www.buyhvnsleep.com Open in urlscan Pro
2600:9000:2359:a800:10:781f:db40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trk.klclick2.com/ls/click?upn=yuyDycS1OrrAj3fl22OC-2BvqJnqPEY306xDPiLb2ZoQUJOBDiboygq32YryLrMupvPwlkfA4mdiG9lTFv4...
Effective URL:
https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_O...
Submission: On February 13 via manual (February 13th 2024, 1:27:56 pm UTC) from US — Scanned from DE

Summary HTTP 149 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 48 domains to perform 149 HTTP transactions. The main IP is 2600:9000:2359:a800:10:781f:db40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.buyhvnsleep.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 12th 2023. Valid for: a year.

This is the only time www.buyhvnsleep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:225... 2600:9000:2251:a800:15:1199:2d80:93a1	16509 (AMAZON-02) (AMAZON-02)
22	2600:9000:235... 2600:9000:2359:a800:10:781f:db40:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
7	2620:1ec:46::60 2620:1ec:46::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:6a00:18:d154:1680:21	16509 (AMAZON-02) (AMAZON-02)
6	40.64.128.231 40.64.128.231	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::62 2620:1ec:bdf::62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	52.183.82.125 52.183.82.125	() ()
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.218.235.88 52.218.235.88	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:72d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
4	35.157.153.226 35.157.153.226	16509 (AMAZON-02) (AMAZON-02)
3	64.74.236.223 64.74.236.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2600:9000:264... 2600:9000:2644:9400:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
3 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:4950:969e:f5eb:f7a7	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	81.17.55.173 81.17.55.173	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.48.23.67 23.48.23.67	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.74.195.22 54.74.195.22	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	63.33.84.84 63.33.84.84	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.28.59.154 52.28.59.154	16509 (AMAZON-02) (AMAZON-02)
1	52.27.218.113 52.27.218.113	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.194.51.83 18.194.51.83	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:fd61:1a55:4e4a:dab1	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.49.220.129 52.49.220.129	16509 (AMAZON-02) (AMAZON-02)
1	54.93.131.135 54.93.131.135	16509 (AMAZON-02) (AMAZON-02)
1	54.194.187.215 54.194.187.215	16509 (AMAZON-02) (AMAZON-02)
149	57

1 2600:9000:2251:a800:15:1199:2d80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:9000:2359:a800:10:781f:db40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.buyhvnsleep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ctrwow-commonstorage.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:6a00:18:d154:1680:21 (United States)

ASN16509 (AMAZON-02, US)

d16hdrba6dusey.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 40.64.128.231 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

salessupport.tryemanagecrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::62 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.183.82.125 (United States)

ASN- ()

ctrwow-prod-heatmapapi-microservice.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ctrwow-prod-fingerprint-microservice.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.235.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:72d (United States)

ASN13335 (CLOUDFLARENET, US)

js-tag.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.153.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-153-226.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:9400:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:4950:969e:f5eb:f7a7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.173 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.67 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-67.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.195.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-195-22.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.84.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-84-84.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.59.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-59-154.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.218.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-218-113.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.51.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-51-83.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:fd61:1a55:4e4a:dab1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.220.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-220-129.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.131.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-131-135.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.187.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-187-215.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	buyhvnsleep.com www.buyhvnsleep.com	16 MB
10	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4093 gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 3029 sslwidget.criteo.com — Cisco Umbrella Rank: 2370 widget.us.criteo.com — Cisco Umbrella Rank: 19321 dis.criteo.com — Cisco Umbrella Rank: 598	34 KB
9	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 80 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 258	7 KB
8	google.de www.google.de — Cisco Umbrella Rank: 6562	1 KB
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2720 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	43 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	648 KB
7	azureedge.net ctrwow-commonstorage.azureedge.net	46 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	7 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 704 c.clarity.ms — Cisco Umbrella Rank: 1313 e.clarity.ms — Cisco Umbrella Rank: 16512	28 KB
6	tryemanagecrm.com salessupport.tryemanagecrm.com	1 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1156 trc.taboola.com — Cisco Umbrella Rank: 650 sync-t1.taboola.com — Cisco Umbrella Rank: 1747 trc-events.taboola.com — Cisco Umbrella Rank: 2279	24 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2849 tr.outbrain.com — Cisco Umbrella Rank: 2734 wave.outbrain.com — Cisco Umbrella Rank: 2832 sync.outbrain.com — Cisco Umbrella Rank: 839	9 KB
5	azurewebsites.net ctrwow-prod-heatmapapi-microservice.azurewebsites.net ctrwow-prod-fingerprint-microservice.azurewebsites.net	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2871	9 KB
4	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 248 bat.bing.com — Cisco Umbrella Rank: 363	14 KB
4	gstatic.com fonts.gstatic.com	117 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 252	3 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1800	1 KB
2	adroll.com s.adroll.com — Cisco Umbrella Rank: 3380 d.adroll.com — Cisco Umbrella Rank: 1474	27 KB
2	zemanta.com js-tag.zemanta.com — Cisco Umbrella Rank: 24440 p1.zemanta.com — Cisco Umbrella Rank: 16891	4 KB
2	cloudfront.net d16hdrba6dusey.cloudfront.net	28 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 946	44 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2245	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3062	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4345	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33796	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2771	399 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 505	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 912	225 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1128	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1425	877 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10064	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 703	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 419	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 711	341 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1131	163 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 693	315 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 414	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2777	163 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 662	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 374	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 712	809 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 368	235 B
1	amazonaws.com s3-us-west-2.amazonaws.com
1	klclick2.com 1 redirects trk.klclick2.com — Cisco Umbrella Rank: 28831	537 B
0	Failed function sub() { [native code] }. Failed
149	48

	Domain	Requested by
22	www.buyhvnsleep.com	www.buyhvnsleep.com
8	www.google.de
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	www.googletagmanager.com	www.buyhvnsleep.com www.googletagmanager.com www.google-analytics.com
7	ctrwow-commonstorage.azureedge.net	www.buyhvnsleep.com
7	fonts.googleapis.com	www.buyhvnsleep.com
6	salessupport.tryemanagecrm.com	www.buyhvnsleep.com d16hdrba6dusey.cloudfront.net
5	www.google.com
5	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	gum.criteo.com	3 redirects dynamic.criteo.com
4	tags.srv.stackadapt.com	www.buyhvnsleep.com tags.srv.stackadapt.com
4	fonts.gstatic.com	fonts.googleapis.com
3	ib.adnxs.com	2 redirects
3	bat.bing.com	www.buyhvnsleep.com bat.bing.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	region1.analytics.google.com	www.googletagmanager.com
3	ctrwow-prod-heatmapapi-microservice.azurewebsites.net	www.buyhvnsleep.com
2	trc-events.taboola.com	cdn.taboola.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	dis.criteo.com
2	ctrwow-prod-fingerprint-microservice.azurewebsites.net	d16hdrba6dusey.cloudfront.net
2	tr.outbrain.com	amplify.outbrain.com
2	e.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.clarity.ms	www.buyhvnsleep.com www.clarity.ms
2	d16hdrba6dusey.cloudfront.net	www.buyhvnsleep.com
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	hb.yahoo.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	d.adroll.com	s.adroll.com
1	trc.taboola.com	cdn.taboola.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	s.adroll.com	www.buyhvnsleep.com
1	p1.zemanta.com
1	wave.outbrain.com	amplify.outbrain.com
1	cdn.taboola.com	www.googletagmanager.com
1	js-tag.zemanta.com	www.buyhvnsleep.com
1	s3-us-west-2.amazonaws.com	www.buyhvnsleep.com
1	amplify.outbrain.com	www.buyhvnsleep.com
1	dynamic.criteo.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	trk.klclick2.com	1 redirects
0	truncated Failed
149	68

This site contains links to these domains. Also see Links.

Domain
www.ctrwow.com
www.kainero.com
www.dmca.com

Subject Issuer	Validity	Valid
buyhvnsleep.com Amazon RSA 2048 M02	`2023-06-12` - `2024-07-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 07	`2024-01-12` - `2025-01-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
salessupport.tryemanagecrm.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-11-29` - `2024-05-29`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2024-01-25` - `2024-06-27`	5 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-01-23` - `2024-12-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2024-02-12` - `2024-05-12`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Frame ID: 6F7C874E725596AE562C0A46BC2FA237
Requests: 121 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.buyhvnsleep.com&origin=onetag
Frame ID: 7901EDAF93F53C37FC611903D0D153ED
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Dv91qFcl5hICA-1u-MakhIYXp1UyfHtblxElLA&google_gid=CAESEF00dnUwMza7UdQbVBG0gwc&google_cver=1&google_ula=913071,0
Frame ID: 8762FAB522B23512E466EB905ACC4E89
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discover The NEW Thermo-Gel Mask That, Relieves Stress And Headache Pain In Seconds

Page URL History Show full URLs

https://trk.klclick2.com/ls/click?upn=yuyDycS1OrrAj3fl22OC-2BvqJnqPEY306xDPiLb2ZoQUJOBDiboygq32YryLrM... HTTP 302
https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_I... Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

149
Requests

95 %
HTTPS

36 %
IPv6

48
Domains

68
Subdomains

57
IPs

7
Countries

17244 kB
Transfer

19476 kB
Size

59
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ctrwow.com/?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ctr_cssid=4c92f6546da541ad81919b569b5c9983&ctr_io=2&ctr_ppid=6584d180c02c7010c09fc3f4&ctr_psid=65850047c02c7010c09fc3e9&ctr_ppu=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html
Title: CTRwow.com

Search URL Search Domain Scan URL

URL: https://www.kainero.com/?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ctr_cssid=4c92f6546da541ad81919b569b5c9983&ctr_io=2&ctr_ppid=6584d180c02c7010c09fc3f4&ctr_psid=65850047c02c7010c09fc3e9&ctr_ppu=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html
Title: Kainero

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ef1fadd9-e577-4b7f-ac63-515756019c06&refurl=https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html&ctr_cssid=4c92f6546da541ad81919b569b5c9983&ctr_io=2&ctr_ppid=6584d180c02c7010c09fc3f4&ctr_psid=65850047c02c7010c09fc3e9&ctr_ppu=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trk.klclick2.com/ls/click?upn=yuyDycS1OrrAj3fl22OC-2BvqJnqPEY306xDPiLb2ZoQUJOBDiboygq32YryLrMupvPwlkfA4mdiG9lTFv4u7I0f5dNH9zCAM2-2BxWaxdfeAf-2FBkQuVzOPOGkHJ03QappsZbMuOFmBH4ivY6VaFgwCCwHRavdmb7pnQDfweX-2F75IQcFAsayqUKI-2FWgBCvIL0ItlA43BW4jvyNW00evwKA3TndNdCUkbnx9TqSUGbGxb-2FOVQ9-2BoIcAE6eZAgdmfRzPBmPARg3IdF5DGK5VCQubCJ8pK2db7OB2zmpzNI9mbljmUpX-2FrfvHoNAodT2fDvbAN2l3Kq3GR42As12L1-2BnWj1LO1W1hmt-2BKjBZWA99BjcT2W77-2Fmgu90XJ6fTJptAR03rO-2FQOT-2FXUuCDAJJWwTM9CmdkaBxJLicl8ijL0yFORpXibLY-2BeH4fT2wnoQCfwUNUvm-2FEv7cQ61Kr2aKcz1ucaNhsBQTLRbhTPl2QzVeYybEK1pR5eZ8oVJDuoheRbe2Bb1cl1_kfZ8cLppmcXDuIHKWdMrLNGJfZkKCdEJM0EXY1OuYXG56gyGBm-2F9-2FKFQOYmAfUL-2BlE3mfdWjYvxDz8Xp-2F-2BWESKH4vELu8EwIE2r43-2FksqffrC8Rk82uoqoRKdPlmUD4MLUJ1chBBYOOOMA3swhPAweyjtVeLsg7VMxH5RBqadSW4tN-2BqMJpm4k5-2F026vKzAehRhpoTjCd80tQaHQ7GSW8t2bsJgoMfUVHEaor1vkEXn9yez-2Fr8lQ5XFGuRT4WBMYLcJm8k2MhX2C1srKiXiJjtGqfPki1RGLavWcq2bVTOcnpFKVjZiDr8OjFEBFGNil0YS-2FJl4gXeZv8q2zvTvU-2B0agC7q1RxXpJNQgxMascqLED6RrkTghPTI23RCeFUqCSYqkXUaAVxsVjSm2T9wd4W-2FO-2BbUHwAEbm-2BI-2BL474BNNehW9gKSHmfCiAWZIWkdCmQM2nnrST23rOwrO4lDDjfw-3D-3D HTTP 302
https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=63605D0538CB4B9EA88A2D3C5A4BC2FB&RedC=c.clarity.ms&MXFR=16490473B22561933E0C1057B6256FCB HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=63605D0538CB4B9EA88A2D3C5A4BC2FB&MUID=0FAE92A32D386462081C86872C386572

Request Chain 78

https://gum.criteo.com/sid/json?origin=onetag&domain=buyhvnsleep.com&sn=ChromeSyncframe&so=0&topUrl=www.buyhvnsleep.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=WiEhbHx5Q0VOdzNlcXdyeXRNVjUwOHBhQWJsOHg4Z3V2T0kxakhzWkpQTzBnc0xsSDl0cUtMaTdUSm9HOWhpZjJ2NFdSWnFrMUl3bUhldWtZY2hDdytBYkxLa3VhWDdmdzViTkFldU12R2UvQmt1WmpBVzREdjlEZXhPd2pBQWd4YlkvbXBTeFpYWkhBbWYwck1Cc1NNRGhOU0hkd1dlNGc4dm8zWDlxTE1EYTdWM01CZ2ViK2xQRFdJeDg3WDd5YkVMZFpFVFMzRHZXNmJKQk5JRGZDbWIxQVMwM0s2NXZoaDJpZ3lqajB2dHR6Q05UQllqUnNhbzR0WTIwTVhVL1ZRVnpDRmM4R25KcDlCemsyUWNIVTdQS0E2Qkttd1hXTHRGbFVIdUpiMDMrVTBJVT18&cppv=2

Request Chain 98

https://sslwidget.criteo.com/event?a=94161&v=5.21.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=29TVtV9QMmJyTmc0UjdQTVZlOXolMkJoa1ppWGlpUXM2SFlMOUwzb2R5a1ZWWDNWMGQlMkIxWTg2cmIxTG1oZnd4U0VIdm5lWTlCUGZiNTZFTGN5JTJCNGxnQWNCQmJsS3FlNDhkR3dDVU1kOUJGc1FqN1ljNjJwWjlXVFJMTkhsSkslMkI4dXlMd1klMkZrMGd0NE9LMVJQMDNodDBVZG8lMkJrVWclM0QlM0Q&tld=buyhvnsleep.com&dy=1&fu=https%253A%252F%252Fwww.buyhvnsleep.com%252Frelaxationmask%252Fen%252Fpre-1.html%253Frm%253D1%2526Affid%253D7214%2526s1%253DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%2526guid%253D%2526utm_source%253DKlaviyo%2526utm_medium%253Dcampaign%2526utm_campaign%253DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%2526utm_id%253D01HP1ARMVABY867N0D0XV0FZPT%2526_kx%253DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ceid=15729594-818d-492a-a81b-c07201cb1051&dtycbr=33524 HTTP 302
https://widget.us.criteo.com/event?a=94161&v=5.21.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=29TVtV9QMmJyTmc0UjdQTVZlOXolMkJoa1ppWGlpUXM2SFlMOUwzb2R5a1ZWWDNWMGQlMkIxWTg2cmIxTG1oZnd4U0VIdm5lWTlCUGZiNTZFTGN5JTJCNGxnQWNCQmJsS3FlNDhkR3dDVU1kOUJGc1FqN1ljNjJwWjlXVFJMTkhsSkslMkI4dXlMd1klMkZrMGd0NE9LMVJQMDNodDBVZG8lMkJrVWclM0QlM0Q&tld=buyhvnsleep.com&dy=1&fu=https%253A%252F%252Fwww.buyhvnsleep.com%252Frelaxationmask%252Fen%252Fpre-1.html%253Frm%253D1%2526Affid%253D7214%2526s1%253DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%2526guid%253D%2526utm_source%253DKlaviyo%2526utm_medium%253Dcampaign%2526utm_campaign%253DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%2526utm_id%253D01HP1ARMVABY867N0D0XV0FZPT%2526_kx%253DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ceid=15729594-818d-492a-a81b-c07201cb1051&dtycbr=33524

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Dv91qFcl5hICA-1u-MakhIYXp1UyfHtblxElLA&google_cm&google_hm=ay1EdjkxcUZjbDVoSUNBLTF1LU1ha2hJWVhwMVV5Zkh0Ymx4RWxMQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Dv91qFcl5hICA-1u-MakhIYXp1UyfHtblxElLA&google_gid=CAESEF00dnUwMza7UdQbVBG0gwc&google_cver=1&google_ula=913071,0

Request Chain 121

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6934748767707941749

Request Chain 131

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Cf5-pVcl5hICA-1u-MakhIYXp1U_FjCRkYk4Gg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Cf5-pVcl5hICA-1u-MakhIYXp1U_FjCRkYk4Gg&C=1

Request Chain 132

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=jajy44eoW3nqaQqcu0XX7JOajLHoRtDO HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=jajy44eoW3nqaQqcu0XX7JOajLHoRtDO

Request Chain 148

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=mlapw3rrVm5h6WAzX2Jc3QGNA0Y-GleA

149 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pre-1.html Show response
www.buyhvnsleep.com/relaxationmask/en/
Redirect Chain

https://trk.klclick2.com/ls/click?upn=yuyDycS1OrrAj3fl22OC-2BvqJnqPEY306xDPiLb2ZoQUJOBDiboygq32YryLrMupvPwlkfA4mdiG9lTFv4u7I0f5dNH9zCAM2-2BxWaxdfeAf-2FBkQuVzOPOGkHJ03QappsZbMuOFmBH4ivY6VaFgwCCwHRav...
https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_cam...

88 KB
19 KB

466ms
397ms

Document
text/html

2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82d0f8800a0fbb5b58b7fbc7cf496e92f456699ede2c89015c3eab1ab05a0425

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 13 Feb 2024 13:27:51 GMT
etag: W/"db8bd8ab35c8a26f5fd0185530dcaa72"
last-modified: Mon, 25 Dec 2023 09:38:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
x-amz-cf-id: jJF9-ZvPn_vWb4IjBWaETp41al6yggQlEY5OCZINE_vbkcBUtYvZwg==
x-amz-cf-pop: FRA60-P10
x-cache: Miss from cloudfront

Redirect headers

content-length: 415
content-type: text/html; charset=utf-8
date: Tue, 13 Feb 2024 13:27:49 GMT
location: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
server: nginx
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-id: _cvv5oEjXWZYaaXHOTAb_Gd8Y0aA-GThJXnlnGFEuLlvCRBzHJzaUg==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 175ms
65ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Requested by

Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 12:51:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 13:27:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
795 B 177ms
67ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d8816373e79b36a73f742630f33911aad150caf5d4c473ebe3379a02a42a72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 11:59:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 13:27:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1 KB 169ms
59ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77e0f499e9c7ac8ec5bcb8b54c4a50e71af8cf78223b542313f36f68559d9cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 13:13:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 13:27:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
933 B 178ms
68ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,600,700,800,900,1000&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4c4305efb932e6cab1cc3dface7a57ebfea397bf4c18e16b2ded8bd49edf0e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 13:27:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 13:27:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
766 B 172ms
63ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60069ed58329b14df22602af8d7838a66a19567ccbacd15923651bcc90d99eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 12:39:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 13:27:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
795 B 171ms
62ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d8816373e79b36a73f742630f33911aad150caf5d4c473ebe3379a02a42a72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 13:26:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 13:27:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
774 B 208ms
98ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ed38573be07ce34577aa012b351dcb5eb834d3d6da0ec9a3b468f8be2f96118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 13:22:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 13:27:50 GMT

GET
H2 200 modernizr-custom.js Show response
ctrwow-commonstorage.azureedge.net/common/js/ 4 KB
2 KB 59ms
9ms Script
text/javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrwow-commonstorage.azureedge.net/common/js/modernizr-custom.js?v=1703497080299
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8a34fefeaacfe1f612d64877d8b9cf5298c1096f90e25d3641ee99eb774200ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 13 Feb 2024 13:27:50 GMT
content-encoding: br
last-modified: Wed, 28 Jul 2021 04:44:13 GMT
vary: Accept-Encoding
x-azure-ref: 20240213T132750Z-1mmh9gftmt41f4mca2aavka52n00000002gg00000000uwpu
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 5622117a-a01e-0087-5c8b-557b10000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 64847108

GET
H2 200 jquery-3.4.1.min.js Show response
ctrwow-commonstorage.azureedge.net/common/js/ 86 KB
37 KB 59ms
9ms Script
text/javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrwow-commonstorage.azureedge.net/common/js/jquery-3.4.1.min.js?v=1703497080299
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 13 Feb 2024 13:27:50 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 04:45:19 GMT
vary: Accept-Encoding
x-azure-ref: 20240213T132750Z-1mmh9gftmt41f4mca2aavka52n00000002gg00000000uwpv
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 5621562d-a01e-0087-118a-557b10000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 64847108

GET
H2 200 blazy.min.js Show response
ctrwow-commonstorage.azureedge.net/common/js/ 5 KB
3 KB 60ms
9ms Script
text/javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrwow-commonstorage.azureedge.net/common/js/blazy.min.js?v=1703497080299
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 13 Feb 2024 13:27:50 GMT
content-encoding: br
last-modified: Fri, 08 May 2020 03:57:15 GMT
vary: Accept-Encoding
x-azure-ref: 20240213T132750Z-1mmh9gftmt41f4mca2aavka52n00000002gg00000000uwpw
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 562b1482-b01e-0032-4d63-5de802000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 64847108

GET
H2 200 ctrwowUtils-v3.0.0.min.js Show response
www.buyhvnsleep.com/relaxationmask/en/assets/js/ 44 KB
14 KB 11ms
11ms Script
text/javascript 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/ctrwowUtils-v3.0.0.min.js?v=1703497080299
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32bdd08725f282ec018eecc6b3c9946eda47ea30a822de54abb7482160c992c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
content-encoding: gzip
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:25:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52055
etag: W/"c087033b98b8bc3223686ca3da792f85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: _XNbD41ap1qT0BRqnE0sXZT3zbmyqmP4XfLbK2wfA5cZk88kw_d3WA==

GET
H2 200 pre-1.css
www.buyhvnsleep.com/relaxationmask/en/assets/css/ 47 KB
10 KB 8ms
8ms Stylesheet
text/css 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/css/pre-1.css?v=1703497080299
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48a0ff6e2202ad6c8d5b36900606fdb2be0c83709039b6f4d066704c8f7c5b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
content-encoding: gzip
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Mon, 25 Dec 2023 09:38:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52056
etag: W/"760afb5d07df5f12db151017029bb980"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: v22i18qNMHk3hVw-Ls323jP8Kxc4oNdeW3UPgfHCZaE7GTbJTGnINQ==

GET
H2 200 CTR_FP_TRACKING-v2.9.1.min.js Show response
www.buyhvnsleep.com/relaxationmask/en/assets/js/ 52 KB
15 KB 9ms
8ms Script
text/javascript 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/CTR_FP_TRACKING-v2.9.1.min.js?v=1703497080299
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c34c8e6b8eca5e0232001eeb9e02616d472f7b80c9453bfa3860b642b6b5224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
content-encoding: gzip
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:25:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52055
etag: W/"749b7e7f66282b5746c325d3128e35cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: jFXNAcJaL3t6wycZqG9LwvwvwttFZ9Jxjzu_33TWRRjgXcQanTpNcg==

GET
H2 200 ctr_heatmap_tracking-v1.9.0.min.js Show response
www.buyhvnsleep.com/relaxationmask/en/assets/js/ 17 KB
6 KB 10ms
10ms Script
text/javascript 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/ctr_heatmap_tracking-v1.9.0.min.js
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6c19f81e220e9a923b2b70ccbd4a0d9c87ca67d7f49afb966995cb9658d3cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
content-encoding: gzip
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Mon, 25 Dec 2023 09:38:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52055
etag: W/"3032a918b09e3dfdc994b814b9d315ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: 1z7dopuCvMQ958iwWffvqqCdehV2T3zUEb7aU4d4TohrkNarSSBxnA==

GET
H2 200 american-flag.png.webp
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/e029d07a-a20f-49c0-8070-bd57e8c27c95/ 1018 B
1 KB 12ms
12ms Image
image/webp 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/e029d07a-a20f-49c0-8070-bd57e8c27c95/american-flag.png.webp
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18d72a03c1531923968255be87a639a46e89b84e1cb86051dbf74939b954c3c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:26:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52056
etag: "c66047f1a5a07f50c79db6aba769d085"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 1018
x-amz-cf-id: 7E3uUKedhNUvCafo9EjcnVv0HbtDapYF8y7Qxg6JntPnjaNxtndhrw==

GET
H2 200 group-15-copy.png.webp
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/c1d2acae-c8ee-4569-8274-65d4aa3a1810/ 2 KB
2 KB 8ms
7ms Image
image/webp 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/c1d2acae-c8ee-4569-8274-65d4aa3a1810/group-15-copy.png.webp
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12626da943592f914a8061b29603f39f6f8d6e6eda5d1b4d8fc44ddd6342fe3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:26:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52056
etag: "bf5806adcc50806f7c6a665680e8b851"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 2080
x-amz-cf-id: YdMi2iv6XNEID1NdP_o3xVJPAhcO5L511JQ_xBDodOy4uXniZVXvpw==

GET
H2 200 icon-angle-left.svg
ctrwow-commonstorage.azureedge.net/public-assets/ctr-widgets/ 238 B
743 B 16ms
16ms Image
image/svg+xml 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctrwow-commonstorage.azureedge.net/public-assets/ctr-widgets/icon-angle-left.svg
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0b7470ef645892e80c56a879d68ed092aa6b39ea4c32e8b1fa31e1ef9f357cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Feb 2024 13:27:50 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 64847108
content-length: 238
x-ms-lease-status: unlocked
last-modified: Tue, 01 Dec 2020 02:52:16 GMT
etag: 0x8D895A41CAAD037
x-azure-ref: 20240213T132750Z-1mmh9gftmt41f4mca2aavka52n00000002gg00000000uwq4
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6878db54-401e-0019-141e-5e68ce000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 icon-angle-right.svg
ctrwow-commonstorage.azureedge.net/public-assets/ctr-widgets/ 235 B
740 B 16ms
15ms Image
image/svg+xml 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctrwow-commonstorage.azureedge.net/public-assets/ctr-widgets/icon-angle-right.svg
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8fa554aa85c3b2abb063f9aa1dd2c6a3473b8461cd7726f4665a9561d468fa3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Feb 2024 13:27:50 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 64847108
content-length: 235
x-ms-lease-status: unlocked
last-modified: Tue, 01 Dec 2020 02:52:15 GMT
etag: 0x8D895A41C110C40
x-azure-ref: 20240213T132750Z-1mmh9gftmt41f4mca2aavka52n00000002gg00000000uwq5
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1611f8f9-001e-0037-6c39-5e3ad9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 161ms
51ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buyhvnsleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:41:12 GMT
x-content-type-options: nosniff
age: 24398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 06:41:12 GMT

GET
H2 200 ico_stars2x.png
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/0a1a2463-323e-4782-a136-2a9105e9664c/ 2 KB
2 KB 9ms
8ms Image
image/png 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/0a1a2463-323e-4782-a136-2a9105e9664c/ico_stars2x.png?t=20230206T072632975
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33c7bdfeefe71f962fe908ae1465ca8c0f09f96b61d7fcd1a7997bcc958b7c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:26:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52055
etag: "36e33ea8ecdbcd21d97930bfebf9ced1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 1821
x-amz-cf-id: mPcHAQhwoo1npx47ssy54Pu_SOHyosUtiUw2U6_HuCwM8OtdHFnL8w==

GET
H2 200 ico_stars2x.png
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/0a1a2463-323e-4782-a136-2a9105e9664c/ 2 KB
2 KB 9ms
9ms Image
image/png 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/0a1a2463-323e-4782-a136-2a9105e9664c/ico_stars2x.png?t=20230510T080902841
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33c7bdfeefe71f962fe908ae1465ca8c0f09f96b61d7fcd1a7997bcc958b7c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:26:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52055
etag: "36e33ea8ecdbcd21d97930bfebf9ced1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 1821
x-amz-cf-id: 7273ys9O7bMReFSLjMCCMKghbih_hUgDsiwSleBVgjfq7ZRfnc3ASw==

GET
H2 200 4_5_star-2x.png.webp
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/21bb3646-3d2c-420d-9aee-b9d1a71e4547/ 2 KB
2 KB 11ms
11ms Image
image/webp 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/21bb3646-3d2c-420d-9aee-b9d1a71e4547/4_5_star-2x.png.webp
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e2b8c763e657fed0d9b2c65f1e4f17ccca3744d4d0a4e6aae54752c69254e23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:26:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52055
etag: "db9167d426ff1eaace5f11b1c03e4b3e"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 2020
x-amz-cf-id: Dsv_cWN-A-g7IYrq17-hhpDQF63m4X1LlTaVbhyW_9FwxMeWRLzahQ==

GET
H2 200 avd5f611c08d803886a54-1-.png.webp
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/9d532e88-09c9-4120-91c9-d81cdf42e6bf/ 2 KB
2 KB 10ms
10ms Image
image/webp 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/9d532e88-09c9-4120-91c9-d81cdf42e6bf/avd5f611c08d803886a54-1-.png.webp
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d177012c8305d48959aa5474d93fee2ebe172da133fa6a99c74c10252933b076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:25:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52055
etag: "876f2eb1b645577ee21abaea991ab378"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 1698
x-amz-cf-id: 9MinzJ7iaUylhpHL4-1mXEnWr_eagGC9bLOVkervo05HyoEeZQAN7Q==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e4b76c9cfe5991a9306599b42781fed27904951bc8ec1c080740b44b33eda4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bar-1-.webp
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/4814355f-3635-481d-bf4f-7d71d45fd6b3/ 1 KB
2 KB 9ms
8ms Image
image/webp 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/4814355f-3635-481d-bf4f-7d71d45fd6b3/bar-1-.webp?t=20231211T101343027
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/css/pre-1.css?v=1703497080299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27a340dfd1cde40899f76b2d09c199b7a4ed43ec71f054fdd00cfb3d6bfe99a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/assets/css/pre-1.css?v=1703497080299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:17 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:27:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52054
etag: "2015cad3ae0288d73f6ad8baf02646d5"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 1228
x-amz-cf-id: 6ygOYKtH07yAgAYtT_xa3MyTwpT3SxkLAh2VXdu4HcrDPoTdKewspw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 125ms
109ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buyhvnsleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:58:38 GMT
x-content-type-options: nosniff
age: 16152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:58:38 GMT

GET
H2 200 blueshift_wow_v1.js Show response
d16hdrba6dusey.cloudfront.net/sitecommon/js/components/ 46 KB
13 KB 466ms
431ms Script
application/javascript 2600:9000:2057:6a00:18:d154:1680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16hdrba6dusey.cloudfront.net/sitecommon/js/components/blueshift_wow_v1.js?v=1
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6a00:18:d154:1680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e21d134e89de1d7a4192a0e7f89bae823e3a5bcac0ed974996413717c16b173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:51 GMT
content-encoding: gzip
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 16:25:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
etag: W/"5be31bec71aa5a3ff517ce37b62ac846"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: osAOSfH8hvcJV-RAL7oUgo6Kl1GzbSaqV5k2XvP_F_JqdMcnIRnn1g==

GET
H2 200 pre-1.js Show response
www.buyhvnsleep.com/relaxationmask/en/assets/js/ 19 KB
6 KB 7ms
7ms Script
text/javascript 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/pre-1.js?v=1703497080299
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da8b5e5363d5097920f436e0997a4b77f46addefec95bb579e7e59d125f4621d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:15 GMT
content-encoding: gzip
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Mon, 25 Dec 2023 09:38:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52055
etag: W/"4e81f1ea069f8a5a228471363d73a066"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: opCy4WSsXuEuEytU0e0djhfmhKiwePdX99pU9jjrRPcFf-juuv04Tg==

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 27 KB
27 KB 152ms
152ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buyhvnsleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:50:28 GMT
x-content-type-options: nosniff
age: 16642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27812
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:50:28 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 9 KB
9 KB 171ms
171ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.buyhvnsleep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 17:35:13 GMT
x-content-type-options: nosniff
age: 71557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9512
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:58:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Feb 2025 17:35:13 GMT

OPTIONS
H/1.1 204
No Content location
salessupport.tryemanagecrm.com/api/campaigns/E372350F-7EE3-4E40-9B54-296118F843DB/customers/ Frame 0
0 703ms
160ms Preflight 40.64.128.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://salessupport.tryemanagecrm.com/api/campaigns/E372350F-7EE3-4E40-9B54-296118F843DB/customers/location
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.64.128.231 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x_cid
Access-Control-Request-Method: GET
Origin: https://www.buyhvnsleep.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,x_cid
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:51 GMT
Request-Context: appId=cid-v1:8c83788f-eb2e-428e-9db0-43b69c73d734
Server: Kestrel

OPTIONS
H/1.1 204
No Content location
salessupport.tryemanagecrm.com/api/campaigns/E372350F-7EE3-4E40-9B54-296118F843DB/customers/ Frame 0
0 722ms
176ms Preflight 40.64.128.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://salessupport.tryemanagecrm.com/api/campaigns/E372350F-7EE3-4E40-9B54-296118F843DB/customers/location
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.64.128.231 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x_cid
Access-Control-Request-Method: GET
Origin: https://www.buyhvnsleep.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,x_cid
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:51 GMT
Request-Context: appId=cid-v1:8c83788f-eb2e-428e-9db0-43b69c73d734
Server: Kestrel

GET
H/1.1 200
OK location Show response
salessupport.tryemanagecrm.com/api/campaigns/E372350F-7EE3-4E40-9B54-296118F843DB/customers/ 172 B
431 B 283ms
264ms Fetch
application/json 40.64.128.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://salessupport.tryemanagecrm.com/api/campaigns/E372350F-7EE3-4E40-9B54-296118F843DB/customers/location
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/ctrwowUtils-v3.0.0.min.js?v=1703497080299
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.64.128.231 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: fb78729ca9be439d0424ac1f9295fd573ed36a292982959bb743b26894512a21

Request headers

Referer: https://www.buyhvnsleep.com/
X_CID: 584ea331-0cd2-4c48-85d9-737f9dddfa0b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:51 GMT
Content-Type: application/json; charset=utf-8
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:8c83788f-eb2e-428e-9db0-43b69c73d734

GET
H/1.1 200
OK location Show response
salessupport.tryemanagecrm.com/api/campaigns/E372350F-7EE3-4E40-9B54-296118F843DB/customers/ 172 B
431 B 321ms
179ms Fetch
application/json 40.64.128.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://salessupport.tryemanagecrm.com/api/campaigns/E372350F-7EE3-4E40-9B54-296118F843DB/customers/location
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/ctrwowUtils-v3.0.0.min.js?v=1703497080299
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.64.128.231 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: fb78729ca9be439d0424ac1f9295fd573ed36a292982959bb743b26894512a21

Request headers

Referer: https://www.buyhvnsleep.com/
X_CID: 584ea331-0cd2-4c48-85d9-737f9dddfa0b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:51 GMT
Content-Type: application/json; charset=utf-8
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:8c83788f-eb2e-428e-9db0-43b69c73d734

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 368 KB
100 KB 199ms
81ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5W4SPMQ

Requested by

Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/pre-1.js?v=1703497080299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfcc499c4bb615325acd59819ea683a741c12153f8ec906cd79ee9b772b94b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102143
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Feb 2024 13:27:51 GMT

GET
H2 200 700x380.gif
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/fcd82f9a-a2c2-41c9-871c-3f4d42a8f2c7/ 3 MB
3 MB 9ms
8ms Image
image/gif 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/fcd82f9a-a2c2-41c9-871c-3f4d42a8f2c7/700x380.gif?t=20231222T082708003
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19ad4c8c98a1f908eba99a6cfa03a542c5092d84c967782857532fcfb18be5de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:19 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:25:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52053
etag: "cdb062f89037dd74097dabb6a772521b"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000
content-length: 3535019
x-amz-cf-id: zFISo2sT-pIUNDPSy1koR520LPijoBCq-YCSjGd_HnDg4je_lkQaFA==

GET
H2 200 700x400-2.gif
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/eab6ce20-3381-49ea-938d-877a0e7bdb83/ 2 MB
2 MB 37ms
36ms Image
image/gif 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/eab6ce20-3381-49ea-938d-877a0e7bdb83/700x400-2.gif?t=20231222T040031324
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d7215e66f358f719c5d4f2672e933cdd6a56e915ad75cc51b9897392ab8a863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:19 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:25:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52053
etag: "30cc08d5200dc8bf66562e5a1011989b"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000
content-length: 1827865
x-amz-cf-id: mIlgQryLB72YCwZ_hZSp6ARJQTSR2rbZk1qbql7qdoPaw5mnYiFwuA==

GET
H2 200 avatar.jpg
ctrwow-commonstorage.azureedge.net/public-assets/images/ 938 B
1 KB 23ms
23ms Image
image/jpeg 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctrwow-commonstorage.azureedge.net/public-assets/images/avatar.jpg
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ba0cbd39549226ac049eb60113c7764d6b30440405f8af452080e4f26d7f4b9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Feb 2024 13:27:51 GMT
x-cache: TCP_REMOTE_HIT
x-fd-int-roxy-purgeid: 64847108
content-length: 938
x-ms-lease-status: unlocked
last-modified: Thu, 22 Oct 2020 08:28:33 GMT
etag: 0x8D8766477172485
x-azure-ref: 20240213T132751Z-1mmh9gftmt41f4mca2aavka52n00000002gg00000000uws6
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: e3b09b62-001e-007a-046d-5ef535000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 5_stars.png
ctrwow-commonstorage.azureedge.net/public-assets/images/ 972 B
1 KB 30ms
30ms Image
image/png 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctrwow-commonstorage.azureedge.net/public-assets/images/5_stars.png
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 26a358d5c121671b6eaaec4807b0c84420d80dc524ee5909d9e9d143f0733be4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Feb 2024 13:27:51 GMT
x-cache: TCP_REMOTE_HIT
x-fd-int-roxy-purgeid: 64847108
content-length: 972
x-ms-lease-status: unlocked
last-modified: Thu, 22 Oct 2020 08:28:33 GMT
etag: 0x8D87664771639F2
x-azure-ref: 20240213T132751Z-1mmh9gftmt41f4mca2aavka52n00000002gg00000000uws7
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 9689a153-b01e-0050-6f6f-5e2a25000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 icon-flag.png
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/482129e8-f2e2-49df-acce-2c25577ffa9e/ 3 KB
4 KB 16ms
16ms Image
image/png 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/482129e8-f2e2-49df-acce-2c25577ffa9e/icon-flag.png?t=20230215T03163753
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: beb4a29e6a1f836bb4d511a80e8cdc6f7c2f939b68f5cdd8b4cab8d7762fc518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:19 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:26:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52053
etag: "00afdd4365ebe26a70970ee7021ced2a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 3285
x-amz-cf-id: -z9iq3xOFh1Jau7rbUVYD3rX9dAfrSi37umK8U5Z4mLdMogyjPpOAA==

GET
H2 200 att.png.webp
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/b0589213-dd8d-43e6-871d-21006f417432/ 896 B
1 KB 36ms
35ms Image
image/webp 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/b0589213-dd8d-43e6-871d-21006f417432/att.png.webp
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6993ed88be412edbc0a5171db01e19687dd091d389ebc108ae31955b6b718758

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:19 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:26:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52053
etag: "8a6188267393395a87953d64beea4f0b"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 896
x-amz-cf-id: bid145BvrMFintRjUPyKW8lMUA6GN1Ran8EcNbhlT-RQzcBL1JSKQg==

GET
H2 200 badge.png.webp
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/e6a448ad-2b04-4fae-ac8e-3fc7741f2d78/ 5 KB
5 KB 392ms
392ms Image
image/webp 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/e6a448ad-2b04-4fae-ac8e-3fc7741f2d78/badge.png.webp
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e62befaed82e1652ec89f6249cfae388dcb46ec06d73639330856ad414b8f6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
etag: "4a61febe1db75326848af00a4d757b0b"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 5058
x-amz-cf-id: OkhAikjBry-ldpqS8lzdMZTtZf5CwKSJfVc9BTwlNTPe-1YKu__s7Q==

GET
H2 200 bitmap.png.webp
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/1e799bdd-459d-4575-9e33-e93073a7d251/ 10 KB
11 KB 36ms
35ms Image
image/webp 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/1e799bdd-459d-4575-9e33-e93073a7d251/bitmap.png.webp
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30ad0a82b031eccca3e41c314eca3b74b4d474ff529764fa1ac9334a46d12cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:18 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:26:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52053
etag: "3cce6a38e55c996e3fa38eddac51936b"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 10696
x-amz-cf-id: y3Z_Rscc6u41Op8F7XPlcAmiQzvSmJlIYlgU4HcKC9dbLZtePmDpww==

GET
H2 200 ecqx4egfsd Show response
www.clarity.ms/tag/ 650 B
1014 B 122ms
99ms Script
application/x-javascript 2620:1ec:bdf::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ecqx4egfsd?ref=gtm2
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 496ad16213f26d020b2ff8c34ec5da65e78dd96f2be6e1199f65409c041c8cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: -1
date: Tue, 13 Feb 2024 13:27:51 GMT
x-azure-ref: 20240213T132751Z-7swt7yxyd16avf54kc2t529v6n0000000h60000000004pfk
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 15ms
15ms Script
application/javascript 2620:1ec:bdf::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ecqx4egfsd?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:51 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 14:33:55 GMT
etag: W/"0x8DC1CE97EB406F9"
vary: Accept-Encoding
x-azure-ref: 20240213T132751Z-7swt7yxyd16avf54kc2t529v6n0000000h60000000004pg1
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 53bd29fa-901e-0009-7069-576b08000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

OPTIONS
H/1.1 204
No Content settings
salessupport.tryemanagecrm.com/api/clients/ Frame 0
0 325ms
159ms Preflight 40.64.128.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://salessupport.tryemanagecrm.com/api/clients/settings
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.64.128.231 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x_cid
Access-Control-Request-Method: GET
Origin: https://www.buyhvnsleep.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Headers: x_cid
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:51 GMT
Request-Context: appId=cid-v1:8c83788f-eb2e-428e-9db0-43b69c73d734
Server: Kestrel

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 628 KB
129 KB 132ms
131ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGS7XT9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

870281d0ff0d7e95ac21f5926db670dc20228fd775b44b6965ac5406b1c588d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132176
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Feb 2024 13:27:51 GMT

GET
H/1.1 200
OK canTrack Show response
ctrwow-prod-heatmapapi-microservice.azurewebsites.net/api/ 4 B
348 B 1103ms
591ms Fetch
application/json 52.183.82.125

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrwow-prod-heatmapapi-microservice.azurewebsites.net/api/canTrack?sessionId=ctr_hm_ssid_1b175cf5-be0f-4eb4-967b-3c4102c69a92&siteId=65850047c02c7010c09fc3e9&pageId=6584d180c02c7010c09fc3f4&actionType=1&deviceType=3&v=2
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/ctr_heatmap_tracking-v1.9.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.183.82.125 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK canTrack Show response
ctrwow-prod-heatmapapi-microservice.azurewebsites.net/api/ 4 B
348 B 1167ms
649ms Fetch
application/json 52.183.82.125

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrwow-prod-heatmapapi-microservice.azurewebsites.net/api/canTrack?sessionId=ctr_hm_ssid_1b175cf5-be0f-4eb4-967b-3c4102c69a92&siteId=65850047c02c7010c09fc3e9&pageId=6584d180c02c7010c09fc3f4&actionType=2&deviceType=3&v=2
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/ctr_heatmap_tracking-v1.9.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.183.82.125 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK canTrack Show response
ctrwow-prod-heatmapapi-microservice.azurewebsites.net/api/ 4 B
343 B 1112ms
601ms Fetch
application/json 52.183.82.125

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrwow-prod-heatmapapi-microservice.azurewebsites.net/api/canTrack?sessionId=ctr_hm_ssid_1b175cf5-be0f-4eb4-967b-3c4102c69a92&siteId=65850047c02c7010c09fc3e9&pageId=6584d180c02c7010c09fc3f4&actionType=3&deviceType=3&v=2
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/ctr_heatmap_tracking-v1.9.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.183.82.125 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK settings Show response
salessupport.tryemanagecrm.com/api/clients/ 17 B
276 B 288ms
163ms Fetch
application/json 40.64.128.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://salessupport.tryemanagecrm.com/api/clients/settings
Requested by: Host: d16hdrba6dusey.cloudfront.net
URL: https://d16hdrba6dusey.cloudfront.net/sitecommon/js/components/blueshift_wow_v1.js?v=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.64.128.231 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 3178cccfc4bf1f0b0aa129a97af37f2f993dd171c10e26361c0072df46085cf8

Request headers

Referer: https://www.buyhvnsleep.com/
X_CID: 584ea331-0cd2-4c48-85d9-737f9dddfa0b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:52 GMT
Content-Type: application/json; charset=utf-8
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:8c83788f-eb2e-428e-9db0-43b69c73d734

GET truncated
/ 0
0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=63605D0538CB4B9EA88A2D3C5A4BC2FB&RedC=c.clarity.ms&MXFR=16490473B22561933E0C1057B6256FCB
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=63605D0538CB4B9EA88A2D3C5A4BC2FB&MUID=0FAE92A32D386462081C86872C386572

42 B
442 B

26ms
26ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=63605D0538CB4B9EA88A2D3C5A4BC2FB&MUID=0FAE92A32D386462081C86872C386572
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:50 GMT
last-modified: Fri, 09 Feb 2024 19:55:32 GMT
server: Microsoft-IIS/10.0
etag: "2155d7f0915bda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6941AE0832DE4B77BD8903A2E4DF792D Ref B: FRAEDGE1912 Ref C: 2024-02-13T13:27:51Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=63605D0538CB4B9EA88A2D3C5A4BC2FB&MUID=0FAE92A32D386462081C86872C386572
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 slide-3.gif
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/3732438b-4007-447a-a8e9-a3f7a09ea16e/ 3 MB
3 MB 9ms
8ms Image
image/gif 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/3732438b-4007-447a-a8e9-a3f7a09ea16e/slide-3.gif?t=20231222T040119192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 603921daa8429050a65d44dd4917f9f989591483b32b886027c0aff629995cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:27 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:25:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52045
etag: "cece89394254adf081639d12711d5445"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000
content-length: 2801467
x-amz-cf-id: hy89V-o7e1ONX59uRSizdNCbob3Sl9TWIJty2FGBdUtAx5JdBIjllQ==

GET
H2 200 slide-4.gif
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/a7ab8c20-6432-4493-b7da-d286e98a22e4/ 5 MB
5 MB 11ms
10ms Image
image/gif 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/a7ab8c20-6432-4493-b7da-d286e98a22e4/slide-4.gif?t=20231222T040141114
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fd619e6856513a7bc58ef35857636383c1370748c891fa9bf9cc92e9868803a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:36 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:25:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52036
etag: "1a19c7f9115022da974a3f639b57b58c"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000
content-length: 5101598
x-amz-cf-id: wdYWuMu7a_U7_RaBf71yjpZP6f16pWErscjHW3fiflSvDw0DCSMeHg==

GET
H2 200 360.gif
www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/f40f8a6e-e3d0-4fd3-8cb9-eb51a4dd5048/ 3 MB
3 MB 15ms
15ms Image
image/gif 2600:9000:2359:a800:10:781f:db40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/65850047c02c7010c09fc3e9/f40f8a6e-e3d0-4fd3-8cb9-eb51a4dd5048/360.gif?t=20231222T061019992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:a800:10:781f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41ef8bb96859ff16dee893b96baac265a68f02700db7bd817169e97373f17d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:00:27 GMT
via: 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 09:25:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 52045
etag: "cbc852fbfa06a34922a71d52d8aac9bf"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000
content-length: 3183531
x-amz-cf-id: XafhBVccX8RIN5lZu3MAYgducuLXs0u2JAFM0kvp94upj3KEbhrsbA==

GET
H2 200 ctrwow_analytics.v3.pro.min.js Show response
d16hdrba6dusey.cloudfront.net/sitecommon/js/commons/ 42 KB
16 KB 430ms
429ms Script
application/javascript 2600:9000:2057:6a00:18:d154:1680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16hdrba6dusey.cloudfront.net/sitecommon/js/commons/ctrwow_analytics.v3.pro.min.js
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/assets/js/CTR_FP_TRACKING-v2.9.1.min.js?v=1703497080299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6a00:18:d154:1680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5e2573d899dae45986c63bf1f8aa164ad2eeb2737ab84dae1999e777d3859c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
content-encoding: gzip
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 08:39:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
etag: W/"b3f370ee7e0449a09eac8b3d80b621e7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: OroMsYgRTH73ir5nKb3VXjRaGxt7S3KZXmseryB-xPsdnt0TmG20DA==

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
299 B 388ms
190ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.buyhvnsleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.buyhvnsleep.com
Date: Tue, 13 Feb 2024 13:27:52 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 114ms
114ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C62KZYZV02&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS7XT9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f12e17925a6daaa696e3bc3b63149e46dc8945a0adfe9614c53954328d72a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91887
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 13:27:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 92ms
92ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZHDG36RZV6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS7XT9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a138db0bf838772a4018f8e5a312df76fbe565eb356a34953a88c66220949c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91870
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 13:27:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-100889423-8

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS7XT9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2dc71b8200be4d9d60ed54514e1d8da3238cce592b409937dbffeae164667505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70856
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Feb 2024 13:27:51 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 52ms
17ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=94161

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W4SPMQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8bcf4b90aabfc6e5ceb608ffef92a079b00a0eb97e0ee5b5313087fe2e9129ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 25 KB
8 KB 32ms
8ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a97726c589e5815717fc54cdcb1dba2efeceb33bf6f414251ce9dc28211df7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 13:27:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2024 18:16:14 GMT
Server: AkamaiNetStorage
ETag: "59e631d50e9d0ff7ffbf3574ac29bad4:1707332481.569411"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7501
Expires: Tue, 13 Feb 2024 13:47:51 GMT

GET
H/1.1 403
Forbidden ge.js
s3-us-west-2.amazonaws.com/jsstore/a/V3VHJQZ/ 0
0 564ms
188ms Script
application/xml 52.218.235.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/jsstore/a/V3VHJQZ/ge.js
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.235.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 zcpt.js Show response
js-tag.zemanta.com/ 8 KB
3 KB 65ms
27ms Script
application/javascript 2606:4700:10::6816:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-tag.zemanta.com/zcpt.js
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 08:53:31 GMT
server: cloudflare
x-amz-request-id: GGEWXRYSWVHVWQ5Q
age: 1984
etag: W/"6376a488d713d6cf8cf3d1ebfb5e6361"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 854d69451ee52bc1-FRA
x-amz-id-2: NB5cWilfF7mB2+gAIdDkBvwvVnudAMAep6S1cGhWlU8ISgkeHb9NR/8LHw9OSk+keKcIRmtOV1A=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 158ms
50ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS7XT9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Feb 2024 11:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5982
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 13 Feb 2024 13:48:09 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1371373/ 69 KB
22 KB 388ms
368ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1371373/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS7XT9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59e52718d1812ef0c9afa1cb3662c1faeff9f4275109b0835b54574fab42a3a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: prvLqbgIGQqpNzb4Fyp.0zqvMqSwy4Sm
content-encoding: gzip
via: 1.1 varnish
date: Tue, 13 Feb 2024 13:27:52 GMT
x-amz-request-id: RWB3FQ83BRAFAN2N
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-amz-replication-status: COMPLETED
content-length: 21519
x-amz-id-2: XCiM7dh3VttQAaltyiG2jOspDruvTXslGdau4rCl+g0FDn/vPUnHvW+TcKotZgSIs1xdSPXA1P8=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Tue, 13 Feb 2024 11:35:04 GMT
server: AmazonS3
x-timer: S1707830872.841360,VS0,VE360
etag: "cef54dcbfc964a18da87b954b5e7bcc7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 64
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 121ms
99ms Script
text/javascript 35.157.153.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.153.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-153-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a7c57ef03bd48938d9d44c242c7031b02aca8a598db266d61d805eb92bc246f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 13:27:51 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
321 B 509ms
166ms Ping
image/gif 64.74.236.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=01481573651640793&referrer=&cht=gtm&marketerId=007bbe6fb75e0c8a228c5f57aa0b6d715e&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.74.236.223 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 13:27:52 GMT
Cache-Control: no-cache
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: f80b817e8794717fb48733e530bf686c
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 460ms
118ms Script
application/javascript 64.74.236.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=007bbe6fb75e0c8a228c5f57aa0b6d715e

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.74.236.223 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 13:27:52 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: cdabad504db082e2e8f1fa014ed6b8aa
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 007bbe6fb75e0c8a228c5f57aa0b6d715e Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 42ms
10ms Script
text/html 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/007bbe6fb75e0c8a228c5f57aa0b6d715e

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-237-86.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Tue, 13 Feb 2024 13:27:51 GMT
ob-sent-time: 1707817892512
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: ee452a2a7bf6b61d2477471dffd91204
Content-Length: 22
Expires: Tue, 13 Feb 2024 13:28:51 GMT

GET
H2 200 /
p1.zemanta.com/v2/p/js/59150/PAGE_VIEW/ 26 B
168 B 363ms
345ms Image
image/gif 2606:4700:10::6816:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p1.zemanta.com/v2/p/js/59150/PAGE_VIEW/?bust=05706424791112774&optOut=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
x-robots-tag: none
cf-ray: 854d69456f692bc1-FRA
content-length: 26

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/6RH4GNU4H5EEBJTOBMYFBN/ 88 KB
26 KB 601ms
585ms Script
text/javascript 2600:9000:2644:9400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/6RH4GNU4H5EEBJTOBMYFBN/roundtrip.js
Requested by: Host: www.buyhvnsleep.com
URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 984b5e7a0e02fd168d34f4d8a0792a613ec8f5213c079f8f57308e035d08a1e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

X-Amz-Version-Id: FC9eep0LRJkwB3ukNljx0kmRgQz_alYp
Content-Encoding: gzip
Via: 1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
Date: Tue, 13 Feb 2024 13:27:53 GMT
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 11:38:46 GMT
Server: AmazonS3
Etag: W/"fa6ec5b478db4d083bf6bd226c0c3e37"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: T7-6hlMk1IQnh1wsYaF3ZqrOT0tBriWqjgW-1HjBAIVnypOd1hIJ6Q==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7901 14 KB
6 KB 44ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.buyhvnsleep.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=94161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buyhvnsleep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 13:27:51 GMT
server: Kestrel
server-processing-duration-in-ticks: 464484
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7901
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=buyhvnsleep.com&sn=ChromeSyncframe&so=0&topUrl=www.buyhvnsleep.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=WiEhbHx5Q0VOdzNlcXdyeXRNVjUwOHBhQWJsOHg4Z3V2T0kxakhzWkpQTzBnc0xsSDl0cUtMaTdUSm9HOWhpZjJ2NFdSWnFrMUl3bUhldWtZY2hDdytBYkxLa3VhWDdmdzViTkFldU12R2UvQmt1WmpBVzREdjlEZXhPd2...

436 B
658 B

15ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=WiEhbHx5Q0VOdzNlcXdyeXRNVjUwOHBhQWJsOHg4Z3V2T0kxakhzWkpQTzBnc0xsSDl0cUtMaTdUSm9HOWhpZjJ2NFdSWnFrMUl3bUhldWtZY2hDdytBYkxLa3VhWDdmdzViTkFldU12R2UvQmt1WmpBVzREdjlEZXhPd2pBQWd4YlkvbXBTeFpYWkhBbWYwck1Cc1NNRGhOU0hkd1dlNGc4dm8zWDlxTE1EYTdWM01CZ2ViK2xQRFdJeDg3WDd5YkVMZFpFVFMzRHZXNmJKQk5JRGZDbWIxQVMwM0s2NXZoaDJpZ3lqajB2dHR6Q05UQllqUnNhbzR0WTIwTVhVL1ZRVnpDRmM4R25KcDlCemsyUWNIVTdQS0E2Qkttd1hXTHRGbFVIdUpiMDMrVTBJVT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a3ef497a627dea93c9106c7abb8946a218dca4d5fde39adedcdcee0733661f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1243755
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=WiEhbHx5Q0VOdzNlcXdyeXRNVjUwOHBhQWJsOHg4Z3V2T0kxakhzWkpQTzBnc0xsSDl0cUtMaTdUSm9HOWhpZjJ2NFdSWnFrMUl3bUhldWtZY2hDdytBYkxLa3VhWDdmdzViTkFldU12R2UvQmt1WmpBVzREdjlEZXhPd2pBQWd4YlkvbXBTeFpYWkhBbWYwck1Cc1NNRGhOU0hkd1dlNGc4dm8zWDlxTE1EYTdWM01CZ2ViK2xQRFdJeDg3WDd5YkVMZFpFVFMzRHZXNmJKQk5JRGZDbWIxQVMwM0s2NXZoaDJpZ3lqajB2dHR6Q05UQllqUnNhbzR0WTIwTVhVL1ZRVnpDRmM4R25KcDlCemsyUWNIVTdQS0E2Qkttd1hXTHRGbFVIdUpiMDMrVTBJVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 260016
content-length: 0
expires: 0

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 97ms
97ms Stylesheet
text/css 35.157.153.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.153.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-153-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1fa7c9d4bf82e27db8fedc6aca9626db45378330343fae98e03f3a417dc082b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 13:27:52 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 111ms
98ms Fetch
image/jpeg 35.157.153.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.153.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-153-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 13:27:52 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 12:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 13 Feb 2024 13:59:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
84 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L0G2DZB0WQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100889423-8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d03c7683e6ded6eaf655e0ab858322a94ddcc9178d9144b7189d073b782242c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 13:27:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100889423-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Feb 2024 11:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5983
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 13 Feb 2024 13:48:09 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 101ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZHDG36RZV6&gtm=45je4270v876509292z877890127za200&_p=1707830871084&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=38488506.1707830872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707830872&sct=1&seg=0&dl=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&dt=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&en=page_view&_fv=1&_ss=1&tfd=2412
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHDG36RZV6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buyhvnsleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 158ms
53ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZHDG36RZV6&cid=38488506.1707830872&gtm=45je4270v876509292z877890127za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHDG36RZV6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buyhvnsleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 204ms
95ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZHDG36RZV6&cid=38488506.1707830872&gtm=45je4270v876509292z877890127za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1771769593

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 88ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C62KZYZV02&gtm=45je4270v876509291z877890127za200&_p=1707830871084&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=38488506.1707830872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707830872&sct=1&seg=0&dl=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&dt=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&en=page_view&_fv=1&_ss=1&tfd=2427
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C62KZYZV02&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buyhvnsleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 55ms
54ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C62KZYZV02&cid=38488506.1707830872&gtm=45je4270v876509291z877890127za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C62KZYZV02&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buyhvnsleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 103ms
96ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C62KZYZV02&cid=38488506.1707830872&gtm=45je4270v876509291z877890127za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=695500327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 59ms
58ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1743445300&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ul=en-us&de=UTF-8&dt=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EE%20Funnel&ea=Step%201&el=Presale&_u=aGBAAEALAAAAACAMI~&jid=1958442974&gjid=1222420522&cid=38488506.1707830872&tid=UA-100889423-8&_gid=2144960117.1707830872&_r=1&_slc=1&gtm=45He4270n81KGS7XT9v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cos=1&pa=checkout&z=1324789706

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5329a0c48b6125dc3f078560db807f674494a9535c371a4d558c992662f066e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhvnsleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buyhvnsleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 59ms
59ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1743445300&t=pageview&_s=1&dl=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ul=en-us&de=UTF-8&dt=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUALBAAAACAMI~&jid=24760072&gjid=1556961614&cid=38488506.1707830872&tid=UA-100889423-8&_gid=2144960117.1707830872&_r=1&gtm=457e4270za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=1490109819

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhvnsleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buyhvnsleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 51ms
51ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1743445300&t=pageview&_s=1&dl=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ul=en-us&de=UTF-8&dt=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEALBAAAACAMI~&jid=&gjid=&cid=38488506.1707830872&tid=UA-100889423-8&_gid=2144960117.1707830872&gtm=45He4270n81KGS7XT9v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=473986283

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 09:03:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15844
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
290 B 99ms
99ms XHR
text/plain 35.157.153.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=frH6Zv-P4UO8hspB0TVBMw&is_js=true&landing_url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&t=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&tip=TU1IZUqj2cMF91GoYNsUeNtIIaW8Xh_AGiwKtf-coD8&host=https%3A%2F%2Fwww.buyhvnsleep.com&sa_conv_data_css_value=%270-ccab654c-28a0-5f8d-57dc-6f0903a7a810%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9ccab654c28a05f8d57dc6f0903a7a810b9d59ba6&sa-user-id-v3=s%253AAQAKIGgMcpJ3_M-DDlkKRDKdUaJpmVjXdUXPx_Z22sQsWzKiEHwYBCDX3K2uBjABOgRZmQvUQgS2dVdj.pmphufI90z9Y62JPWggiJrfyjk3Jcf1R6tarmrsZl%252Bk&sa-user-id-v2=s%253AzKtlTCigX41X3G8JA6eoELnVm6Y.vAxJ7euQzhvnZf73577eZMVthmqiniipTZyrpMC%252BO98&sa-user-id=s%253A0-ccab654c-28a0-5f8d-57dc-6f0903a7a810.C2dRO2xMvLyCExnB5Nc%252BJ4Icsg5poloolTUoGX0NHdg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.153.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-153-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: https://www.buyhvnsleep.com
date: Tue, 13 Feb 2024 13:27:52 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

POST
H/1.1 200
OK CreateLogHttpTrigger
ctrwow-prod-fingerprint-microservice.azurewebsites.net/api/ 0
359 B 829ms
326ms Ping
text/plain 52.183.82.125

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrwow-prod-fingerprint-microservice.azurewebsites.net/api/CreateLogHttpTrigger?code=X52ZQaDTSiyjsN334TNPrE34ReCoFvTXh7l0v8fT2knldk1LpP1fYw==&trackingId=65850047c02c7010c09fc3e9
Requested by: Host: d16hdrba6dusey.cloudfront.net
URL: https://d16hdrba6dusey.cloudfront.net/sitecommon/js/commons/ctrwow_analytics.v3.pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.183.82.125 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.buyhvnsleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:52 GMT
Content-Encoding: gzip
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10839183216/ 4 KB
2 KB 198ms
88ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10839183216/?random=1707830872230&cv=11&fst=1707830872230&bg=ffffff&guid=ON&async=1&gtm=45He4270v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&hn=www.googleadservices.com&frm=0&tiba=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&npa=0&pscdl=noapi&auid=858997475.1707830871&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS7XT9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54254406349001f2ee37097f1eb0b48030bf579ab55f1bbb320f46d983cb2ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1558
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11213247482/ 4 KB
2 KB 185ms
90ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11213247482/?random=1707830872232&cv=11&fst=1707830872232&bg=ffffff&guid=ON&async=1&gtm=45He4270v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&hn=www.googleadservices.com&frm=0&tiba=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&npa=0&pscdl=noapi&auid=858997475.1707830871&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS7XT9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b5986a28359128b09103bf9d41275a864ca6dd73e5e61845bc628c9228ec17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1555
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 13 Feb 2024 13:27:51 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9AEAC38D119248D5A31F193D47C478E6 Ref B: FRAEDGE1912 Ref C: 2024-02-13T13:27:52Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=94161&v=5.21.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=29TVtV9QMmJyTmc0UjdQTVZlOXolMkJoa1ppWGlpUXM2SFlMOUwzb2R5...
https://widget.us.criteo.com/event?a=94161&v=5.21.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=29TVtV9QMmJyTmc0UjdQTVZlOXolMkJoa1ppWGlpUXM2SFlMOUwzb2R5...

10 KB
5 KB

305ms
109ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=94161&v=5.21.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=29TVtV9QMmJyTmc0UjdQTVZlOXolMkJoa1ppWGlpUXM2SFlMOUwzb2R5a1ZWWDNWMGQlMkIxWTg2cmIxTG1oZnd4U0VIdm5lWTlCUGZiNTZFTGN5JTJCNGxnQWNCQmJsS3FlNDhkR3dDVU1kOUJGc1FqN1ljNjJwWjlXVFJMTkhsSkslMkI4dXlMd1klMkZrMGd0NE9LMVJQMDNodDBVZG8lMkJrVWclM0QlM0Q&tld=buyhvnsleep.com&dy=1&fu=https%253A%252F%252Fwww.buyhvnsleep.com%252Frelaxationmask%252Fen%252Fpre-1.html%253Frm%253D1%2526Affid%253D7214%2526s1%253DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%2526guid%253D%2526utm_source%253DKlaviyo%2526utm_medium%253Dcampaign%2526utm_campaign%253DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%2526utm_id%253D01HP1ARMVABY867N0D0XV0FZPT%2526_kx%253DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ceid=15729594-818d-492a-a81b-c07201cb1051&dtycbr=33524

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7042d0a2fcc93a0c5122960d8edcc0c43f6b18ea40a48012b9e3943e99549c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13860673
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=94161&v=5.21.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=29TVtV9QMmJyTmc0UjdQTVZlOXolMkJoa1ppWGlpUXM2SFlMOUwzb2R5a1ZWWDNWMGQlMkIxWTg2cmIxTG1oZnd4U0VIdm5lWTlCUGZiNTZFTGN5JTJCNGxnQWNCQmJsS3FlNDhkR3dDVU1kOUJGc1FqN1ljNjJwWjlXVFJMTkhsSkslMkI4dXlMd1klMkZrMGd0NE9LMVJQMDNodDBVZG8lMkJrVWclM0QlM0Q&tld=buyhvnsleep.com&dy=1&fu=https%253A%252F%252Fwww.buyhvnsleep.com%252Frelaxationmask%252Fen%252Fpre-1.html%253Frm%253D1%2526Affid%253D7214%2526s1%253DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%2526guid%253D%2526utm_source%253DKlaviyo%2526utm_medium%253Dcampaign%2526utm_campaign%253DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%2526utm_id%253D01HP1ARMVABY867N0D0XV0FZPT%2526_kx%253DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ceid=15729594-818d-492a-a81b-c07201cb1051&dtycbr=33524
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11909604
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 51ms
51ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1743445300&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ul=en-us&de=UTF-8&dt=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Based%20Events&ea=Presale&el=Offer%20&_u=aGDACUALBAAAACAMI~&jid=&gjid=&cid=38488506.1707830872&tid=UA-100889423-8&_gid=2144960117.1707830872&gtm=45He4270n81KGS7XT9v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=565430302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 09:03:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15844
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK CreateFunctionHttpTrigger
ctrwow-prod-fingerprint-microservice.azurewebsites.net/api/ 0
359 B 746ms
266ms Ping
text/plain 52.183.82.125

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrwow-prod-fingerprint-microservice.azurewebsites.net/api/CreateFunctionHttpTrigger?code=UaJqPA9RGvefKokk5Jt6CXObgyELuRwSLvpiGFZi6FtD//RXEBzcIg==&trackingId=65850047c02c7010c09fc3e9
Requested by: Host: d16hdrba6dusey.cloudfront.net
URL: https://d16hdrba6dusey.cloudfront.net/sitecommon/js/commons/ctrwow_analytics.v3.pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.183.82.125 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.buyhvnsleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2024 13:27:52 GMT
Content-Encoding: gzip
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 53ms
53ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100889423-8&cid=38488506.1707830872&jid=1958442974&gjid=1222420522&_gid=2144960117.1707830872&_u=aGBAAEAKAAAAACAMI~&z=109577078

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhvnsleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buyhvnsleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
86 KB 77ms
77ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L0G2DZB0WQ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fc4486a75e83ce4f62672ba1834ec875000253af2b5b35f4acb8e8176bdcec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87842
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 13:27:52 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 53ms
53ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100889423-8&cid=38488506.1707830872&jid=24760072&gjid=1556961614&_gid=2144960117.1707830872&_u=aGDACUALBAAAACAMI~&z=277082317

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhvnsleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buyhvnsleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1371373/trc/3/ 2 KB
2 KB 39ms
28ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1371373/trc/3/json?tim=1707830872257&data=%7B%22id%22%3A443%2C%22ii%22%3A%22%2Frelaxationmask%2Fen%2Fpre-1.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1707830872254%2C%22cv%22%3A%2220240213-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Ddfo-globalperformance-chrisrohrer2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1707830872257%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1371373/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ab66c735764efb78972b6f291bf809fe2cbea9e24a1100260deffef95f6a658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-vcl-time-ms: 22
date: Tue, 13 Feb 2024 13:27:52 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.3009375
x-fastly-to-nlb-rtt: 7403
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230110-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1707830872.325387,VS0,VE22
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 37ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-L0G2DZB0WQ&gtm=45je4270v9126218040za200&_p=1707830871084&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=38488506.1707830872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707830872&sct=1&seg=0&dl=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&dt=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&en=page_view&_fv=1&_ss=1&tfd=2588
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L0G2DZB0WQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buyhvnsleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 54ms
53ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L0G2DZB0WQ&cid=38488506.1707830872&gtm=45je4270v9126218040za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L0G2DZB0WQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buyhvnsleep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 86ms
85ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L0G2DZB0WQ&cid=38488506.1707830872&gtm=45je4270v9126218040za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1033109168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 27005394.js Show response
bat.bing.com/p/action/ 0
117 B 33ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27005394.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 13 Feb 2024 13:27:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B53483DB6BF4708B9E921F6FD662E58 Ref B: FRAEDGE1912 Ref C: 2024-02-13T13:27:52Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
280 B 81ms
80ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27005394&Ver=2&mid=51f99cdf-daca-4b8b-986e-1928dfe3932e&sid=b04dd6d0ca7311ee94f46b8861bccbad&vid=b04dd2f0ca7311ee86dcef7a070e13dc&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That,%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&p=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&r=&lt=1923&evt=pageLoad&sv=1&rn=14931

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Feb 2024 13:27:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CDBAB5C222F04DD49CF4988C39B70498 Ref B: FRAEDGE1912 Ref C: 2024-02-13T13:27:52Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 200ms
90ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100889423-8&cid=38488506.1707830872&jid=1958442974&_u=aGBAAEAKAAAAACAMI~&z=69958805

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 85ms
84ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100889423-8&cid=38488506.1707830872&jid=1958442974&_u=aGBAAEAKAAAAACAMI~&z=69958805

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 193ms
88ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100889423-8&cid=38488506.1707830872&jid=24760072&_u=aGDACUALBAAAACAMI~&z=1182174228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 85ms
84ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100889423-8&cid=38488506.1707830872&jid=24760072&_u=aGDACUALBAAAACAMI~&z=1182174228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10839183216/ 42 B
455 B 68ms
63ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10839183216/?random=1707830872230&cv=11&fst=1707829200000&bg=ffffff&guid=ON&async=1&gtm=45He4270v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&frm=0&tiba=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_I8GG-WTv6nPZmmAB0rxLdtiXSV6nLA&random=3894875585&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10839183216/ 42 B
108 B 64ms
63ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10839183216/?random=1707830872230&cv=11&fst=1707829200000&bg=ffffff&guid=ON&async=1&gtm=45He4270v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&frm=0&tiba=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_I8GG-WTv6nPZmmAB0rxLdtiXSV6nLA&random=3894875585&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11213247482/ 42 B
108 B 68ms
63ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11213247482/?random=1707830872232&cv=11&fst=1707829200000&bg=ffffff&guid=ON&async=1&gtm=45He4270v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&frm=0&tiba=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_llRshfU0ucMT5V4OI4zrJ9lUl9zZ9Q&random=828004163&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11213247482/ 42 B
154 B 62ms
62ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11213247482/?random=1707830872232&cv=11&fst=1707829200000&bg=ffffff&guid=ON&async=1&gtm=45He4270v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&frm=0&tiba=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_llRshfU0ucMT5V4OI4zrJ9lUl9zZ9Q&random=828004163&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6RH4GNU4H5EEBJTOBMYFBN Show response
d.adroll.com/consent/check/ 506 B
599 B 115ms
31ms Script
application/javascript 2a05:d018:cc3:fe05:4950:969e:f5eb:f7a7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/6RH4GNU4H5EEBJTOBMYFBN?pv=80590055787.53136&arrfrr=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&_s=126e23db750908708af6106af4a5448c&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/6RH4GNU4H5EEBJTOBMYFBN/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:4950:969e:f5eb:f7a7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: c8b141b9730b7cfd7c6f95b563d1fed9fa06132a3ca350b17addfb9d44d96280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
server: nginx/1.22.1
content-length: 506
content-type: application/javascript

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 8762
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Dv91qFcl5hICA-1u-MakhIYXp1UyfHtblxElLA&google_cm&google_hm=ay1EdjkxcUZjbDVoSUNBLTF1LU1ha2hJWVhwMVV5Zkh0Y...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Dv91qFcl5hICA-1u-MakhIYXp1UyfHtblxElLA&google_gid=CAESEF00dnUwMza7UdQbVBG0gwc&google_cver=1&google_ula=913071,0

43 B
369 B

16ms
16ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Dv91qFcl5hICA-1u-MakhIYXp1UyfHtblxElLA&google_gid=CAESEF00dnUwMza7UdQbVBG0gwc&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 673337
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Dv91qFcl5hICA-1u-MakhIYXp1UyfHtblxElLA&google_gid=CAESEF00dnUwMza7UdQbVBG0gwc&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 8762 43 B
235 B 65ms
17ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-eGQNHVcl5hICA-1u-MakhIYXp1WHoEfC0pHa5g&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 13:27:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 8762
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6934748767707941749

43 B
370 B

17ms
16ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6934748767707941749

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1480243
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
an-x-request-uuid: eccb8bcd-b8e4-4e33-8279-ffcfb2b84d6e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6934748767707941749
x-proxy-origin: 185.213.155.166; 185.213.155.166; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 8762 53 B
809 B 72ms
37ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-VQ7QFVcl5hICA-1u-MakhIYXp1V21MU9ZjIOtA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 13:27:52 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 53
x-mnet-hl2: E
expires: Tue, 13 Feb 2024 13:27:52 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 8762 0
239 B 40ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-XemdzVcl5hICA-1u-MakhIYXp1U_KOD4qzFkfw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 8762 43 B
163 B 51ms
14ms Image
image/gif 81.17.55.173
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-4rb_zFcl5hICA-1u-MakhIYXp1XpEwMF_lf4bg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8762 0
99 B 68ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-b0t0-Fcl5hICA-1u-MakhIYXp1Up1mlRzN6h3g
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13233

GET
H2 200 um
criteo-sync.teads.tv/ Frame 8762 23 B
163 B 69ms
38ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-DnM_xlcl5hICA-1u-MakhIYXp1VHzCtxSAvUNQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Tue, 13 Feb 2024 13:27:52 GMT
pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 8762 37 B
140 B 30ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-o5LLRlcl5hICA-1u-MakhIYXp1VEgecKeX_nnw&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
hb.yahoo.net/ Frame 8762 52 B
315 B 147ms
111ms Image
image/gif 23.48.23.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k--4r9AFcl5hICA-1u-MakhIYXp1WNmKKL4suNdA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-67.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Tue, 13 Feb 2024 13:27:52 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 52
x-mnet-hl2: E
expires: Tue, 13 Feb 2024 13:27:52 GMT

GET
H2 200 pixel
cm.adform.net/ Frame 8762 43 B
163 B 83ms
23ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-9AVQyVcl5hICA-1u-MakhIYXp1XbRyOxDVL4Kg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
accept-ranges: bytes
etag: "63720ff2-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 8762 49 B
341 B 63ms
16ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-V2Kd3lcl5hICA-1u-MakhIYXp1WfCaYWvMtzqg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 8762
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Cf5-pVcl5hICA-1u-MakhIYXp1U_FjCRkYk4Gg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Cf5-pVcl5hICA-1u-MakhIYXp1U_FjCRkYk4Gg&C=1

43 B
327 B

23ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Cf5-pVcl5hICA-1u-MakhIYXp1U_FjCRkYk4Gg&C=1
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Es%2FKIHrDpP3DrAZ5dr6jgY3DXrpRxqG%2FwtkqAqYD7tIXZBUQr8E7VT50oJag2kg84UDUdTKIarqqAYQQSyuU5IeTc%2Bsc92h3%2FCJVeJX3mN2ia3rhkEFe%2BVnwgKUsmA4blFIQ"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 854d694afc50bbd7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viPf%2Fl9z8jlYnVOZHpR9%2Fp%2Bk5r8wpZVP%2BOOmNAFjZg4DQa0uDwz6h1cLFh%2BpKPmbjWKurJSAeX9Iw5L23JAteLmEh4b0%2BiPxba57ny2HzPu0FHYgXQrd1oAnuuYmzhns0A07"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-Cf5-pVcl5hICA-1u-MakhIYXp1U_FjCRkYk4Gg&C=1
cache-control: no-cache
cf-ray: 854d694acc1fbbd7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 8762
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=jajy44eoW3nqaQqcu0XX7JOajLHoRtDO
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=jajy44eoW3nqaQqcu0XX7JOajLHoRtDO

42 B
721 B

31ms
31ms

Image
image/gif

54.74.195.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=jajy44eoW3nqaQqcu0XX7JOajLHoRtDO

Protocol

Server

54.74.195.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-74-195-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

dcs: dcscanary-prod-irl1-1-v067-0bdddab1a.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: xCH0b6tDTBM=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-0000ed5b8.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: baU+A+ExT4A=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=jajy44eoW3nqaQqcu0XX7JOajLHoRtDO
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 8762 43 B
1 KB 35ms
12ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-gH1_U1cl5hICA-1u-MakhIYXp1XGBwow0s4hSQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 13 Feb 2024 13:27:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame 8762 43 B
199 B 103ms
28ms Image
image/gif 63.33.84.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-uNol0lcl5hICA-1u-MakhIYXp1WaaFbaf64HRQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.33.84.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-84-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 13:27:52 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 8762 42 B
265 B 55ms
20ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-SPLiTlcl5hICA-1u-MakhIYXp1WgwR_aZQYxsQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 8762 0
877 B 33ms
9ms Image
text/html 52.28.59.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-UGNc_1cl5hICA-1u-MakhIYXp1V9Hpn1yX2Gcg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.59.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-59-154.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 8762 43 B
423 B 539ms
176ms Image
image/gif 52.27.218.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-jPGgsFcl5hICA-1u-MakhIYXp1VEuTNp0nBD0w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.27.218.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-27-218-113.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:53 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 8762 0
218 B 460ms
118ms Image
text/plain 64.74.236.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Y7NmbFcl5hICA-1u-MakhIYXp1X5HatQhi8p2Q&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.74.236.223 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 13:27:53 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 2699311fe9b48f27853496ca5310b119
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 8762 0
225 B 48ms
14ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-7ILkAlcl5hICA-1u-MakhIYXp1WZ2vzgo-TOFw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 13 Feb 2024 13:27:51 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 8762 0
35 B 38ms
8ms Image
text/plain 18.194.51.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-EqsCoVcl5hICA-1u-MakhIYXp1XlXdKSRTMKPw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.51.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-51-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 8762 43 B
399 B 328ms
106ms Image
image/gif 2600:1f18:612b:4232:fd61:1a55:4e4a:dab1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-1IC5kVcl5hICA-1u-MakhIYXp1V7BrzTTLAyKw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:fd61:1a55:4e4a:dab1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 13 Feb 2024 13:27:53 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 8762 43 B
153 B 92ms
32ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-rmquhVcl5hICA-1u-MakhIYXp1UmcjuEs1uOeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 13:27:52 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 8762 0
235 B 40ms
18ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-Ac34CFcl5hICA-1u-MakhIYXp1Uid-KvapGsQQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 13:27:52 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 12 Feb 2024 13:27:52 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 8762 0
38 B 136ms
34ms Image
text/plain 52.49.220.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-43agIVcl5hICA-1u-MakhIYXp1VOdz3KbOpGvA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.220.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-220-129.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 8762 0
44 B 28ms
6ms Image
text/plain 54.93.131.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-tljkzFcl5hICA-1u-MakhIYXp1Wg1kbFRQTUQQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.131.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-131-135.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
server: awselb/2.0

GET
H2 200 setuid
ib.adnxs.com/ Frame 8762 43 B
1 KB 14ms
14ms Image
image/gif 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-HRZc_lcl5hICA-1u-MakhIYXp1XxPUqYj3Dvhg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:52 GMT
an-x-request-uuid: 355cabca-729b-4e62-bb2d-ca0c1fbeda7d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.166; 185.213.155.166; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
299 B 99ms
98ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.buyhvnsleep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.buyhvnsleep.com
Date: Tue, 13 Feb 2024 13:27:52 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 8762
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=mlapw3rrVm5h6WAzX2Jc3QGNA0Y-GleA

0
44 B

105ms
26ms

Image
text/plain

54.194.187.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=mlapw3rrVm5h6WAzX2Jc3QGNA0Y-GleA
Protocol: H2
Server: 54.194.187.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-187-215.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:52 GMT
server: awselb/2.0

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=mlapw3rrVm5h6WAzX2Jc3QGNA0Y-GleA
date: Tue, 13 Feb 2024 13:27:51 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 769312
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1371373/log/3/ 0
249 B 23ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1371373/log/3/unip?en=pre_d_eng_tb&tos=1551&scd=0&ssd=1&est=1707830872256&ver=36&isls=true&src=i&invt=1500&msa=7434&rv=1&tim=1707830873807&vi=1707830872254&ri=d3d20688199622b06dc60afabab16277&ref=null&cv=20240213-6-RELEASE&item-url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1371373/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: https://www.buyhvnsleep.com
pragma: no-cache
date: Tue, 13 Feb 2024 13:27:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/764471366/ 4 KB
2 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/764471366/?random=1707830874816&cv=11&fst=1707830874816&bg=ffffff&guid=ON&async=1&gtm=45He4270v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&hn=www.googleadservices.com&frm=0&tiba=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&userId=4ea47adb469605fbd3a0aed7042b912b&npa=0&pscdl=noapi&auid=858997475.1707830871&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGS7XT9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d77964ca853fa760e4a19e9e8efb3e942d8f9ef04396039a051d118fadf01208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1606
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/764471366/ 42 B
108 B 65ms
65ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/764471366/?random=1707830874816&cv=11&fst=1707829200000&bg=ffffff&guid=ON&async=1&gtm=45He4270v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&frm=0&tiba=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&userId=4ea47adb469605fbd3a0aed7042b912b&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_rjS5cbchHyP1KhUGMXGuNRN8uPi30W_8yrNcgQOy2xFJAGWK&random=565366328&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/764471366/ 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/764471366/?random=1707830874816&cv=11&fst=1707829200000&bg=ffffff&guid=ON&async=1&gtm=45He4270v77890127za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&frm=0&tiba=Discover%20The%20NEW%20Thermo-Gel%20Mask%20That%2C%20Relieves%20Stress%20And%20Headache%20Pain%20In%20Seconds&userId=4ea47adb469605fbd3a0aed7042b912b&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_rjS5cbchHyP1KhUGMXGuNRN8uPi30W_8yrNcgQOy2xFJAGWK&random=565366328&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:27:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1371373/log/3/ 0
249 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1371373/log/3/unip?en=pre_d_eng_tb&tos=4552&scd=0&ssd=1&est=1707830872256&ver=36&isls=true&src=i&invt=3000&msa=7434&rv=1&tim=1707830876808&vi=1707830872254&ri=d3d20688199622b06dc60afabab16277&ref=null&cv=20240213-6-RELEASE&item-url=https%3A%2F%2Fwww.buyhvnsleep.com%2Frelaxationmask%2Fen%2Fpre-1.html%3Frm%3D1%26Affid%3D7214%26s1%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26guid%3D%26utm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3DEmail_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo%26utm_id%3D01HP1ARMVABY867N0D0XV0FZPT%26_kx%3DvmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1371373/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buyhvnsleep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: https://www.buyhvnsleep.com
pragma: no-cache
date: Tue, 13 Feb 2024 13:27:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.buyhvnsleep.com/	1970-01-20 20:33:26	Name: _gcl_au Value: 1.1.858997475.1707830871
www.clarity.ms/	1970-01-21 03:09:26	Name: CLID Value: 88d7602782cc4803a9504ee72a39d77f.20240213.20250212
.buyhvnsleep.com/	1970-01-21 03:09:26	Name: _clck Value: 1ilee95%7C2%7Cfj8%7C0%7C1504
.bing.com/	1970-01-21 03:45:26	Name: MUID Value: 0FAE92A32D386462081C86872C386572
.c.bing.com/	1970-01-20 18:33:55	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:45:26	Name: SRM_B Value: 0FAE92A32D386462081C86872C386572
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:45:26	Name: MUID Value: 0FAE92A32D386462081C86872C386572
.c.clarity.ms/	1970-01-20 18:33:55	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:23:51	Name: ANONCHK Value: 0
.criteo.com/	1970-01-21 03:45:26	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:45:26	Name: uid Value: 6e32084e-8488-45fe-91fd-e15fdae52c72
tags.srv.stackadapt.com/	1970-01-21 03:09:26	Name: sa-user-id Value: s%3A0-ccab654c-28a0-5f8d-57dc-6f0903a7a810.C2dRO2xMvLyCExnB5Nc%2BJ4Icsg5poloolTUoGX0NHdg
.srv.stackadapt.com/	1970-01-21 03:09:26	Name: sa-user-id Value: s%3A0-ccab654c-28a0-5f8d-57dc-6f0903a7a810.C2dRO2xMvLyCExnB5Nc%2BJ4Icsg5poloolTUoGX0NHdg
tags.srv.stackadapt.com/	1970-01-21 03:09:26	Name: sa-user-id-v2 Value: s%3AzKtlTCigX41X3G8JA6eoELnVm6Y.vAxJ7euQzhvnZf73577eZMVthmqiniipTZyrpMC%2BO98
.srv.stackadapt.com/	1970-01-21 03:09:26	Name: sa-user-id-v2 Value: s%3AzKtlTCigX41X3G8JA6eoELnVm6Y.vAxJ7euQzhvnZf73577eZMVthmqiniipTZyrpMC%2BO98
tags.srv.stackadapt.com/	1970-01-21 03:09:26	Name: sa-user-id-v3 Value: s%3AAQAKIGgMcpJ3_M-DDlkKRDKdUaJpmVjXdUXPx_Z22sQsWzKiEHwYBCDX3K2uBjABOgRZmQvUQgS2dVdj.pmphufI90z9Y62JPWggiJrfyjk3Jcf1R6tarmrsZl%2Bk
.srv.stackadapt.com/	1970-01-21 03:09:26	Name: sa-user-id-v3 Value: s%3AAQAKIGgMcpJ3_M-DDlkKRDKdUaJpmVjXdUXPx_Z22sQsWzKiEHwYBCDX3K2uBjABOgRZmQvUQgS2dVdj.pmphufI90z9Y62JPWggiJrfyjk3Jcf1R6tarmrsZl%2Bk
www.buyhvnsleep.com/	1970-01-21 03:09:26	Name: sa-user-id Value: s%253A0-ccab654c-28a0-5f8d-57dc-6f0903a7a810.C2dRO2xMvLyCExnB5Nc%252BJ4Icsg5poloolTUoGX0NHdg
www.buyhvnsleep.com/	1970-01-21 03:09:26	Name: sa-user-id-v2 Value: s%253AzKtlTCigX41X3G8JA6eoELnVm6Y.vAxJ7euQzhvnZf73577eZMVthmqiniipTZyrpMC%252BO98
www.buyhvnsleep.com/	1970-01-21 03:09:26	Name: sa-user-id-v3 Value: s%253AAQAKIGgMcpJ3_M-DDlkKRDKdUaJpmVjXdUXPx_Z22sQsWzKiEHwYBCDX3K2uBjABOgRZmQvUQgS2dVdj.pmphufI90z9Y62JPWggiJrfyjk3Jcf1R6tarmrsZl%252Bk
.buyhvnsleep.com/	1970-01-21 03:53:14	Name: cto_bundle Value: 29TVtV9QMmJyTmc0UjdQTVZlOXolMkJoa1ppWGlpUXM2SFlMOUwzb2R5a1ZWWDNWMGQlMkIxWTg2cmIxTG1oZnd4U0VIdm5lWTlCUGZiNTZFTGN5JTJCNGxnQWNCQmJsS3FlNDhkR3dDVU1kOUJGc1FqN1ljNjJwWjlXVFJMTkhsSkslMkI4dXlMd1klMkZrMGd0NE9LMVJQMDNodDBVZG8lMkJrVWclM0QlM0Q
.buyhvnsleep.com/	1970-01-20 18:25:17	Name: _gid Value: GA1.2.2144960117.1707830872
.buyhvnsleep.com/	1970-01-20 18:25:17	Name: _clsk Value: xweu8f%7C1707830872078%7C1%7C1%7Ce.clarity.ms%2Fcollect
.buyhvnsleep.com/	1970-01-20 18:23:50	Name: _gat_UA-100889423-8 Value: 1
.buyhvnsleep.com/	1970-01-20 18:23:50	Name: _gat_gtag_UA_100889423_8 Value: 1
www.buyhvnsleep.com/	1970-01-21 03:59:50	Name: d_ctr_cid Value: 4ea47adb469605fbd3a0aed7042b912b
www.buyhvnsleep.com/	1970-01-20 18:23:52	Name: d_ctr_sid65850047c02c7010c09fc3e9 Value: 65850047c02c7010c09fc3e9.1707830872223.996850052
.buyhvnsleep.com/	1970-01-21 03:59:50	Name: _ga_ZHDG36RZV6 Value: GS1.1.1707830872.1.0.1707830872.60.0.0
.buyhvnsleep.com/	1970-01-21 03:59:50	Name: _ga_C62KZYZV02 Value: GS1.1.1707830872.1.0.1707830872.60.0.0
.buyhvnsleep.com/	1970-01-21 03:59:50	Name: _ga_L0G2DZB0WQ Value: GS1.1.1707830872.1.0.1707830872.60.0.0
.buyhvnsleep.com/	1970-01-21 03:59:50	Name: _ga Value: GA1.1.38488506.1707830872
.buyhvnsleep.com/	1970-01-20 18:25:17	Name: _uetsid Value: b04dd6d0ca7311ee94f46b8861bccbad
.buyhvnsleep.com/	1970-01-21 03:45:26	Name: _uetvid Value: b04dd2f0ca7311ee86dcef7a070e13dc
www.buyhvnsleep.com/	1970-01-20 18:23:51	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1707830872313%7D
.bing.com/	1970-01-21 03:45:26	Name: MSPTC Value: 1d0pmEAq4mtjFSWpjqFGvbtMfEU2qv8-S9BjxKvnVIA
.ctrwow-prod-analytics-socketserver.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: f876f0251de5bb35a4b27562621fb78ceed6c3d9d576d6bfdf05ba1f561a3569
.adnxs.com/	1970-01-20 20:33:26	Name: XANDR_PANID Value: wdFhg98xu_5M4b2O5kv_SKwBar3Tuq_08r1TBU0UgKSFeEuzHK2qi8cppxg1q_Ls6Fn07wjIR6kTr9Mef6-5eTmKnVX33TmlFAhms277Aug.
.adnxs.com/	1970-01-21 03:59:50	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:33:26	Name: uuid2 Value: 6934748767707941749
.media.net/	1970-01-21 03:09:26	Name: visitor-id Value: 3508324728397464000V10
.media.net/	1970-01-20 19:07:02	Name: data-c-ts Value: 1707830872
.media.net/	1970-01-20 19:07:02	Name: data-c Value: k-VQ7QFVcl5hICA-1u-MakhIYXp1V21MU9ZjIOtA~~3
.adnxs.com/	1970-01-20 20:33:26	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GTspRyBs!]tbPl@/D!9hy6]/CwgI0s:8D0XX7dui>=k@E9.5diH64K^bC3ZXf9_sS<^kZP/HC2[ds`LqLobpRzqF1`bc.@+h%K9
.casalemedia.com/	1970-01-21 03:09:26	Name: CMID Value: ZctuWLmqPDsAAAXMAHIUGwAA
.casalemedia.com/	1970-01-20 20:33:26	Name: CMPS Value: 1128
.casalemedia.com/	1970-01-20 20:33:26	Name: CMPRO Value: 1128
.demdex.net/	1970-01-20 22:43:02	Name: demdex Value: 41569234334504226893184348726598500647
.omnitagjs.com/	1970-01-20 19:07:02	Name: ayl_visitor Value: d988210629a903b2a52d92090e048fff
.doubleclick.net/	1970-01-21 03:45:26	Name: IDE Value: AHWqTUk6otMvqIel-UJawNjhZfHqHu8GxjanouGtXRXypTZpqOGTGQ441eg53kq5uDw
exchange.mediavine.com/	1970-01-20 18:44:00	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22b09c09d0-ca73-11ee-92b8-4fe525c46022%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:44:00	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22b09c09d0-ca73-11ee-92b8-4fe525c46022%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:44:00	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22b09c09d0-ca73-11ee-92b8-4fe525c46022%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:44:00	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22b09c09d0-ca73-11ee-92b8-4fe525c46022%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:44:00	Name: criteo Value: %7B%22id%22%3A%22k-UGNc_1cl5hICA-1u-MakhIYXp1V9Hpn1yX2Gcg%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/	1970-01-20 22:43:02	Name: dpm Value: 41569234334504226893184348726598500647
.tremorhub.com/	1970-01-21 03:09:47	Name: tvid Value: 84aaba1c305248099bbb3118cdb60bfb
.tremorhub.com/	1970-01-20 19:07:02	Name: tv_UICR Value: k-1IC5kVcl5hICA-1u-MakhIYXp1V7BrzTTLAyKw
.postrelease.com/	1970-01-21 03:09:26	Name: opt_out Value: 1

93 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: data:image/svg+xml;base64 Message: Failed to load resource: net::ERR_INVALID_URL
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s3-us-west-2.amazonaws.com/jsstore/a/V3VHJQZ/ge.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.buyhvnsleep.com/relaxationmask/en/pre-1.html?rm=1&Affid=7214&s1=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&guid=&utm_source=Klaviyo&utm_medium=campaign&utm_campaign=Email_HVNSleepMask_EN_7214_Internal_DFOGPC_GPC_OTS_2024Feb12_Klaviyo&utm_id=01HP1ARMVABY867N0D0XV0FZPT&_kx=vmGqQ_VpIDVZVODrjuUoIM52kPrSs_az0f2LQZZPDoo.TufT7Q Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
amplify.outbrain.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.taboola.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ctrwow-commonstorage.azureedge.net
ctrwow-prod-fingerprint-microservice.azurewebsites.net
ctrwow-prod-heatmapapi-microservice.azurewebsites.net
d.adroll.com
d16hdrba6dusey.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e.clarity.ms
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
js-tag.zemanta.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
p1.zemanta.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.adroll.com
s3-us-west-2.amazonaws.com
salessupport.tryemanagecrm.com
simage2.pubmatic.com
sslwidget.criteo.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tags.srv.stackadapt.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
trk.klclick2.com
truncated
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.buyhvnsleep.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
truncated
13.248.245.213
141.226.228.48
142.250.186.66
151.101.129.44
162.19.138.116
172.64.151.101
178.250.1.9
18.194.51.83
184.30.20.22
185.255.84.152
185.89.211.84
198.47.127.205
2.16.97.41
20.62.48.180
2001:4860:4802:34::36
23.35.237.75
23.35.237.86
23.48.23.67
2600:1f18:612b:4232:fd61:1a55:4e4a:dab1
2600:9000:2057:6a00:18:d154:1680:21
2600:9000:2251:a800:15:1199:2d80:93a1
2600:9000:2359:a800:10:781f:db40:93a1
2600:9000:2644:9400:6:9280:1080:93a1
2606:4700:10::6816:72d
2620:1ec:46::60
2620:1ec:bdf::62
2620:1ec:c11::200
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
2a02:2638:3::c
2a02:2638:3::e
2a05:d018:cc3:fe05:4950:969e:f5eb:f7a7
34.117.157.22
35.157.153.226
35.214.149.91
37.157.6.233
40.64.128.231
52.183.82.125
52.218.235.88
52.27.218.113
52.28.59.154
52.49.220.129
54.194.187.215
54.74.195.22
54.93.131.135
63.33.84.84
64.74.236.223
68.219.88.97
69.173.144.138
74.119.119.150
81.17.55.173
85.215.5.31
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b5986a28359128b09103bf9d41275a864ca6dd73e5e61845bc628c9228ec17
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b7470ef645892e80c56a879d68ed092aa6b39ea4c32e8b1fa31e1ef9f357cac
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
12626da943592f914a8061b29603f39f6f8d6e6eda5d1b4d8fc44ddd6342fe3e
18d72a03c1531923968255be87a639a46e89b84e1cb86051dbf74939b954c3c4
19ad4c8c98a1f908eba99a6cfa03a542c5092d84c967782857532fcfb18be5de
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e4b76c9cfe5991a9306599b42781fed27904951bc8ec1c080740b44b33eda4f
1ed38573be07ce34577aa012b351dcb5eb834d3d6da0ec9a3b468f8be2f96118
1f12e17925a6daaa696e3bc3b63149e46dc8945a0adfe9614c53954328d72a2c
1fa7c9d4bf82e27db8fedc6aca9626db45378330343fae98e03f3a417dc082b6
26a358d5c121671b6eaaec4807b0c84420d80dc524ee5909d9e9d143f0733be4
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
27a340dfd1cde40899f76b2d09c199b7a4ed43ec71f054fdd00cfb3d6bfe99a9
2dc71b8200be4d9d60ed54514e1d8da3238cce592b409937dbffeae164667505
30ad0a82b031eccca3e41c314eca3b74b4d474ff529764fa1ac9334a46d12cb0
3178cccfc4bf1f0b0aa129a97af37f2f993dd171c10e26361c0072df46085cf8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bdd08725f282ec018eecc6b3c9946eda47ea30a822de54abb7482160c992c2
33c7bdfeefe71f962fe908ae1465ca8c0f09f96b61d7fcd1a7997bcc958b7c1b
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d8816373e79b36a73f742630f33911aad150caf5d4c473ebe3379a02a42a72b
3e21d134e89de1d7a4192a0e7f89bae823e3a5bcac0ed974996413717c16b173
41ef8bb96859ff16dee893b96baac265a68f02700db7bd817169e97373f17d8d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a0ff6e2202ad6c8d5b36900606fdb2be0c83709039b6f4d066704c8f7c5b0f
496ad16213f26d020b2ff8c34ec5da65e78dd96f2be6e1199f65409c041c8cd3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2b8c763e657fed0d9b2c65f1e4f17ccca3744d4d0a4e6aae54752c69254e23
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5329a0c48b6125dc3f078560db807f674494a9535c371a4d558c992662f066e0
54254406349001f2ee37097f1eb0b48030bf579ab55f1bbb320f46d983cb2ab9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
59e52718d1812ef0c9afa1cb3662c1faeff9f4275109b0835b54574fab42a3a6
5d7215e66f358f719c5d4f2672e933cdd6a56e915ad75cc51b9897392ab8a863
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
60069ed58329b14df22602af8d7838a66a19567ccbacd15923651bcc90d99eb0
603921daa8429050a65d44dd4917f9f989591483b32b886027c0aff629995cda
6993ed88be412edbc0a5171db01e19687dd091d389ebc108ae31955b6b718758
6ab66c735764efb78972b6f291bf809fe2cbea9e24a1100260deffef95f6a658
6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
6fc4486a75e83ce4f62672ba1834ec875000253af2b5b35f4acb8e8176bdcec7
6fd619e6856513a7bc58ef35857636383c1370748c891fa9bf9cc92e9868803a
7042d0a2fcc93a0c5122960d8edcc0c43f6b18ea40a48012b9e3943e99549c90
77e0f499e9c7ac8ec5bcb8b54c4a50e71af8cf78223b542313f36f68559d9cc9
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
82d0f8800a0fbb5b58b7fbc7cf496e92f456699ede2c89015c3eab1ab05a0425
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
870281d0ff0d7e95ac21f5926db670dc20228fd775b44b6965ac5406b1c588d5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a138db0bf838772a4018f8e5a312df76fbe565eb356a34953a88c66220949c6
8a34fefeaacfe1f612d64877d8b9cf5298c1096f90e25d3641ee99eb774200ad
8bcf4b90aabfc6e5ceb608ffef92a079b00a0eb97e0ee5b5313087fe2e9129ef
8fa554aa85c3b2abb063f9aa1dd2c6a3473b8461cd7726f4665a9561d468fa3c
984b5e7a0e02fd168d34f4d8a0792a613ec8f5213c079f8f57308e035d08a1e6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c34c8e6b8eca5e0232001eeb9e02616d472f7b80c9453bfa3860b642b6b5224
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3ef497a627dea93c9106c7abb8946a218dca4d5fde39adedcdcee0733661f90
a5e2573d899dae45986c63bf1f8aa164ad2eeb2737ab84dae1999e777d3859c8
a6c19f81e220e9a923b2b70ccbd4a0d9c87ca67d7f49afb966995cb9658d3cfc
a7c57ef03bd48938d9d44c242c7031b02aca8a598db266d61d805eb92bc246f7
a97726c589e5815717fc54cdcb1dba2efeceb33bf6f414251ce9dc28211df7c4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
ba0cbd39549226ac049eb60113c7764d6b30440405f8af452080e4f26d7f4b9f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
beb4a29e6a1f836bb4d511a80e8cdc6f7c2f939b68f5cdd8b4cab8d7762fc518
c8b141b9730b7cfd7c6f95b563d1fed9fa06132a3ca350b17addfb9d44d96280
ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d03c7683e6ded6eaf655e0ab858322a94ddcc9178d9144b7189d073b782242c9
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d177012c8305d48959aa5474d93fee2ebe172da133fa6a99c74c10252933b076
d4c4305efb932e6cab1cc3dface7a57ebfea397bf4c18e16b2ded8bd49edf0e2
d77964ca853fa760e4a19e9e8efb3e942d8f9ef04396039a051d118fadf01208
da8b5e5363d5097920f436e0997a4b77f46addefec95bb579e7e59d125f4621d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfcc499c4bb615325acd59819ea683a741c12153f8ec906cd79ee9b772b94b91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62befaed82e1652ec89f6249cfae388dcb46ec06d73639330856ad414b8f6c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb78729ca9be439d0424ac1f9295fd573ed36a292982959bb743b26894512a21
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

www.buyhvnsleep.com Open in urlscan Pro 2600:9000:2359:a800:10:781f:db40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

149 Requests

95 %HTTPS

36 %IPv6

48 Domains

68 Subdomains

57 IPs

7 Countries

17244 kBTransfer

19476 kBSize

59 Cookies

3 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.buyhvnsleep.com Open in urlscan Pro
2600:9000:2359:a800:10:781f:db40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

95 %
HTTPS

36 %
IPv6

48
Domains

68
Subdomains

57
IPs

7
Countries

17244 kB
Transfer

19476 kB
Size

59
Cookies

149 HTTP transactions
6 data transactions