune4fdIxAUKEf0psaLtGYgkfOeVs9htgNlzQUiqfTeCST_iZB5tdJ0buEJX6cgJFVko1nGzqIM6NgbOvHn7sPTjehQWgAPftoCHHP

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

12b9413bb52ba9af643d18f7278fcb6ff9e876000f6d486909cd2426a7a5a8e2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sgTofy0khAeBosBZRST_Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-sgTofy0khAeBosBZRST_Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 79BD 382 B
1 KB 419ms
32ms Document
text/html 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

sffe /

Resource Hash

534b68bee575cec779ea1b99e6b812f5fdff9a645d59176393f7850611c32d53

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-zyGWX4onJMCS9b_MBkxQ1g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 275
content-security-policy: script-src 'nonce-zyGWX4onJMCS9b_MBkxQ1g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 00:42:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 232ms
41ms Preflight
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://drive.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://drive.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 28 Nov 2023 00:42:14 GMT
expires: Tue, 28 Nov 2023 00:42:14 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2B38 131 B
155 B 129ms
47ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 00:42:14 GMT

GET
H3 200 3517640498343586 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3517640498343586?v=2.9.138&r=stable&domain=www.loloestrin.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1fec60f58e74621e0ccc294cd1ead82b076c9d24ba4a409200fbe36f0f6523d7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 00:42:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35682
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 7Sh6nwCi4EyjMI0hM1Ud8KtcjJDcebQgjI8sbvDqxHVyoc3BJkdxGjxvSP6kjVjap6Gd0e+r7ZDSkc74Q0o2rw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.25.0/ 318 KB
76 KB 37ms
37ms Script
application/javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wv3c0qnkBhaWE//T4i2BGA==
age: 84241
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 77456
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:46 GMT
server: cloudflare
etag: 0x8D9957C5F8AA42D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ade9286e-b01e-0015-1c7d-0c2e30000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ce91dd48fd3816-FRA

GET
DATA 200
OK truncated
/ Frame 608C 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 608C 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 608C 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 20:04:28 GMT
x-content-type-options: nosniff
age: 16665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:04:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 608C 15 KB
16 KB 408ms
24ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 251051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 02:58:03 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 608C 102 B
135 B 24ms
24ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LevZtUiAAAAAHzlZ-XUtNXEyiztsdQJbX3dG5eu&co=aHR0cHM6Ly93d3cubG9sb2VzdHJpbi5jb206NDQz&hl=en&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=v7skm3p6ttx8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 28 Nov 2023 00:42:13 GMT

GET
H2 200 RCcd55c862da184e79801366fa52b3dc87-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 1 KB
864 B 34ms
34ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCcd55c862da184e79801366fa52b3dc87-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: aae9b539f8d569b99ab23f86e93af931bd5ce08f68c50df1ce6bc45c20648fce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 606
expires: Tue, 28 Nov 2023 01:42:14 GMT

GET
H3 200 img Show response
drive.google.com/viewerng/ Frame 2B38 115 KB
115 KB 64ms
64ms XHR
image/webp 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/viewerng/img?id=ACFrOgBmOHOxvQ0jUHlBTk0c8nsFc15h_uRoGpmL9VEJPgyune4fdIxAUKEf0psaLtGYgkfOeVs9htgNlzQUiqfTeCST_iZB5tdJ0buEJX6cgJFVko1nGzqIM6NgbOvHn7sPTjehQWgAPftoCHHP&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb40363534b9cac37016a884cae2ba8c0cd402a4fed3910ac5258ae9014d97a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d7bhoDBBcYakcjsvAo1M9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:14 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-d7bhoDBBcYakcjsvAo1M9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/webp
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
drive.google.com/viewerng/ Frame 2B38 27 KB
8 KB 63ms
62ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/viewerng/presspage?id=ACFrOgBmOHOxvQ0jUHlBTk0c8nsFc15h_uRoGpmL9VEJPgyune4fdIxAUKEf0psaLtGYgkfOeVs9htgNlzQUiqfTeCST_iZB5tdJ0buEJX6cgJFVko1nGzqIM6NgbOvHn7sPTjehQWgAPftoCHHP&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e09ae700da66acebddfc23af4bf90146fe12cc11d1f971839bcbb33130f84ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IWyqRgyokvF8Ek3sNWxoKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-IWyqRgyokvF8Ek3sNWxoKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
content-encoding: gzip
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
drive.google.com/viewerng/ Frame 2B38 88 KB
88 KB 65ms
64ms XHR
image/webp 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d9219b9fde2e911717c49b2d54dbef03b52a966b0fdbb5d2e89e21048d9d642

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4GOZbcKaF7zijjOOUOULdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:14 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-4GOZbcKaF7zijjOOUOULdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/webp
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
drive.google.com/viewerng/ Frame 2B38 11 KB
4 KB 32ms
31ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8f72a1dc50a17e814ad62392837fcea4d7e6cdda429cf81a7fa4f8db9648a61c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AkDAbDWvEZOQh1hTJTPTIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-AkDAbDWvEZOQh1hTJTPTIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
content-encoding: gzip
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
drive.google.com/viewerng/ Frame 2B38 65 KB
65 KB 32ms
31ms XHR
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

106c8711e5a9dc97db17b26c02f7963124f8620f6c490a51873a9611824cb7f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Osp8CKYRZU6RmF_BZPRxRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:14 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-Osp8CKYRZU6RmF_BZPRxRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/d222c26d10f0a88dacceb3da240b347e
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
drive.google.com/viewerng/ Frame 2B38 10 KB
3 KB 31ms
30ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3219e27d432c3f553a8e86a67db19432321186cddacfcc899b1754016590307f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zzgz2OCxEGUwWJOOGPJKVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-zzgz2OCxEGUwWJOOGPJKVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
129 B 31ms
30ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3517640498343586&ev=PageView&dl=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation&rl=&if=false&ts=1701132134023&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4125&fbp=fb.1.1701132134022.1565879190&ler=empty&it=1701132133946&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 00:42:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/8816f7de-875e-480b-9c4f-a9dfca029eee/2e50f3d2-8727-4b66-8232-2c6b050e9c06/ 57 KB
14 KB 46ms
46ms Fetch
application/x-javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8816f7de-875e-480b-9c4f-a9dfca029eee/2e50f3d2-8727-4b66-8232-2c6b050e9c06/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aabb8a78902ddd88c40ddb6d7ce0085e5b9505a1f911b512c035036ad56fa1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 68884
content-md5: 9ikJpz6OIhKTkSuaVavs3A==
content-length: 14307
x-ms-lease-status: unlocked
last-modified: Wed, 08 Mar 2023 14:50:09 GMT
server: cloudflare
etag: 0x8DB1FE469C7074B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e38a792a-d01e-0003-06b4-12d8e7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ce91dddb846951-FRA
expires: Wed, 29 Nov 2023 00:42:14 GMT

GET
H2 200 ade82443-9d89-4afa-be49-7a4d8948b742.js Show response
tr.snapchat.com/config/com/ 480 B
750 B 178ms
74ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/ade82443-9d89-4afa-be49-7a4d8948b742.js?v=3.6.0-2311172034

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

5459b2282c83cb1c4142a69fb24bf5fdeda324f25abf6e1880f8633f5fa4e4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.loloestrin.com/
Origin: https://www.loloestrin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.loloestrin.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 480

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame F2DF 672 B
1 KB 183ms
81ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=ade82443-9d89-4afa-be49-7a4d8948b742&u_scsid=c8a9d6a0-480f-44d0-ad8c-5a6f40f26d00&u_sclid=3d47a610-d9e6-410b-953e-b61e8b0b2a3a

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.loloestrin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Tue, 28 Nov 2023 00:42:14 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 10

GET
BLOB 200
OK 1d5e6672-ac93-43a4-bf6a-7761ef372615
https://drive.google.com/ Frame 2B38 65 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://drive.google.com/1d5e6672-ac93-43a4-bf6a-7761ef372615
Requested by: Host: drive.google.com
URL: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 106c8711e5a9dc97db17b26c02f7963124f8620f6c490a51873a9611824cb7f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Length: 66319
Content-Type: image/png

GET
BLOB 200
OK 7ce20f4d-97bc-471e-bd7e-3f14ee642121
https://drive.google.com/ Frame 2B38 115 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://drive.google.com/7ce20f4d-97bc-471e-bd7e-3f14ee642121
Requested by: Host: drive.google.com
URL: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb40363534b9cac37016a884cae2ba8c0cd402a4fed3910ac5258ae9014d97a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Length: 117938
Content-Type: image/webp

GET
BLOB 200
OK 3f55bb2a-37b9-42e0-bea1-aacfc122cd6b
https://drive.google.com/ Frame 2B38 88 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://drive.google.com/3f55bb2a-37b9-42e0-bea1-aacfc122cd6b
Requested by: Host: drive.google.com
URL: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d9219b9fde2e911717c49b2d54dbef03b52a966b0fdbb5d2e89e21048d9d642

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Length: 89944
Content-Type: image/webp

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame F190 7 KB
1 KB 31ms
31ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LevZtUiAAAAAHzlZ-XUtNXEyiztsdQJbX3dG5eu

Requested by

Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2e7bb2c9fb6fc5c0b97abd60233c4f38866b3a6c2f97d3250c85e6e5ebbf92b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yIdFq4S3De7PJEjOFKQ5FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.loloestrin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yIdFq4S3De7PJEjOFKQ5FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 00:42:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 45ms
41ms Preflight
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://drive.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://drive.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 28 Nov 2023 00:42:14 GMT
expires: Tue, 28 Nov 2023 00:42:14 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2B38 131 B
155 B 131ms
49ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 00:42:14 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame D7A0 5 KB
3 KB 162ms
28ms Script
application/x-javascript 108.157.1.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: 4169376.fls.doubleclick.net
URL: https://4169376.fls.doubleclick.net/activityi;dc_pre=CM2rw4S75YIDFdUx4AodT-UGOg;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=941492650.1701132134;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-1-118.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4169376.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 02:57:00 GMT
Content-Encoding: gzip
Via: 1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Nov 2023 02:56:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P2
Age: 78329
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 6W-Gi4Oq6G5Mz4UDWoCNGdFMn4vtjId4Aur5LUy2ph-FqFtlkbf-mg==

GET
H2 200 dc_pre=CM2rw4S75YIDFdUx4AodT-UGOg;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=*;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
adservice.google.com/ddm/fls/z/ Frame D7A0 42 B
401 B 461ms
74ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM2rw4S75YIDFdUx4AodT-UGOg;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=*;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation

Requested by

Host: 4169376.fls.doubleclick.net
URL: https://4169376.fls.doubleclick.net/activityi;dc_pre=CM2rw4S75YIDFdUx4AodT-UGOg;src=4169376;type=lol_w004;cat=lol_w006;ord=3792357906316;auiddc=941492650.1701132134;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4169376.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 9 KB
3 KB 88ms
87ms Fetch
application/json 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: GusGKeZw4BFJM/nj45byyg==
age: 68883
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2584
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:37 GMT
server: cloudflare
etag: 0x8D9957C5AAAE362
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cb5370a8-001e-0062-1a70-0cfba4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ce91de7bcd6951-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/ 47 KB
12 KB 39ms
39ms Fetch
application/json 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9E3lVDuBS011aFtnS8Lptg==
age: 68883
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11581
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:38 GMT
server: cloudflare
etag: 0x8D9957C5B1359BC
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 27204c3b-201e-0017-3f1f-159088000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ce91de7bcf6951-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 20 KB
4 KB 86ms
86ms Fetch
text/css 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Nov 2023 00:42:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 41002
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ebe4b864-701e-000a-6fc7-139d34000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 82ce91de7bd06951-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame F190 55 KB
24 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LevZtUiAAAAAHzlZ-XUtNXEyiztsdQJbX3dG5eu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 19:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 19:52:39 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame F190 465 KB
186 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LevZtUiAAAAAHzlZ-XUtNXEyiztsdQJbX3dG5eu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 22:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190682
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 22:38:04 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame F2DF 40 KB
17 KB 58ms
58ms Script
application/javascript 108.157.5.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=ade82443-9d89-4afa-be49-7a4d8948b742&u_scsid=c8a9d6a0-480f-44d0-ad8c-5a6f40f26d00&u_sclid=3d47a610-d9e6-410b-953e-b61e8b0b2a3a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-251.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: d61a6b3234c115e36708d7bbf28cc53c3dc234feddecbba63f52dbca4254145e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17231
x-amz-cf-id: DAYG2Yz2H_ZRP-yEQS03AAtlI2PB_q7PPplKZ_gajOrTh5jaimY1SQ==

POST
H2 200 p
tr.snapchat.com/ 0
96 B 51ms
51ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.loloestrin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.loloestrin.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 7008
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1701132134344&u_scsid=a2c96ae2-0850-4c42-b5a6-5c13fae42840&u_sclid=a2959382-9441-487f-a768-8c582564c7bb
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1700683571276%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1700683571276%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1700683571276&pnid=140&pcid=f32713d9-5785-4aad-be27-10d439216cfc

68 B
87 B

19ms
18ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1700683571276&pnid=140&pcid=f32713d9-5785-4aad-be27-10d439216cfc

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-transform
content-length: 68
content-type: text/html
date: Tue, 28 Nov 2023 00:42:14 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 28 Nov 2023 00:42:14 GMT
location: https://tr.snapchat.com/cm/p?rand=1700683571276&pnid=140&pcid=f32713d9-5785-4aad-be27-10d439216cfc
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame 79BD 0
0 412ms
36ms Other
text/html 142.250.184.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/savings-card/activation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.241 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f17.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 79BD 18 KB
7 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b093037c5b94003859b96af6b27c8ba17832cfc8943b7511b905b571e78723

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 00:42:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7116
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "23edfa0f3c3c3329"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 00:42:14 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/ Frame 79BD 78 KB
27 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b6761aab8baec9a5478ad2a19f4f0b026a689bd35ae10b8a5725409f81a7300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 19:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27948
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 19:33:35 GMT

GET
H2 200 RC231c6af87bd7458090db88bee8920c77-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ Frame 7F0F 569 B
556 B 41ms
41ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RC231c6af87bd7458090db88bee8920c77-source.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6a7c6b7ac52ba62f03cec96844edff896de10cb372b08d50696230854c8a344e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 298
expires: Tue, 28 Nov 2023 01:42:14 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 79BD 0
172 B 152ms
152ms XHR
text/html 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://drive.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.49%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.49%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://drive.google.com

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:14 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 79BD 0
56 B 158ms
158ms XHR
text/html 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://drive.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.49%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.49%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://drive.google.com

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 00:42:14 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC2803923c51d84c50bb23807b7e0c63bc-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ Frame 7F0F 954 B
771 B 269ms
269ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RC2803923c51d84c50bb23807b7e0c63bc-source.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 31a86bbfaf1c3e703ad946d56502861f615b2f6339c12a89788e9719b3b80c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 513
expires: Tue, 28 Nov 2023 01:42:14 GMT

POST
H3 200 p
tr.snapchat.com/ 0
15 B 36ms
36ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.loloestrin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.loloestrin.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 29FD 889 B
973 B 59ms
52ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=30m8xed&ref=https%3A%2F%2Fwww.loloestrin.com%2F&upid=nf0cjwc&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: a5e917048fcb813542cd0d3bdbd0c0890aa82358b97c95e6b44b4c86ddf52974

Request headers

Referer: https://4169376.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 28 Nov 2023 00:42:14 GMT
server: Kestrel
vary: Accept-Encoding

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 29FD 488 B
1 KB 27ms
27ms Script
application/x-javascript 108.157.1.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=30m8xed&ref=https%3A%2F%2Fwww.loloestrin.com%2F&upid=nf0cjwc&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-1-118.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 07:48:59 GMT
Via: 1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P2
Age: 60796
x-amz-server-side-encryption: AES256
ETag: "2775054c068b37509e0798448f7fd32c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: C8QieXl3Rn-8HWlBMRxkuUxeHvktn4AKniUvHR4wiVNNXK9fHRjR9g==

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame C653
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTc3ZGY3ZDQtNTFhNy00ZjBjLTkzMzctNmIwMjg3YzI5MzE1&gdpr=0&gdpr_consent=&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b028...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315&google_gid=CAESEMpHl79dfSoiIt7weuOBFrA&google_cver=1

70 B
491 B

48ms
48ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315&google_gid=CAESEMpHl79dfSoiIt7weuOBFrA&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Tue, 28 Nov 2023 00:42:14 GMT
server: Kestrel

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 00:42:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315&google_gid=CAESEMpHl79dfSoiIt7weuOBFrA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

cksync Show response
hb.yahoo.net/ Frame 1268
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=a77df7d4-51a7-4f0c-9337-6b0287c29315&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=a77df7d4-51a7-4f0c-9337-6b0287c29315&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1SS1M3UmhKRTJ1R3U2VmJTOXN1TE5LanI1M0tpN3ZIVX5B&gdpr=0&ovsid=a77df7d4-51a7-4f0c-9337-6b0287c29315&dpid=55953

53 B
659 B

170ms
53ms

Document
image/gif

23.48.23.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1SS1M3UmhKRTJ1R3U2VmJTOXN1TE5LanI1M0tpN3ZIVX5B&gdpr=0&ovsid=a77df7d4-51a7-4f0c-9337-6b0287c29315&dpid=55953

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-8.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 53
content-type: image/gif
date: Tue, 28 Nov 2023 00:42:14 GMT
expires: Tue, 28 Nov 2023 00:42:14 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2: E

Redirect headers

age: 0
content-length: 0
date: Tue, 28 Nov 2023 00:42:14 GMT
location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1SS1M3UmhKRTJ1R3U2VmJTOXN1TE5LanI1M0tpN3ZIVX5B&gdpr=0&ovsid=a77df7d4-51a7-4f0c-9337-6b0287c29315&dpid=55953
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.87
strict-transport-security: max-age=31536000

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame B47E
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=143344489344674133&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315

70 B
492 B

49ms
49ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=143344489344674133&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Tue, 28 Nov 2023 00:42:14 GMT
server: Kestrel

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 63f40b8b-dff6-43d9-9d15-18a36c21e95e
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 00:42:14 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=143344489344674133&ttd_tdid=a77df7d4-51a7-4f0c-9337-6b0287c29315
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 31.133.93.105; 31.133.93.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2 200 RCbd9373ea60c5413fb0dc9655b0690f62-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ Frame 7F0F 1 KB
831 B 31ms
31ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCbd9373ea60c5413fb0dc9655b0690f62-source.min.js
Requested by: Host: www.loloestrin.com
URL: https://www.loloestrin.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.7733ba0dfab6b2e3701ee24eb19f032c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f7f558a09c387c59706e112087f1771f90cf21d6c6a311e22daa053a2bd6e244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 573
expires: Tue, 28 Nov 2023 01:42:14 GMT

GET
H2 200 RC231c6af87bd7458090db88bee8920c77-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 569 B
556 B 32ms
32ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RC231c6af87bd7458090db88bee8920c77-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6a7c6b7ac52ba62f03cec96844edff896de10cb372b08d50696230854c8a344e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 298
expires: Tue, 28 Nov 2023 01:42:14 GMT

GET
H2 200 RC2803923c51d84c50bb23807b7e0c63bc-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 954 B
771 B 30ms
30ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RC2803923c51d84c50bb23807b7e0c63bc-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 31a86bbfaf1c3e703ad946d56502861f615b2f6339c12a89788e9719b3b80c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:14 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 513
expires: Tue, 28 Nov 2023 01:42:14 GMT

GET
H2 200 RCbd9373ea60c5413fb0dc9655b0690f62-source.min.js Show response
assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/ 1 KB
831 B 32ms
32ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/b21ab0941aac/RCbd9373ea60c5413fb0dc9655b0690f62-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/acb96670c057/48663f28f53f/launch-450e00021d4f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f7f558a09c387c59706e112087f1771f90cf21d6c6a311e22daa053a2bd6e244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.loloestrin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:42:15 GMT
content-encoding: gzip
last-modified: Thu, 23 Nov 2023 06:12:21 GMT
server: AkamaiNetStorage
etag: "0a10648ab7bc353c3eec8ddab615b6a6:1700719941.460811"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.loloestrin.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 573
expires: Tue, 28 Nov 2023 01:42:15 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 64ms
64ms Preflight
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://drive.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://drive.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 28 Nov 2023 00:42:16 GMT
expires: Tue, 28 Nov 2023 00:42:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2B38 131 B
155 B 48ms
48ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.-1ND4wBLvAM.O/am=EAY/d=1/rs=AC2dHML6ZT3_27rygDYgaTNTIKS60r7xLA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 00:42:16 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 00:42:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZWU3ZAAAAJOCDANx&img=1

Domain: drive.google.com
URL: https://drive.google.com/cspreport

Domain: drive.google.com
URL: https://drive.google.com/cspreport

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.loloestrin.com/content/loloestrin/en-us/savings-card/activation/jcr:content/contentpar/container/containerparsys/columns/0	1970-01-20 16:32:15	Name: ac_trxid Value: wkl2s1oxw
sc-static.net/scevent.min.js	1970-01-20 16:33:38	Name: X-AB Value: undefined
www.loloestrin.com/savings-card	1969-12-31 23:59:59	Name: aam_uuid Value: 92232215453143947243277430175639391371
www.loloestrin.com/savings-card	1970-01-20 16:32:15	Name: ac_trxid Value: guuxj2sh7
www.allergansavingscard.com/	1970-01-20 16:32:13	Name: AWSELB Value: FB9DB3E914803E547B398A64E50F46E1A6B118B64C08BC0CC84EB18A16189F4CA2703EC845EAF9CE42AFD5CC8B212979F9AF4118B9FF4907EF59569FEFFCAF98E8116725DE
www.allergansavingscard.com/	1970-01-20 16:32:13	Name: AWSELBCORS Value: FB9DB3E914803E547B398A64E50F46E1A6B118B64C08BC0CC84EB18A16189F4CA2703EC845EAF9CE42AFD5CC8B212979F9AF4118B9FF4907EF59569FEFFCAF98E8116725DE
www.loloestrin.com/	1970-01-20 16:32:13	Name: AWSELB Value: FB9DB3E914803E547B398A64E50F46E1A6B118B64C08BC0CC84EB18A16189F4CA2703EC845EAF9CE42AFD5CC8B212979F9AF4118B9FF4907EF59569FEFFCAF98E8116725DE
www.loloestrin.com/	1970-01-20 16:32:13	Name: AWSELBCORS Value: FB9DB3E914803E547B398A64E50F46E1A6B118B64C08BC0CC84EB18A16189F4CA2703EC845EAF9CE42AFD5CC8B212979F9AF4118B9FF4907EF59569FEFFCAF98E8116725DE
www.loloestrin.com/	1970-01-21 01:17:48	Name: modal_view_once-modalpopup Value: true
www.loloestrin.com/	1969-12-31 23:59:59	Name: Global%20\|%20All%20\|%20Page%20\|%20Ad%20Blocker Value: ad%20blocker%20absent
.demdex.net/	1970-01-20 20:51:24	Name: demdex Value: 92232215453143947243277430175639391371
.loloestrin.com/	1970-01-20 16:32:13	Name: kndctr_C2C7C77B56E2C5147F000101_AdobeOrg_cluster Value: irl1
.loloestrin.com/	1970-01-21 02:01:00	Name: kndctr_C2C7C77B56E2C5147F000101_AdobeOrg_identity Value: CiY5MTgyMTk5MDg3OTE1NDE5MzUxMzMwODE4NzY3ODA3NjExOTA5NlITCIbBgZvBMRABGAEqBElSTDEwAKABi8GBm8ExsAEA8AGGwYGbwTE=
.loloestrin.com/	1970-01-21 01:53:48	Name: AMCV_C2C7C77B56E2C5147F000101%40AdobeOrg Value: MCMID\|91821990879154193513308187678076119096
.yahoo.com/	1970-01-21 01:18:09	Name: A3 Value: d=AQABBGQ3ZWUCEHVD3iR5uMZ4DhRwSkqHXaoFEgEBAQGIZmVvZcwU0iMA_eMAAA&S=AQAAAuD_pXfdcN28ydX1b5X0sfE
.agkn.com/	1970-01-21 01:17:48	Name: ab Value: 0001%3A6icGJaLq3kU%2FrKMK2yrLkD%2BiYbWGHNnp
.doubleclick.net/	1970-01-21 01:53:48	Name: IDE Value: AHWqTUlcp8OYRdFH2SZS493lgvyNbzkeIsT9YENLRSAD8p3dWlV3Y5G4jITR9OOwUck
.adsrvr.org/	1970-01-21 01:19:14	Name: TDID Value: a77df7d4-51a7-4f0c-9337-6b0287c29315
www.loloestrin.com/	1969-12-31 23:59:59	Name: Refchannel Value: direct
www.loloestrin.com/	1970-01-20 16:32:13	Name: s_gppt Value: patient%20services
www.loloestrin.com/	1970-01-20 16:32:13	Name: s_gpss Value: savings%20card
www.loloestrin.com/	1970-01-20 16:32:13	Name: s_gpv Value: loloestrin\|br\|ob-gyn\|uf\|activation
.everesttech.net/	1970-01-21 01:17:48	Name: everest_g_v2 Value: g_surferid~ZWU3ZAAAAJOCDANx
.google.com/	1970-01-20 20:55:43	Name: NID Value: 511=W2EtExa8sNJ8ovdAW-OR6F3o-XO-ydkUppmKk9gv5PfNjlW4sf33CBSfwXZswHxp51WLfdpm4ncO9uE50cNZYCUZ_b4lH18iFE2maTRuYga3wW0MLrDr-GH0nnOJZyKt8YWamA55JvspLBQeCHwGFnimgvEqwQiSL7Wb7XdUlJg
.dpm.demdex.net/	1970-01-20 20:51:24	Name: dpm Value: 92232215453143947243277430175639391371
www.loloestrin.com/	1970-01-21 02:08:12	Name: s_tslv Value: 1701132132855
www.loloestrin.com/	1969-12-31 23:59:59	Name: s_inv Value: 0
www.loloestrin.com/	1970-01-20 17:15:24	Name: s_nr30 Value: 1701132132856-New
www.loloestrin.com/	1969-12-31 23:59:59	Name: visit_num Value: Target
.turn.com/	1970-01-20 20:51:24	Name: uid Value: 2942070683537599134
.casalemedia.com/	1970-01-21 01:17:48	Name: CMID Value: ZWU3Zf1cgmqtiynI3qonFgAA
.casalemedia.com/	1970-01-20 18:41:48	Name: CMPS Value: 2128
.casalemedia.com/	1970-01-20 18:41:48	Name: CMPRO Value: 2128
.onaudience.com/	1970-01-21 01:17:48	Name: cookie Value: 6b1c6e51e42d8791
.pubmatic.com/	1970-01-20 18:41:48	Name: KRTBCOOKIE_218 Value: 4056-ZWU3ZAAAAJOCDANx&KRTB&22978-ZWU3ZAAAAJOCDANx&KRTB&23194-ZWU3ZAAAAJOCDANx&KRTB&23209-ZWU3ZAAAAJOCDANx
.pubmatic.com/	1970-01-20 17:15:24	Name: PugT Value: 1701132132
.adnxs.com/	1970-01-20 18:41:48	Name: uuid2 Value: 143344489344674133
.openx.net/	1970-01-21 01:17:48	Name: i Value: e3121bda-a888-47ad-a78a-57cf7180db46\|1701132133
.rubiconproject.com/	1970-01-21 01:17:48	Name: khaos Value: LPHM5EK8-14-6OOD
.rubiconproject.com/	1970-01-21 01:17:48	Name: audit Value: 1\|nDT87adlqvdZpxghk8/KA3iuSi/OUZ/KtrhPABtWbivoNVMD0uFGSqGNcPHiK6kCAJPohnx0DrqM1KxoLazIt8oW2SgbbjsrEOjxxX8e+bOQiIc0sOLS+idhOkhX5iOsHDGqju1baMR/6K+MJaMXAo76/Gy8ewrDCOeqF/Dn4Co=
.adnxs.com/	1970-01-20 18:41:48	Name: anj Value: dTM7k!M4.FErk#WF']wIg2E?greO@0!]tbPl1MwL(!R7qUY#Qu[/a'L(>##7b2b]j$]!QtEQtv`9RFMZ9bmtwgM/]vGiO`SMcdoD3jy1642tv0!>LCsa/_P2
.krxd.net/	1970-01-20 20:51:24	Name: _kuid_ Value: P8SBLPNP
.loloestrin.com/	1970-01-20 18:41:48	Name: _gcl_au Value: 1.1.941492650.1701132134
.loloestrin.com/	1970-01-21 02:08:12	Name: _mkto_trk Value: id:540-YMB-856&token:_mch-loloestrin.com-1701132133770-13605
.loloestrin.com/	1970-01-20 18:41:48	Name: _fbp Value: fb.1.1701132134022.1565879190
.loloestrin.com/	1970-01-21 02:01:58	Name: _scid Value: eff65c64-abe0-4c55-8855-6567ef193e24
.loloestrin.com/	1970-01-21 02:01:58	Name: _scid_r Value: eff65c64-abe0-4c55-8855-6567ef193e24
.www.loloestrin.com/	1970-01-21 01:17:48	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Nov+28+2023+01%3A42%3A14+GMT%2B0100+(Central+European+Standard+Time)&version=6.25.0&hosts=&consentId=6c431095-756d-4e1f-a3bb-f5f6ff4a5185&interactionCount=0&landingPath=https%3A%2F%2Fwww.loloestrin.com%2Fsavings-card%2Factivation&groups=BG395%3A1%2CC0001%3A1%2CBG396%3A1%2CC0003%3A1%2CC0002%3A1%2CBG397%3A1%2CC0004%3A1
.snapchat.com/	1970-01-21 01:53:48	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ3AMAgDwImQMLhCzjYkqFNk+H57r2umfJ62KMEYlGk27RWqe4K+zwV9oRzIQPL+6h/WC6FDQAAAAA==
.tapad.com/	1970-01-20 17:58:36	Name: TapAd_TS Value: 1701132134523
.tapad.com/	1970-01-20 17:58:36	Name: TapAd_DID Value: f32713d9-5785-4aad-be27-10d439216cfc
.tapad.com/	1970-01-20 17:58:36	Name: TapAd_3WAY_SYNCS Value:
.loloestrin.com/	1970-01-21 02:01:58	Name: _sctr Value: 1%7C1701126000000
www.loloestrin.com/	1969-12-31 23:59:59	Name: ac_mcid Value: 91821990879154193513308187678076119096
.analytics.yahoo.com/	1970-01-21 01:17:48	Name: IDSYNC Value: "19cu~2fao:1769~2fao:19e0~2fao"
.adsrvr.org/	1970-01-21 01:19:14	Name: TDCPM Value: CAESEgoDYWFtEgsImOK-z5zttzwQBRIVCgZnb29nbGUSCwiMiIjgnO23PBAFEhkKCnJpZ2h0bWVkaWESCwjeoojgnO23PBAFEhcKCGFwcG5leHVzEgsIzsqS4ZzttzwQBRgFIAEoAzILCIDZio2z7bc8EAVCDyINCAESCQoFdGllcjEQAVoHMzBtOHhlZGAB
.hb.yahoo.net/	1970-01-20 20:51:24	Name: visitor-id Value: 3441337343389753000V10
.hb.yahoo.net/	1970-01-20 16:52:21	Name: data-ttd Value: a77df7d4-51a7-4f0c-9337-6b0287c29315~~63
www.loloestrin.com/	1969-12-31 23:59:59	Name: ac_uuid Value: 92232215453143947243277430175639391371

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=92232215453143947243277430175639391371 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-y0gIMYjQlrdK8EN5DmLtXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://drive.google.com/viewerng/viewer?embedded=true&url=https://media.allergan.com/actavis/actavis/media/allergan-pdf-documents/product-prescribing/NDA-22501-Lo-Loestrin-Fe-PI-CLEAN-08-2017_ver1.pdf(Line 8) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-y0gIMYjQlrdK8EN5DmLtXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
network	error	URL: https://dt.scanscout.com/ssframework/uid?UIAA=92232215453143947243277430175639391371&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZWU3ZAAAAJOCDANx&img=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://drive.google.com/start Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://drive.google.com/start Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4169376.fls.doubleclick.net
540-ymb-856.mktoresp.com
aa.agkn.com
adobedc.demdex.net
adservice.google.com
aorta.clickagy.com
apis.google.com
assets.adobedtm.com
beacon.krxd.net
cdn.cookielaw.org
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
content.googleapis.com
csp.withgoogle.com
d.turn.com
dpm.demdex.net
drive.google.com
dsum-sec.casalemedia.com
dt.scanscout.com
fonts.gstatic.com
hb.yahoo.net
ib.adnxs.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
munchkin.marketo.net
p.typekit.net
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
play.google.com
players.brightcove.net
reattest.loloestrin.com
rtb.adentifi.com
sc-static.net
smetrics.abbvie.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
tr.snapchat.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
usermatch.krxd.net
www.allergansavingscard.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.loloestrin.com
drive.google.com
sync.search.spotxchange.com
104.18.131.236
104.18.36.155
108.157.1.118
108.157.5.251
141.94.170.64
142.250.184.241
142.250.185.168
142.250.186.100
142.250.186.131
142.250.186.142
142.250.186.98
142.250.74.198
142.250.74.202
151.101.66.49
157.240.252.13
157.240.252.35
159.180.132.181
172.217.16.195
172.217.18.110
172.217.18.14
172.217.18.2
172.64.151.238
18.184.223.197
18.66.248.93
184.24.77.146
184.24.77.156
185.89.210.46
192.28.144.124
198.47.127.205
199.127.207.184
23.197.137.224
23.35.236.237
23.35.237.37
23.48.23.8
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a03:2880:f084:d:face:b00c:0:3
3.228.144.86
3.33.220.150
3.75.62.37
34.111.113.62
34.234.12.204
35.190.43.134
35.244.159.8
35.244.174.68
46.228.164.13
52.16.155.12
52.48.81.28
54.194.149.91
54.243.20.188
54.77.1.126
63.140.62.22
69.173.144.139
0332cf3c3577f387c14e9fe0e47a187db303ef6d894c44a7606389585d4cb701
03642ce896ebdc8f4c0011e3f5c2b58e54c8d9cb73cf148d98daa55f74bb74e2
0934baa78ed8f46faf74cf2f48f2ea0c09ec1e85b9da6d95cc847ddb35915e14
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d5cd91f8f935edd7fc5bc6e21d6f4101a810a66d1bf155d8a53fe5ec73dbfb4
106c8711e5a9dc97db17b26c02f7963124f8620f6c490a51873a9611824cb7f6
12b9413bb52ba9af643d18f7278fcb6ff9e876000f6d486909cd2426a7a5a8e2
14a623315553370fe83110c65e3a7b36c259fbc78700b02f907bc76b7083d04c
1625a425e13dc98d675cc89937ec8058c82a5c14541509674c8fe13894c73382
1740f3258ee67bd6fda5f1c3755a58b9f5121431349d7af0fcef03d456fb02e4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fec60f58e74621e0ccc294cd1ead82b076c9d24ba4a409200fbe36f0f6523d7
2315f717fc23e2ee29c923123faf154502a9b27a1438a5d3af9e94c2804e0c83
23d7949eed9b2fa0876201f1b2877b6975b52ee5f508de207646ecbf320f369f
2b6761aab8baec9a5478ad2a19f4f0b026a689bd35ae10b8a5725409f81a7300
2b677626e40f9275634ad8e2e6f35512f425ede2e07df85a6e3ab25eaef19816
2dbef786ae6e4df752314774f57ebf3d14569f3fa6aa26a387c88903605f3813
2e237cb65d251f5c833133623cb4499a2c134cc4de0d41f78c35a39117920fa3
2e493828b1fc7bb1b993c258808f621f7cf6c2963768d9b4a2ae9b057e07f4d6
2e7bb2c9fb6fc5c0b97abd60233c4f38866b3a6c2f97d3250c85e6e5ebbf92b5
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
31a86bbfaf1c3e703ad946d56502861f615b2f6339c12a89788e9719b3b80c1b
3219e27d432c3f553a8e86a67db19432321186cddacfcc899b1754016590307f
325d7728a4a32b2ee608f6dc8e032b61ba4096115ed4fce08cdf7e7c03685294
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
398c810eef105d9a424018ce34724150222dd7e9d9f11093cdebfe16ad57fb97
3d9219b9fde2e911717c49b2d54dbef03b52a966b0fdbb5d2e89e21048d9d642
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ecffa256d55f5b142108a2e9b68c3d21e2ff3a34a8a0639d908368205b09407
3f87b1b70981138c316da9e6fa6a2b43950bf9471720cd530fdb86fbba99decf
3fa8313c4592a95fd6971196bae4dd6817246c19ec6646b2f47076c556f652a9
424718f0685d12f70f5b388f4929feab026c54091d33ca917c881fba5651da50
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47437fc59bb566bdc8582269237b5f8e98967bb07159fe325d6f0abc79e21e77
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e09ae700da66acebddfc23af4bf90146fe12cc11d1f971839bcbb33130f84ef
4e901ebb09fa9903e237ef74d0578bede0331fb3ef264ea7dabf79f894dd9556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51a90876ab23d81f4362e7339bd25aa1094f71e88125cc0e9816360afa35f67e
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
534b68bee575cec779ea1b99e6b812f5fdff9a645d59176393f7850611c32d53
5459b2282c83cb1c4142a69fb24bf5fdeda324f25abf6e1880f8633f5fa4e4e1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ae7afdb312f859dcdd472bf4ff167c168f2af17a95401bde73cc689471d80c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56a5b60a73cd2fa22af5a3d057a803035ba79062643d01bcd7b6fbfb4d6367dd
56bba22cfb91420da5617d5798f7109995a02709ab2b24638aab648e93a74f87
5acf7eeee1f06a2cc25b8785051fcb9cff772cdeb82dcda7dee657ccb3b2828c
5c2069789c2150a899bdf1d9dc8f28606248fb43f97de95e9d771405aea5347f
5c9f600b175a870a39e534669ba425e642b0e3b79946273b04f36278fb14c89d
6101e985d41f31fcdc65993ac356df0521cbcabfe0fdee8cda781e0610745eaf
617b6505d667af18dddef3c8222ec63e685bafc94906e549d50d045a7f18623e
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6631454376a4f4e17e347cf3885fd6626d6be356b0b28517215e83d0eedc1c64
666315a79b6cacad6dd6f6010e60043c7d312596ca9838335621fb7e4b8f7b6b
679ae9f84783f460006e08489ce63f29ff598a6ef92036f3b028327858aab26f
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6a7c6b7ac52ba62f03cec96844edff896de10cb372b08d50696230854c8a344e
6aabb8a78902ddd88c40ddb6d7ce0085e5b9505a1f911b512c035036ad56fa1d
6b267ae7688c8897f3ed055b71094b1f07554a53c33f9f7fd9ba3f48311c3e42
6e496092fa5b06d0652cd3abfafeef6194602a9f2e7339e6529536a3e6a6fb2f
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b9b9349bdea9da6dee05fb5b3825f9bd23b489bfc81163d6f016c57d82f05ff
7d3984b8457aaf7fbfb77f09cdaddb44aa1ba3da391ef393867dee7b3959ffee
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f72a1dc50a17e814ad62392837fcea4d7e6cdda429cf81a7fa4f8db9648a61c
94a71156a5d39b0e0a5a748d1f79e39a1a63c447e9cd19809a345e02e7a2ac36
98224c7dc793e670e557a96221339918cc205d4fc8829a96ba66d44035f63d73
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a
a0187623f36e60dc42b459d7e98e3cce91487a719a577caaeade0cb3753cc4af
a0d4ff4980982a9a50d01fe29071f098e2724ea7d84292af6b41a0826c3040b8
a4021872b5faba47d487c375fa1fa9a8366dae03490741972c610ff54d6f581c
a425662c57b1b8b431c5ec9cbfab50034d987f02906aa71d38a0e9308de50041
a5e917048fcb813542cd0d3bdbd0c0890aa82358b97c95e6b44b4c86ddf52974
aae9b539f8d569b99ab23f86e93af931bd5ce08f68c50df1ce6bc45c20648fce
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e16244a3e5e266d49b305f455f49afe63132bb5ca0dbee4571d2209bf1dbb4
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
b8a5b04adf1980122f9a66c585265c7b5016356cd0cf573084d4d6d830cf4619
bad780338b0e72863af554fc54519c19dbfdb176a79e9f894e22c2a353baf5b8
bd5797afa0d4675fd842779635c4b3aa428894c3f655dd4707e4f59ecb5df73d
bedd21590b00f58ad33b7733409968ff6542237b8e9de82a6b7cf120246889fe
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
c565650c32a528c09b33ac25c901da58ab9a0d21c42442697931c6e1e2e9a601
c6d0284bf70d7e02523f93337303bb3be3b6b5e92ff49dba2ed848d6dfc40a37
c9643422ad1a6e19b5456a3c678900d6a7c5514cfca3d96d38086117ad619c8f
c973e78035e93fd4781a930b334d78f26395dc229d07244837a28475f8e9916f
c9eae6ece2a419cf5eb5b06e8914bf682cc72cd69a398699faf881a9a12802da
cb7d4fa6ae031d186746232dc5ca448396f3a66f2c491589bd115f8e97ce2b42
cf5a208271a62cd706a7de3f41cbabaae530d7b33b8d6fbbcff6faa8933cc51a
cfd45460079db46add4401c76314089a69c608eb1c15b26289218bb0e56b9bb2
d0f055d1c0822f2a6973c50e600860239a7934d7840aa87c164488c0152bbe7a
d29115e7be398b881d5f3172ba8c0acc528f04e9775f8bc5ca09fac5d5f1378a
d504d5f904e308c4dc701b090b25fa02ffe4e3d8b2e5085f1aa619d142f4c3e9
d61a6b3234c115e36708d7bbf28cc53c3dc234feddecbba63f52dbca4254145e
da5084386f6409a04b7f695f0e769e87ef03b0e117b7f23ed25e2d581320d665
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e3b093037c5b94003859b96af6b27c8ba17832cfc8943b7511b905b571e78723
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4239a31579aae67392841bc05cd4089491dc85e59e4f77115900b1fc0fe57f1
e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00
e549f1ce1b74e9d0791a60cb5864596a6e5f5d5d20f76557fc958303d1fed5f0
e6107f7ecd73f873ec463e5047ba642205eefe9e501edf3d553f0ea41443818d
e78ccb25f54d611789d04e4b472489e971c95e6de209eb18af0bd6a76dbafdd4
eb40363534b9cac37016a884cae2ba8c0cd402a4fed3910ac5258ae9014d97a6
eda25cd98b6fa93502af92e92905c223649fefb1123c3f4973f5753d381456f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1087936a0d52c68e019c392daafc6887ff0369a14419c75fa295ccc03d8d44a
f3885defe8eb0e627e1e438c6628013a0c12c3a319adcabd0881a84339976d27
f642efd7411b17d6a89b07ad4f986f5d6caf09e5bacb98ea251d5101b57233de
f65db08da7d6203eeaa518d2b802f784689cdd4c1a954474bb0b6d6d5dae14d3
f6b86a9f9e78e8d5befc3898dd9898d77ad7378a3dfb8c0f8bf0dfd306f62861
f7f558a09c387c59706e112087f1771f90cf21d6c6a311e22daa053a2bd6e244
fc210a0266990fef6e2191eef404631fc20203bb378a8a2e800dc7bd05cb2ca1
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065
feeae3c9f726f2775030a6e50b07f1e76921697018fb95b261f13e14d7408a9d

www.loloestrin.com Open in urlscan Pro 18.66.248.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

87 %HTTPS

11 %IPv6

41 Domains

55 Subdomains

46 IPs

6 Countries

4079 kBTransfer

13958 kBSize

59 Cookies

11 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.loloestrin.com Open in urlscan Pro
18.66.248.93 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

87 %
HTTPS

11 %
IPv6

41
Domains

55
Subdomains

46
IPs

6
Countries

4079 kB
Transfer

13958 kB
Size

59
Cookies

186 HTTP transactions
3 data transactions