get.underweark.com Open in urlscan Pro
2606:4700:3035::6815:14d7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nmg.soundestlink.com/link/656f17cb1958b1153e6abb22/656e8c88aa4c95a4c8a23ebb/64e031c67c1e7231d35ca1b9?signature=da1df8...
Effective URL:
https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A...
Submission: On December 05 via manual (December 5th 2023, 1:41:51 pm UTC) from US — Scanned from DE

Summary HTTP 110 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 110 HTTP transactions. The main IP is 2606:4700:3035::6815:14d7, located in United States and belongs to CLOUDFLARENET, US. The main domain is get.underweark.com.
TLS certificate: Issued by GTS CA 1P5 on October 27th 2023. Valid for: 3 months.

This is the only time get.underweark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:440... 2606:4700:4400::ac40:914e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3035::6815:14d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
16	2600:9000:225... 2600:9000:225e:1e00:1a:f135:a7c0:21	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2.19.85.55 2.19.85.55	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2.19.120.27 2.19.120.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	70.42.32.255 70.42.32.255	13789 (INTERNAP-...) (INTERNAP-BLK3)
11	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:46::60 2620:1ec:46::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
110	17

1 2606:4700:4400::ac40:914e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nmg.soundestlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::6815:14d7 (United States)

ASN13335 (CLOUDFLARENET, US)

get.underweark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:225e:1e00:1a:f135:a7c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1y4tm6t3pzfj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.85.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-85-55.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.120.27 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-120-27.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	cloudfront.net d1y4tm6t3pzfj.cloudfront.net	4 MB
13	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	930 KB
11	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	354 B
11	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	405 KB
9	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	737 B
8	google.de www.google.de — Cisco Umbrella Rank: 6765	937 B
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	42 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 t.clarity.ms — Cisco Umbrella Rank: 7201 c.clarity.ms — Cisco Umbrella Rank: 1377	28 KB
7	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2795 tr.outbrain.com — Cisco Umbrella Rank: 2619 wave.outbrain.com — Cisco Umbrella Rank: 2771	10 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	146 KB
5	underweark.com get.underweark.com	96 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 329 c.bing.com — Cisco Umbrella Rank: 228	16 KB
1	soundestlink.com 1 redirects nmg.soundestlink.com	311 B
110	14

	Domain	Requested by
16	d1y4tm6t3pzfj.cloudfront.net	get.underweark.com
13	www.googletagmanager.com	get.underweark.com www.googletagmanager.com
11	www.facebook.com	get.underweark.com
11	connect.facebook.net	get.underweark.com connect.facebook.net
9	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
8	www.google.de	get.underweark.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	analytics.tiktok.com	get.underweark.com analytics.tiktok.com
5	get.underweark.com	get.underweark.com
4	www.google.com	get.underweark.com
4	region1.analytics.google.com	www.googletagmanager.com
3	t.clarity.ms	www.clarity.ms
3	wave.outbrain.com	amplify.outbrain.com
3	tr.outbrain.com	amplify.outbrain.com
3	bat.bing.com	get.underweark.com bat.bing.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
1	c.bing.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	amplify.outbrain.com	get.underweark.com
1	nmg.soundestlink.com	1 redirects
110	21

This site contains no links.

Subject Issuer	Validity	Valid
underweark.com GTS CA 1P5	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Frame ID: F2FD77490D5BD68FD1C358D385330D68
Requests: 110 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Be Careful of Tight Shoes! Millions Are Snapping up These Wide Toe Box Sneakers！

Page URL History Show full URLs

https://nmg.soundestlink.com/link/656f17cb1958b1153e6abb22/656e8c88aa4c95a4c8a23ebb/64e031c67c1e7231d35ca... HTTP 302
https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

110
Requests

99 %
HTTPS

72 %
IPv6

14
Domains

21
Subdomains

17
IPs

4
Countries

5761 kB
Transfer

9191 kB
Size

32
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nmg.soundestlink.com/link/656f17cb1958b1153e6abb22/656e8c88aa4c95a4c8a23ebb/64e031c67c1e7231d35ca1b9?signature=da1df81971b27da846784fa3787df4cf84a82a1cc19a9bb4145cc81bf47fa270 HTTP 302
https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=04CEA2E2B38E472E8724949038C585D8&RedC=c.clarity.ms&MXFR=3D57A6AFDE546CF4315BB571DA546262 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=04CEA2E2B38E472E8724949038C585D8&MUID=3C45002961B968430BDE13F7603269FC

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request view1659 Show response
get.underweark.com/me/new/Zekear/Shoes/
Redirect Chain

https://nmg.soundestlink.com/link/656f17cb1958b1153e6abb22/656e8c88aa4c95a4c8a23ebb/64e031c67c1e7231d35ca1b9?signature=da1df81971b27da846784fa3787df4cf84a82a1cc19a9bb4145cc81bf47fa270
https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend

41 KB
11 KB

736ms
676ms

Document
text/html

2606:4700:3035::6815:14d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:14d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24
Resource Hash: 31dbad4717ea18d9b4a3d9a96eda42807563b89e1b5be48166e8f1d44a2aa2ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 830cb5565ae05c50-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 13:41:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BNyH0y%2FTfF4snvaVJe9pzA7taE7y4zQoeRT%2BMPCVmh6GPzw5GuWR3Saa6o1nTkH4ybRovAjkMDnYSup%2BoxX630NTo%2BgaibvI4%2FQq4Tjq7MNLr5ZrMXE4raRwjTsZgxWw6BLOb0EpkTJG9gFHaiTdRA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 830cb554b9f4906c-FRA
content-length: 0
date: Tue, 05 Dec 2023 13:41:43 GMT
location: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
server: cloudflare
strict-transport-security: max-age=15552000
via: 1.1 google
x-envoy-upstream-service-time: 6

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 54ms
21ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11863764

Requested by

Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17851dcc7dd13599a831f93a6357df2725c412a601fdfa2fafa051f5c712045d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67462
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 13:41:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
63 KB 61ms
29ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-103606589-13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc0796a68bf8ffc9ee01d472ae117bdc1a23d7010d34a6a9228e796f5d9b9942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64885
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 13:41:44 GMT

GET
H2 200 common.js Show response
get.underweark.com/js/ 2 KB
1 KB 653ms
647ms Script
application/javascript 2606:4700:3035::6815:14d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.underweark.com/js/common.js
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:14d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 602a79c657d146bc1d484084b526896be318700840633658a0af895660585978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 04:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61b18170-8b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sC0NMT3k%2FwUlcPdVsV8JUkDnF0z1nfeqZQiZaJwkJH%2Bv9HWw8cxUbcuOsIyd7%2B7ZqSNMznW9gt3%2FDOxppJefbofRxtSYrtZsenMTTbxZ%2FshX2zE6qWosPGbgZu9taNU967S0LZ%2B%2BhQYVVpPdE9GVPSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 830cb55abf415c50-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 01:41:45 GMT

GET
H2 200 font-awesome.min.css
get.underweark.com/css/ 30 KB
7 KB 654ms
650ms Stylesheet
text/css 2606:4700:3035::6815:14d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.underweark.com/css/font-awesome.min.css
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:14d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84b0fb0efcff1c6685a952a2ce350cac267e2950859f0fe394c0d76bc0a3e47f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 08:42:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62a99b7d-7929"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3bWb6a2%2B6Wd2P9YjoX53WO8VEX6cfsroybdDzQGu0VmWZ8OXjgbAwPZWtjEYIRXHLo%2BO16wgdj4VYNkLY6dEt5l%2BQdQg2NFmr9JE%2FTP7dR9Dk8uCmTy4v%2B5wlqDSzdJMJ6Q1BSKXiMedsCj13m58QQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 830cb55abf3f5c50-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 01:41:45 GMT

GET
H2 200 1655787184_RWCZPK%7B1GA9%5B%60O3CJ%606%7D%25%7B7.png
d1y4tm6t3pzfj.cloudfront.net/other/images/ 24 KB
24 KB 50ms
9ms Image
image/png 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655787184_RWCZPK%7B1GA9%5B%60O3CJ%606%7D%25%7B7.png
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d13618ae23b6092aacbb993641b84df3da2d8d0c91286ea1d79622b3faf4979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 07:46:25 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 04:53:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 31559
etag: "67f4ad6b021981eac3bb269229e8d370"
x-amz-meta-width: 124
vary: Accept-Encoding
content-type: image/png
x-cache: Hit from cloudfront
x-amz-meta-height: 120
accept-ranges: bytes
content-length: 24212
x-amz-cf-id: 02BTd4gqwigX18J3fmgwAmggRWbNcgCAQOeHPab-mepzwgHEA95Jmw==

GET
H2 200 1657787174_0714-KN-03.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 59 KB
60 KB 54ms
14ms Image
image/jpeg 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787174_0714-KN-03.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c138db1d21a230313f48b05de382efbc504fe941d57f992bdd8533e81b6d500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:56:18 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81926
etag: "ede26d8bae820a188834c1d4eaef99e7"
x-amz-meta-width: 1000
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 60528
x-amz-cf-id: Dlj4OJPp2_8-_z9OR_9qS1cCnJOSAHwhLQl7xOCrHw4eSRrQQm738Q==

GET
H2 200 1660537988_1657623729_2.gif
d1y4tm6t3pzfj.cloudfront.net/other/images/ 1 MB
1 MB 11ms
11ms Image
image/gif 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1660537988_1657623729_2.gif
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 113af6e44c1cdce0562094dbd246be8203975fe4408425d3797e367fd5ff469b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:48:46 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Mon, 15 Aug 2022 04:33:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3179
etag: "a9c4c6437c68309083aed99c7fcc66ae"
x-amz-meta-width: 1000
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 1363313
x-amz-cf-id: Pcj7KtoOptLP13JRjPfdVmPGnWNdSSSxBFSClzX3gB3qFjQTN97NLA==

GET
H2 200 1657617922_0712-KN-01.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 20 KB
20 KB 26ms
25ms Image
image/jpeg 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657617922_0712-KN-01.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c90a8ce5a38f7eeeefec4fd600b5fe74a970bf4a2f667eb9a97ff4d6e2218b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:56:18 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Tue, 12 Jul 2022 09:25:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81926
etag: "96587c5a9dc14cc9afff1ce7daf07230"
x-amz-meta-width: 1000
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 20508
x-amz-cf-id: c3baViqa2TDABDXMrl209x5pO_s02ipDYvSIL4lLIcITEKysZeoSuw==

GET
H2 200 1657787185_0714-KN-02.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 78 KB
78 KB 9ms
8ms Image
image/jpeg 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787185_0714-KN-02.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89cddaea647f633e274d1ac23b48cd7f797b5c2caba8ae0b2a727bb32eb5f7e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:56:18 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81926
etag: "dc8ff66427c056c99433922c04751127"
x-amz-meta-width: 1000
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 79772
x-amz-cf-id: hzgJw9vNpRgNPsYALJqN_aotWsbf6ZJ55jFOE5g-Ml3o6_aZohr8Ew==

GET
H2 200 1657787192_0714-KN-04.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 49 KB
50 KB 27ms
11ms Image
image/jpeg 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787192_0714-KN-04.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89696acb6a83d45df78fa0d802a6501d25e300838c39250113e638b81a9dff70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:56:19 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81927
etag: "acd097274811b216df7c3781d24ccd8c"
x-amz-meta-width: 1000
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 50422
x-amz-cf-id: q-5VZ10fICkOcl7FwnWCmVL33_6ekaGpHahO8onxKtHuCogHMbFW7g==

GET
H2 200 1657787201_0714-KN-04.gif
d1y4tm6t3pzfj.cloudfront.net/other/images/ 828 KB
829 KB 33ms
18ms Image
image/gif 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787201_0714-KN-04.gif
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d78c04018b61b681beb00d9cb54b099bdcef08cb81e2c9eec84d1ec1a8566f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:56:19 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81927
etag: "e3bb39a501ae9059ca08b457d8429355"
x-amz-meta-width: 1000
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 847362
x-amz-cf-id: d9UYtnzGQYcDviJKp2D4Ite2HYjo1sap-czAJkHJkBgdvZfzQH8DCg==

GET
H2 200 1657787212_0714-KN-05.gif
d1y4tm6t3pzfj.cloudfront.net/other/images/ 881 KB
882 KB 27ms
12ms Image
image/gif 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787212_0714-KN-05.gif
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd0dac9fa7bbe50935b6c9f84e6c609e62e408c776a1d3831d6d718d81bc3db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:48:46 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3180
etag: "148792b1e19adaff3a38cacf61d55c51"
x-amz-meta-width: 1000
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 902199
x-amz-cf-id: X9AJ6O1aFPdtKCr9McxTFOI9vOG1OuVXLMhQk0DBxdZqVU7W5zrLng==

GET
H2 200 1657787224_0714-KN-01.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 71 KB
72 KB 31ms
17ms Image
image/jpeg 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787224_0714-KN-01.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97c1f181dc969b04f7ea79b23d980c76764b424bd176480bee0c25223082229a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:48:46 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:27:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3180
etag: "487058d941424a2928f74961db3d2d49"
x-amz-meta-width: 1000
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 72796
x-amz-cf-id: vq7MAhGPH7CTJl3L4vE9-WN3mHHYB0jibvE53gwwm9VnR_BIda_Oig==

GET
H2 200 1655787337_%7DH%2880985%40KA6A%29%7DAO8_N3SH.png
d1y4tm6t3pzfj.cloudfront.net/other/images/ 59 KB
59 KB 36ms
23ms Image
image/png 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655787337_%7DH%2880985%40KA6A%29%7DAO8_N3SH.png
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e985bbf32dd33d9c9c659bd195dd36b7f3004441e713d0d48e6dc225f4d0a32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:21:35 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 04:55:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 2389
etag: "e6d2d91c6dfbbb25fa28bdc7fa09471a"
x-amz-meta-width: 268
vary: Accept-Encoding
content-type: image/png
x-cache: Hit from cloudfront
x-amz-meta-height: 275
accept-ranges: bytes
content-length: 60245
x-amz-cf-id: O9LZkwn10V2-fbWH9Uyam_BswRNlaCPUolRTCjcRU4VTtP7tI5TTDQ==

GET
H2 200 1655787359_NYX2_5%7DDO1%5BPE%40S834FSPJT.png
d1y4tm6t3pzfj.cloudfront.net/other/images/ 59 KB
59 KB 42ms
31ms Image
image/png 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655787359_NYX2_5%7DDO1%5BPE%40S834FSPJT.png
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 415a387651469a1111375f0d66ebfd399fec3377c42f30f7daad6723904dfc35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:32:22 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 04:56:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 72564
etag: "fc6994c3b84e1fc5bf6f7143ad464818"
x-amz-meta-width: 268
vary: Accept-Encoding
content-type: image/png
x-cache: Hit from cloudfront
x-amz-meta-height: 275
accept-ranges: bytes
content-length: 60084
x-amz-cf-id: 1k_qtbaojNSgsZiu-BSHthhTlt0kjODtKRBKkKbOs0IscQ0wKlAoYA==

GET
H2 200 1655787383_SD~WC56A%7D50KH%25PWNF~%29UTE.png
d1y4tm6t3pzfj.cloudfront.net/other/images/ 63 KB
64 KB 35ms
25ms Image
image/png 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655787383_SD~WC56A%7D50KH%25PWNF~%29UTE.png
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e66835236955f7011c82074aeeff7f88ebad593d021e022415bd66f76ea85189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:21:36 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 04:56:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1210
etag: "78023b313ba56f94357c8ed40296883d"
x-amz-meta-width: 268
vary: Accept-Encoding
content-type: image/png
x-cache: Hit from cloudfront
x-amz-meta-height: 275
accept-ranges: bytes
content-length: 65000
x-amz-cf-id: qtSzhQOwXqPox_PRl2syWjvPsBjK5AbMTp-Pc86FGwb1VNPridqjRQ==

GET
H2 200 1655787303_6.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 290 KB
291 KB 36ms
27ms Image
image/jpeg 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655787303_6.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82335add5269929fc3c0fb260691f0316c40d35c87dceda5b6db352a78b453e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:32:22 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 04:55:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 72564
etag: "bb57eeff88bef8d74a2469ace5257413"
x-amz-meta-width: 1000
vary: Accept-Encoding
content-type: image/jpeg
x-cache: Hit from cloudfront
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 296882
x-amz-cf-id: k2W40lBqJl412IUD2jl0CVC-iHFEvx_-HNf-GIAPOnjw1RZY3ofonQ==

GET
H2 200 1657787166_0714-KN-06.gif
d1y4tm6t3pzfj.cloudfront.net/other/images/ 130 KB
130 KB 39ms
31ms Image
image/gif 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787166_0714-KN-06.gif
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e266b2dca89ca3e60a17eee3cd23274ef877899741038ab1fd12684537e7ec57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:48:46 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3180
etag: "0f706303b82b1f24ed7db9433ac31dc4"
x-amz-meta-width: 480
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-meta-height: 480
accept-ranges: bytes
content-length: 133100
x-amz-cf-id: s4Rh_-Q1vqi8tMinXZsVmQJ9A-E6upr_r4PkrlKne4eYhNmzdEi2XQ==

GET
H2 200 1655799144_YVKJK_HO%7BJGKPT%7D~%7BZO%247A7.png
d1y4tm6t3pzfj.cloudfront.net/other/images/ 5 KB
5 KB 38ms
31ms Image
image/png 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655799144_YVKJK_HO%7BJGKPT%7D~%7BZO%247A7.png
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 605ba7e9f2665e354649a736c35524901a5b5a2238e87298cedcd5727ee996ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:47:35 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 08:12:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 32051
etag: "daf58768b211e6bd8da37945f66b62d8"
x-amz-meta-width: 158
x-cache: Hit from cloudfront
content-type: image/png
x-amz-meta-height: 159
accept-ranges: bytes
content-length: 5199
x-amz-cf-id: gbUsLwbHSV0CfI40bulGQqX0qaEmWU1mcEVyxpmZNSrG2vRtXOQmRw==

GET
H2 200 1657787266_0714-KN-06.gif
d1y4tm6t3pzfj.cloudfront.net/other/images/ 130 KB
130 KB 38ms
31ms Image
image/gif 2600:9000:225e:1e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787266_0714-KN-06.gif
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e266b2dca89ca3e60a17eee3cd23274ef877899741038ab1fd12684537e7ec57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:56:18 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:27:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81927
etag: "0f706303b82b1f24ed7db9433ac31dc4"
x-amz-meta-width: 480
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-meta-height: 480
accept-ranges: bytes
content-length: 133100
x-amz-cf-id: pCQUaFKcUaYEmW4_zFMMH7lE_Ym_MA-Gxz41h6UkZZtpGo0GVR2B6g==

GET
H3 200 smb-scroll.js Show response
get.underweark.com/js/ 949 B
851 B 609ms
608ms Script
application/javascript 2606:4700:3035::6815:14d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.underweark.com/js/smb-scroll.js
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:14d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9dbf039fb5bad9aecf243aac15ab8899b5306a5ae5d1a168e1086ac2aa00cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 08:42:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62a99b7d-3b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMZPXP3jLXMVvsZdd0mkYCYwSMYsDMLkPHLoTmWALKDmq3ZOWvm0fA6ILzeW3N3vYNiINXMbujblnoprmvHY%2BIvx4eSuwtbOeHwIUKiORCI9CiMcr5rx4Wz0SJWOWRSbGJ28cFryxk0tBYnIR4a0%2FDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 830cb55b4c48f18f-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 01:41:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
60 KB 33ms
27ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a69641384d42951fe8853a0db6316e4b09b64664fc25de919d6c996f02fdd8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61794
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 13:41:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 31ms
27ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-103606589-13&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11863764

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21e4b3c8bdc973a3cb6ebc4811721e9a240dd185f18395a32595f03569a7ba72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64917
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 13:41:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 54ms
24ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103606589-13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 12:31:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4209
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Dec 2023 14:31:36 GMT

GET
H3 200 fontawesome-webfont.woff2
get.underweark.com/font/ 75 KB
76 KB 888ms
887ms Font
font/woff2 2606:4700:3035::6815:14d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.underweark.com/font/fontawesome-webfont.woff2
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:14d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://get.underweark.com/css/font-awesome.min.css
Origin: https://get.underweark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:46 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 08:42:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62a99b7d-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLVAJqoz%2BTG2VFBSD%2FYt6%2FARYyCmXluJKmmlyoav7dqtrUZNC%2BXmCuCcvTaNpCFcTeCauA8xK22XKBtNeg54QvAhVYxn9e%2F63%2BFrTsBReyEUgVlBqHCOh1eBvCtAi0VnCz5DwFQHZF3HyB2moPeIGOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 830cb55f29faf18f-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-158751611-2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ae5dd2a553f9526989415b58954481fd5a424c71d6b6ccf419f3bd725fe885f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68908
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 13:41:45 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
55 KB 31ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: mkSn1cpdvNlTHGDC/XLlK3o8UsW2/r4Pc3Zx8hy0/u91V+YG2Vc+9AccNb/H/lEy0XLpjPp2erZ3STAdAWaQWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-103606589-7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0b70d95f168e9a99f22d2c9085a8c66be5e5f851828b0e3a097d87dd9918114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68911
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 13:41:45 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 25 KB
8 KB 58ms
11ms Script
application/x-javascript 2.19.85.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9af81eb9abc896884c3bab25d37d1c26548c23ea2541aa10a4871d4b88003941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 13:41:45 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Dec 2023 11:43:27 GMT
Server: AkamaiNetStorage
ETag: "beb0933389ac2f143c9d95dc0b432a51:1701604628.910943"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7738
Expires: Tue, 05 Dec 2023 14:01:45 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 147ms
100ms Script
application/javascript 2.19.120.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8TARN0O6OK0DA72RBU0&lib=ttq
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?omnisendContactID=64e031c67c1e7231d35ca1b9&utm_campaign=campaign%3A+1205+%28656e8bca0b5790e08f4a53dd%29&utm_medium=email&utm_source=omnisend
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.27 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 121204573e328dabf3df103b30ff6bf432a455c63d57f04e218acad748ab824a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: 1c93a422.e1496683
date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231205134145F1A832509FF803A09287-586F77941211B346-00
x-cache: TCP_MISS from a2-19-119-27.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 87,2.19.119.27
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=6, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20231205134145F1A832509FF803A09287
x-cache-remote: TCP_MISS from a23-220-105-68.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.105.68
x-tt-trace-host: 011d68ed99a1da9e98595cfdaa70b1c210b84a13a12433aaff5baf21109c1f390fc2abdab66db2c5a3ddc1c3048c2f8addf15624b69f5f2718455e372ecf9d2c90fb36bba2603ac5072f01d2d11283a74a2a028b3fd700876ecca2ce91effef40f777ab8e1e49dc0df2fc953a34594a285
expires: Tue, 05 Dec 2023 13:41:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-103606589-8

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

527af11e61daa3e3d62430ecff57c6177c427d571710864246b4bf3d6199ebb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68911
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 13:41:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-103606589-2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3502546d7259608617e3f1840b44160b322b305e1697fef265f4dd22ec91729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68913
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 13:41:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
81 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3HXTHTNK1P

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72bde33802b83dd7a05532cdf9a1951b3d4e2757d8997256199d8da39dd5bba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82415
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 13:41:45 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 55ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 05 Dec 2023 13:41:45 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5ABCF93FB2F648BE99C63831C6B87339 Ref B: FRA31EDGE0212 Ref C: 2023-12-05T13:41:45Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 15ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1027423147&t=pageview&_s=1&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&ul=en-us&de=UTF-8&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&sd=undefined-bit&sr=undefinedxundefined&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=80634289&gjid=1698667705&cid=62482574.1701783706&tid=UA-103606589-13&_gid=1795375544.1701783706&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=2029287157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 55ms
18ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-103606589-13&cid=62482574.1701783706&jid=80634289&gjid=1698667705&_gid=1795375544.1701783706&_u=YEBAAUAAAAAAACAAI~&z=1544828539

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
82 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DSJX8HM25C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158751611-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55d0490c769faccc052efe705ab252e4343c87e3c633fee48e84ee4f619ad633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 13:41:45 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1027423147&t=pageview&_s=1&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&ul=en-us&de=UTF-8&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&sd=undefined-bit&sr=undefinedxundefined&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=2036926368&gjid=65756963&cid=62482574.1701783706&tid=UA-158751611-2&_gid=1795375544.1701783706&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=254518380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158751611-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 12:31:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4209
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Dec 2023 14:31:36 GMT

GET
H2 200 3362388593882789 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 75ms
75ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3362388593882789?v=2.9.138&r=stable&domain=get.underweark.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14c46e8330d44fe73dcd3dad90b86eefedbd9d61257e0728bf0f9ff5fe80f0c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: inKevJHajJy9BkhTHKd50A9sYKaqZEbcZw6sfP1Fp7cySQweEOtcGlGPvyjCSm0HXjzXicVsg/j5FwusSVUHLQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
83 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-141CS4V595&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103606589-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca55f11ba4a95f15283e2ce5ae53a1fec88f8f783f8ef1dfc5c7d467e7ef673e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 13:41:45 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1027423147&t=pageview&_s=1&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&ul=en-us&de=UTF-8&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&sd=undefined-bit&sr=undefinedxundefined&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1542925025&gjid=1242075838&cid=62482574.1701783706&tid=UA-103606589-7&_gid=1795375544.1701783706&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1835008865

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
82 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WTKMF044CT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103606589-8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18616cf7be89a43a9d876817bc7d05a5f11e4658dc645c78d5d55eefccb9daa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84010
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 13:41:45 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1027423147&t=pageview&_s=1&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&ul=en-us&de=UTF-8&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&sd=undefined-bit&sr=undefinedxundefined&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1458771791&gjid=2103536143&cid=62482574.1701783706&tid=UA-103606589-8&_gid=1795375544.1701783706&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1301254499

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Z9QZH114R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103606589-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6be89949acf77484fc0ec75d82cc7b371fae352a4551cca8f7154d19e1a8512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 13:41:45 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1027423147&t=pageview&_s=1&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&ul=en-us&de=UTF-8&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&sd=undefined-bit&sr=undefinedxundefined&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1602181260&gjid=1660598621&cid=62482574.1701783706&tid=UA-103606589-2&_gid=1795375544.1701783706&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=236187710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 39ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3HXTHTNK1P&gtm=45je3bt0v9117897770&_p=1701783704788&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=62482574.1701783706&ul=en-us&sr=undefinedxundefined&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701783705&sct=1&seg=0&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1972
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HXTHTNK1P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 20ms
19ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3HXTHTNK1P&cid=62482574.1701783706&gtm=45je3bt0v9117897770&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HXTHTNK1P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 58ms
34ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3HXTHTNK1P&cid=62482574.1701783706&gtm=45je3bt0v9117897770&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=262006145

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-158751611-2&cid=62482574.1701783706&jid=2036926368&gjid=65756963&_gid=1795375544.1701783706&_u=aEDAAUABAAAAACAAI~&z=984648064

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 58ms
35ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-103606589-13&cid=62482574.1701783706&jid=80634289&_u=YEBAAUAAAAAAACAAI~&z=195215717

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
34ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-103606589-13&cid=62482574.1701783706&jid=80634289&_u=YEBAAUAAAAAAACAAI~&z=195215717

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 381ms
92ms Ping
image/gif 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=07664257835866408&referrer=&cht=gtm&marketerId=005a5005690ff4b80ef07b9d2e996efbcd%2C008bc3dff22866715329b6997ac2cf5331%2C0034c582a98b95833339fa383b971d1dc7&name=PAGE_VIEW&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 13:41:46 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 0d0bb96779372433b103d8e9cfed4b1f
Content-Length: 54
Content-Type: image/gif;

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 381ms
93ms Ping
image/gif 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=05855782180997193&referrer=&marketerId=005a5005690ff4b80ef07b9d2e996efbcd%2C008bc3dff22866715329b6997ac2cf5331%2C0034c582a98b95833339fa383b971d1dc7&name=View%20Content&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 13:41:46 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 5dbcd5a9741629226d53dde7c262f417
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 380ms
94ms Script
application/javascript 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=005a5005690ff4b80ef07b9d2e996efbcd,008bc3dff22866715329b6997ac2cf5331,0034c582a98b95833339fa383b971d1dc7
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 13:41:46 GMT
content-encoding: br
X-TraceId: cabc6516c166e696d4d893bc0807d3c4
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 005a5005690ff4b80ef07b9d2e996efbcd Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 40ms
10ms Script
text/html 2.19.85.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/005a5005690ff4b80ef07b9d2e996efbcd
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 13:41:45 GMT
Content-Encoding: gzip
ob-sent-time: 1701736712521
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 15f0d67e1d92212f581c89a77e85b572
Content-Length: 22
Expires: Tue, 05 Dec 2023 13:42:45 GMT

GET
H/1.1 200
OK 008bc3dff22866715329b6997ac2cf5331 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 40ms
11ms Script
text/html 2.19.85.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/008bc3dff22866715329b6997ac2cf5331
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 13:41:45 GMT
Content-Encoding: gzip
ob-sent-time: 1701758663798
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 83aa3b12e76188e47620dc92bda0b550
Content-Length: 22
Expires: Tue, 05 Dec 2023 13:42:45 GMT

GET
H/1.1 200
OK 0034c582a98b95833339fa383b971d1dc7 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 39ms
10ms Script
text/html 2.19.85.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/0034c582a98b95833339fa383b971d1dc7
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 13:41:45 GMT
Content-Encoding: gzip
ob-sent-time: 1701708167934
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: d595744d5ab4c580b2fedd811223890d
Content-Length: 22
Expires: Tue, 05 Dec 2023 13:42:45 GMT

GET
H2 200 187060998.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187060998.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d02f0712dfdac77bbddfc39b9746f44fc6bc3d9fd9569588a5040dc005bc7586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 05 Dec 2023 13:41:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 976F5F1F508A4979A46FCD8B37CAFC9C Ref B: FRA31EDGE0212 Ref C: 2023-12-05T13:41:45Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
285 B 38ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187060998&Ver=2&mid=2662d3d3-aa8f-4cf3-a92a-7da0cf7522cb&sid=0828bc90937411ee8260032ec18b7d07&vid=0828f410937411eead4b834a8eab53e4&vids=1&msclkid=N&pi=1200101525&lg=en-US&tl=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&p=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&r=&lt=1735&evt=pageLoad&sv=1&rn=75826

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 13:41:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E5060641B7F42A286B813112F1D3826 Ref B: FRA31EDGE0212 Ref C: 2023-12-05T13:41:45Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-103606589-7&cid=62482574.1701783706&jid=1542925025&gjid=1242075838&_gid=1795375544.1701783706&_u=aEDAAUABAAAAACAAI~&z=2048160471

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-103606589-8&cid=62482574.1701783706&jid=1458771791&gjid=2103536143&_gid=1795375544.1701783706&_u=aEDAAUABAAAAACAAI~&z=802773768

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-103606589-2&cid=62482574.1701783706&jid=1602181260&gjid=1660598621&_gid=1795375544.1701783706&_u=aEDAAUABAAAAACAAI~&z=1541818828

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DSJX8HM25C&gtm=45je3bt0v9136855741&_p=1701783704788&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=62482574.1701783706&ul=en-us&sr=undefinedxundefined&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701783705&sct=1&seg=0&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&en=page_view&_fv=1&_ss=1&tfd=2047
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DSJX8HM25C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 14ms
14ms Script
application/javascript 2.19.120.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8TARN0O6OK0DA72RBU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.27 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: e1496988
date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073132D100049A8BDE3C03ECF9
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-119-27.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0185dfab32b7b781d5b000d81b2e497fdc632bb0d5a15e814213d5c3d4d3a8ced8f4b493fa91a0ad62cb4b0a478a4cdf7b0c9c05645076b035289e3fd956bc3efef82b14a33d1b1c3405b2cc7f181120c0cbb56cc681d7eb0ab29f1016fc977276
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 108270

GET
H3 200 679176527157374 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/679176527157374?v=2.9.138&r=stable&domain=get.underweark.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b048ea0c2a9e0bbbddc21bb17ba91ba41b76960712d90fc60f8f40ea90aec62c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: BPEywVEQZ+qYxjKQNt5Sj9dIOoRLBxxfDnBHFpphedxtfUEuemOqgpLYbsUL5HhGYoqKMpA+TK8Fe8+lzc+uqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3362388593882789&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783705806&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&it=1701783705597&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-141CS4V595&gtm=45je3bt0v9135829176&_p=1701783704788&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=62482574.1701783706&ul=en-us&sr=undefinedxundefined&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701783705&sct=1&seg=0&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&en=page_view&_fv=1&_ss=1&tfd=2114
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-141CS4V595&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 20ms
19ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-141CS4V595&cid=62482574.1701783706&gtm=45je3bt0v9135829176&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-141CS4V595&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-141CS4V595&cid=62482574.1701783706&gtm=45je3bt0v9135829176&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1434084125

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WTKMF044CT&gtm=45je3bt0v9134451713&_p=1701783704788&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=62482574.1701783706&ul=en-us&sr=undefinedxundefined&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701783705&sct=1&seg=0&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&en=page_view&_fv=1&_ss=1&tfd=2144
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTKMF044CT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WTKMF044CT&cid=62482574.1701783706&gtm=45je3bt0v9134451713&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTKMF044CT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WTKMF044CT&cid=62482574.1701783706&gtm=45je3bt0v9134451713&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2098396951

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6Z9QZH114R&gtm=45je3bt0v9133697174&_p=1701783704788&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=62482574.1701783706&ul=en-us&sr=undefinedxundefined&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701783705&sct=1&seg=0&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&en=page_view&_fv=1&_ss=1&tfd=2169
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Z9QZH114R&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6Z9QZH114R&cid=62482574.1701783706&gtm=45je3bt0v9133697174&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Z9QZH114R&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6Z9QZH114R&cid=62482574.1701783706&gtm=45je3bt0v9133697174&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1407322642

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 36ms
33ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-103606589-7&cid=62482574.1701783706&jid=1542925025&_u=aEDAAUABAAAAACAAI~&z=1033316635

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 38ms
37ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-103606589-7&cid=62482574.1701783706&jid=1542925025&_u=aEDAAUABAAAAACAAI~&z=1033316635

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-103606589-8&cid=62482574.1701783706&jid=1458771791&_u=aEDAAUABAAAAACAAI~&z=1643713382

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 38ms
37ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-103606589-8&cid=62482574.1701783706&jid=1458771791&_u=aEDAAUABAAAAACAAI~&z=1643713382

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 35ms
34ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-103606589-2&cid=62482574.1701783706&jid=1602181260&_u=aEDAAUABAAAAACAAI~&z=641254718

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 37ms
37ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-103606589-2&cid=62482574.1701783706&jid=1602181260&_u=aEDAAUABAAAAACAAI~&z=641254718

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187060998 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 122ms
102ms Script
application/x-javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187060998
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187060998.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 56687e49a340dc8eb62bfb5c2b4a7c1a8dfd5533068f7a4af0eb53ce3f70dbfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: -1
date: Tue, 05 Dec 2023 13:41:46 GMT
x-azure-ref: 20231205T134145Z-rgc43k83up57va6vpuq6z0tyas0000000730000000004a61
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 1188815008409875 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 83ms
82ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1188815008409875?v=2.9.138&r=stable&domain=get.underweark.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4f3166b8d9b5e82d9d848afd490eef98a4591e75b68a348cd837c95235a72871

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: aSnLexSIasl8/k9DtAUnTV2d6c+Uev84j6MZhYxUkNTunzY3Ln72uxz250UhtljM/yEZMtKtBha/hmDAAEpmtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 10ms
9ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=679176527157374&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783705940&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&it=1701783705597&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 13ms
13ms Script
application/javascript 2.19.120.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.27 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: e1496b5f
date: Tue, 05 Dec 2023 13:41:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073132D20947A3E368F6ECDFFE
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-119-27.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0185dfab32b7b781d5b000d81b2e497fdc632bb0d5a15e814213d5c3d4d3a8ced8181b80a4891abdba77408114150871cd169fd5c94f93ab304bfbe8245e11f699ddd89ae64d9c965f661dfb8768d465b826593a3a198841278f76b492d094642d
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 36162

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
842 B 143ms
143ms Ping
text/plain 2.19.120.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.27 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4bd71b3d.e1496bc9
date: Tue, 05 Dec 2023 13:41:46 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231205134146147FAE23493CC1C277A9-513F547117BF1723-00
x-cache: TCP_MISS from a2-19-119-27.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 127,2.19.119.27
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=41, inner; dur=39
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231205134146147FAE23493CC1C277A9
x-cache-remote: TCP_MISS from a23-48-200-170.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.48.200.170
x-tt-trace-host: 011d68ed99a1da9e98595cfdaa70b1c21022e767dc3de20cbf9dd03b05b3d750f455ea1891bd20d896f2435de3134186fbbf3f4c3fd373d21ca813990f30b28ba338fe5f982a6eda8b4acb107253cecd69fd14551ddb0510eac488c01625132357e4cf95e51192dd2a739875d9bb337f0d
access-control-allow-headers: Authorization,*
expires: Tue, 05 Dec 2023 13:41:46 GMT

GET
H3 200 685835109853492 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 68ms
68ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/685835109853492?v=2.9.138&r=stable&domain=get.underweark.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4111259b61debc047bfca0411b8e0a0ae1aefd6736fad356085eee089abf195

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: Bx3hfkBDdSkNah4bt2lzMa4dgmeq9BdUQW4ZfYsvyKpRnJHmtQ8lcimCkh927EACEnCXEJiMz1Xu7NpOnv7J6g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 9ms
9ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1188815008409875&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783706031&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&it=1701783705597&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 15ms
14ms Script
application/javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/187060998
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:41:46 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
etag: W/"0x8DBF4C1B3818466"
vary: Accept-Encoding
x-azure-ref: 20231205T134146Z-rgc43k83up57va6vpuq6z0tyas0000000730000000004a6y
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a83e7593-d01e-0008-28ad-2634d4000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H3 200 105478522442200 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/105478522442200?v=2.9.138&r=stable&domain=get.underweark.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dba68c581990ee3b81703582125d1f0a31830675ce3bcd3f5f99f16f33017ac

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: gUigklrSFvCbsevmKuuLaYm10OwUiF2y852ihsvSZ2KPEIaqcUf8nrpnaOvRxQHAvNAJMWHjp4X5xCe5Xpf9GQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=685835109853492&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783706117&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&it=1701783705597&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
298 B 440ms
197ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://get.underweark.com
Date: Tue, 05 Dec 2023 13:41:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
843 B 131ms
130ms Ping
text/plain 2.19.120.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.27 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4bd7795e.e1496dcc
date: Tue, 05 Dec 2023 13:41:46 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231205134146147FAE23493CC1C277B9-513F547117BF1873-00
x-cache: TCP_MISS from a2-19-119-27.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 110,2.19.119.27
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=25, inner; dur=22
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231205134146147FAE23493CC1C277B9
x-cache-remote: TCP_MISS from a23-48-200-170.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,23.48.200.170
x-tt-trace-host: 011d68ed99a1da9e98595cfdaa70b1c21022e767dc3de20cbf9dd03b05b3d750f455ea1891bd20d896f2435de3134186fbbf3f4c3fd373d21ca813990f30b28ba338fe5f982a6eda8b4acb107253cecd6935aa8f322895f13e681833c2d65e90073998702c2ece8a0803fb7fb76b5b5adf
access-control-allow-headers: Authorization,*
expires: Tue, 05 Dec 2023 13:41:46 GMT

GET
H3 200 684449170077845 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 106ms
105ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/684449170077845?v=2.9.138&r=stable&domain=get.underweark.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ebb1a8079338b2d1a1cb09dea8446c5e6961198358f91534f1dac4e206972eb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: 10FE5c8ScVb8Pkw/mzyvYx+N7HDlDP8/evoxCF2kLaw9qT++U17xbfAxscEKNZ6+Ayvc4wg7COo0k9w7N9LiZw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=105478522442200&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783706225&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&it=1701783705597&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 202915749024417 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 73ms
73ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/202915749024417?v=2.9.138&r=stable&domain=get.underweark.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83a59620897a7be55a688c9b4d38d27ce01b4eb3d8ec5146595b491d97ac01b5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: aFgHsvnPpF7m79mZkYirfPLZMjodsY3BztWq4VjlC2yGacFykZrmVP4H2143NNxq3t3+uWGVEgyGVAkrsCIlTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=684449170077845&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783706358&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&it=1701783705597&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 1317397272524907 Show response
connect.facebook.net/signals/config/ 142 KB
37 KB 95ms
94ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1317397272524907?v=2.9.138&r=stable&domain=get.underweark.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e732cc4596e766ca015dc0141af72f8fc361c2ee11d86d102a5664a8ca08a5e3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: oz1ZcZ1ooLwe12e09vjnhEL0tK8VaRIZ85dIL0JefPrKiqPNieFzOlewBpgM2Ye0TYTOL6uZoRFhot+swZvMQw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202915749024417&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783706461&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&it=1701783705597&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 1014087142939702 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 71ms
71ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1014087142939702?v=2.9.138&r=stable&domain=get.underweark.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a04d8465f9010ca827a9baa6a935d9e791db217c75c0e32b1e92479338b428f5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: jlKH0T2b1DKPnMh9ChD+MsACrsu1tIrcSb29kDjmq566F0E4lkgvpZeC2eVQXVsG+b/t4ulS6inK+aCJ8EdtdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1317397272524907&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783706573&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&hmd=4ad863f562bf8611545600c5&it=1701783705597&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1317397272524907&ev=Microdata&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783706574&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&hmd=4ad863f562bf8611545600c5&it=1701783705597&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 841070771085024 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/841070771085024?v=2.9.138&r=stable&domain=get.underweark.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33fd1411e58575507d772f7e2e9ef36b341efcd763091745c9b9b699e1f528fb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: jAf9W7WVOBtswW70UtwUThnbvwwmtgz5kM6gdSll0jWMPrDiF/KRplC5LOyrG8ThaB1F+a6p1ZZUHzOVqQm/zg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1014087142939702&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783706653&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&it=1701783705597&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=841070771085024&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3FomnisendContactID%3D64e031c67c1e7231d35ca1b9%26utm_campaign%3Dcampaign%253A%2B1205%2B%2528656e8bca0b5790e08f4a53dd%2529%26utm_medium%3Demail%26utm_source%3Domnisend&rl=&if=false&ts=1701783706732&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701783705805.2051988531&ler=empty&it=1701783705597&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 13:41:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=04CEA2E2B38E472E8724949038C585D8&RedC=c.clarity.ms&MXFR=3D57A6AFDE546CF4315BB571DA546262
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=04CEA2E2B38E472E8724949038C585D8&MUID=3C45002961B968430BDE13F7603269FC

42 B
444 B

27ms
27ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=04CEA2E2B38E472E8724949038C585D8&MUID=3C45002961B968430BDE13F7603269FC
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:46 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:41:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B7872F032C54EBD94ABCC8FEFF2E674 Ref B: FRA31EDGE0212 Ref C: 2023-12-05T13:41:46Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=04CEA2E2B38E472E8724949038C585D8&MUID=3C45002961B968430BDE13F7603269FC
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
298 B 97ms
96ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://get.underweark.com
Date: Tue, 05 Dec 2023 13:41:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
298 B 97ms
97ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://get.underweark.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://get.underweark.com
Date: Tue, 05 Dec 2023 13:41:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
get.underweark.com/	1970-01-20 16:43:10	Name: XSRF-TOKEN Value: eyJpdiI6IjNFSkN1V3JDV2ViemNWbjZxYTNPUWc9PSIsInZhbHVlIjoiRUJLUDdDWUJJcU9jalVqdUg5UXQwZkxzT0gyeEljXC8zc05FYjkzTTlhYlNnKzRDTTBvenZoZEloclh6dnZacTlSN3ZhY0YrS3RiUlVOS0lWS1Fhc1R3PT0iLCJtYWMiOiIyNjIyYTQ4OTkzZjdkY2IyMjllNzY0ZjQyY2Q2MWE3MDM2YmE5YjkzM2ZjNWJjZTQwNzRiYjEzMmQwOTI5ZGVkIn0%3D
get.underweark.com/	1970-01-20 16:43:10	Name: laravel_session Value: eyJpdiI6IjFSUkhjbHo4SGZkbWsxNkNnWUg1OEE9PSIsInZhbHVlIjoiTFNZaDZoNTVRSkFHSW5ZSnhBWG4rc2Q4VStlTHlpcHN0ZEJWTjM4MlczOGJuUXRnOHltXC80eE80S3ltUXFTWjAwNXcrdzdZTFhKVlp4UHI0XC81akRLdz09IiwibWFjIjoiNGE1OGJlZGQ4NzUwNmM3NmRhNTI1MTczZDJhZWRhYWZkNTc2NWJmYmRmMWQzMWUyMGE1N2M5ZDg5OGJjN2U5NyJ9
.underweark.com/	1970-01-20 18:52:39	Name: _gcl_au Value: 1.1.313745194.1701783705
.underweark.com/	1970-01-20 16:44:30	Name: _gid Value: GA1.2.1795375544.1701783706
.underweark.com/	1970-01-20 16:43:03	Name: _gat_gtag_UA_103606589_13 Value: 1
.underweark.com/	1970-01-20 16:43:03	Name: _gat_gtag_UA_158751611_2 Value: 1
.underweark.com/	1970-01-20 16:43:03	Name: _gat_gtag_UA_103606589_7 Value: 1
.underweark.com/	1970-01-20 16:43:03	Name: _gat_gtag_UA_103606589_8 Value: 1
.underweark.com/	1970-01-20 16:43:03	Name: _gat_gtag_UA_103606589_2 Value: 1
.tiktok.com/	1970-01-21 02:04:39	Name: _ttp Value: 2Z7qwiAYDc06A8mN28tNDXOOCN7
.underweark.com/	1970-01-21 02:19:03	Name: _ga_3HXTHTNK1P Value: GS1.1.1701783705.1.0.1701783705.60.0.0
.underweark.com/	1970-01-21 02:19:03	Name: _ga Value: GA1.1.62482574.1701783706
.underweark.com/	1970-01-20 16:44:30	Name: _uetsid Value: 0828bc90937411ee8260032ec18b7d07
.underweark.com/	1970-01-21 02:04:39	Name: _uetvid Value: 0828f410937411eead4b834a8eab53e4
.bing.com/	1970-01-21 02:04:39	Name: MUID Value: 3C45002961B968430BDE13F7603269FC
.underweark.com/	1970-01-21 02:19:03	Name: _ga_DSJX8HM25C Value: GS1.1.1701783705.1.0.1701783705.0.0.0
.underweark.com/	1970-01-20 18:52:39	Name: _fbp Value: fb.1.1701783705805.2051988531
.underweark.com/	1970-01-21 02:19:03	Name: _ga_141CS4V595 Value: GS1.1.1701783705.1.0.1701783705.60.0.0
.underweark.com/	1970-01-21 02:19:03	Name: _ga_WTKMF044CT Value: GS1.1.1701783705.1.0.1701783705.60.0.0
.underweark.com/	1970-01-21 02:19:03	Name: _ga_6Z9QZH114R Value: GS1.1.1701783705.1.0.1701783705.60.0.0
.underweark.com/	1970-01-21 02:04:39	Name: _tt_enable_cookie Value: 1
.underweark.com/	1970-01-21 02:04:39	Name: _ttp Value: xijK7vHf4xplhDaf70-dHd20Jnx
www.clarity.ms/	1970-01-21 01:28:39	Name: CLID Value: 008f4bdc00e14545a919b4d1c5aad08b.20231205.20241204
.underweark.com/	1970-01-21 01:28:39	Name: _clck Value: 1ix1mb7%7C2%7Cfha%7C0%7C1434
get.underweark.com/	1970-01-20 16:43:04	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1701783706128%7D
.underweark.com/	1970-01-20 16:44:30	Name: _clsk Value: lkz6lb%7C1701783706639%7C1%7C1%7Ct.clarity.ms%2Fcollect
.c.bing.com/	1970-01-20 16:53:08	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:04:39	Name: SRM_B Value: 3C45002961B968430BDE13F7603269FC
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:04:39	Name: MUID Value: 3C45002961B968430BDE13F7603269FC
.c.clarity.ms/	1970-01-20 16:53:08	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:43:04	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.tiktok.com
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
d1y4tm6t3pzfj.cloudfront.net
get.underweark.com
nmg.soundestlink.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
t.clarity.ms
tr.outbrain.com
wave.outbrain.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2.19.120.27
2.19.85.55
20.114.189.70
2001:4860:4802:32::36
2600:9000:225e:1e00:1a:f135:a7c0:21
2606:4700:3035::6815:14d7
2606:4700:4400::ac40:914e
2620:1ec:46::60
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:810::2003
2a00:1450:4001:827::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
68.219.88.97
70.42.32.255
0c138db1d21a230313f48b05de382efbc504fe941d57f992bdd8533e81b6d500
113af6e44c1cdce0562094dbd246be8203975fe4408425d3797e367fd5ff469b
121204573e328dabf3df103b30ff6bf432a455c63d57f04e218acad748ab824a
14c46e8330d44fe73dcd3dad90b86eefedbd9d61257e0728bf0f9ff5fe80f0c8
17851dcc7dd13599a831f93a6357df2725c412a601fdfa2fafa051f5c712045d
18616cf7be89a43a9d876817bc7d05a5f11e4658dc645c78d5d55eefccb9daa4
1ae5dd2a553f9526989415b58954481fd5a424c71d6b6ccf419f3bd725fe885f
1d13618ae23b6092aacbb993641b84df3da2d8d0c91286ea1d79622b3faf4979
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
21e4b3c8bdc973a3cb6ebc4811721e9a240dd185f18395a32595f03569a7ba72
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31dbad4717ea18d9b4a3d9a96eda42807563b89e1b5be48166e8f1d44a2aa2ac
33fd1411e58575507d772f7e2e9ef36b341efcd763091745c9b9b699e1f528fb
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e985bbf32dd33d9c9c659bd195dd36b7f3004441e713d0d48e6dc225f4d0a32
415a387651469a1111375f0d66ebfd399fec3377c42f30f7daad6723904dfc35
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f3166b8d9b5e82d9d848afd490eef98a4591e75b68a348cd837c95235a72871
527af11e61daa3e3d62430ecff57c6177c427d571710864246b4bf3d6199ebb0
55d0490c769faccc052efe705ab252e4343c87e3c633fee48e84ee4f619ad633
56687e49a340dc8eb62bfb5c2b4a7c1a8dfd5533068f7a4af0eb53ce3f70dbfa
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
602a79c657d146bc1d484084b526896be318700840633658a0af895660585978
605ba7e9f2665e354649a736c35524901a5b5a2238e87298cedcd5727ee996ea
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72bde33802b83dd7a05532cdf9a1951b3d4e2757d8997256199d8da39dd5bba7
82335add5269929fc3c0fb260691f0316c40d35c87dceda5b6db352a78b453e9
83a59620897a7be55a688c9b4d38d27ce01b4eb3d8ec5146595b491d97ac01b5
84b0fb0efcff1c6685a952a2ce350cac267e2950859f0fe394c0d76bc0a3e47f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89696acb6a83d45df78fa0d802a6501d25e300838c39250113e638b81a9dff70
89cddaea647f633e274d1ac23b48cd7f797b5c2caba8ae0b2a727bb32eb5f7e2
8dba68c581990ee3b81703582125d1f0a31830675ce3bcd3f5f99f16f33017ac
8ebb1a8079338b2d1a1cb09dea8446c5e6961198358f91534f1dac4e206972eb
97c1f181dc969b04f7ea79b23d980c76764b424bd176480bee0c25223082229a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af81eb9abc896884c3bab25d37d1c26548c23ea2541aa10a4871d4b88003941
a04d8465f9010ca827a9baa6a935d9e791db217c75c0e32b1e92479338b428f5
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a69641384d42951fe8853a0db6316e4b09b64664fc25de919d6c996f02fdd8e9
b048ea0c2a9e0bbbddc21bb17ba91ba41b76960712d90fc60f8f40ea90aec62c
b4111259b61debc047bfca0411b8e0a0ae1aefd6736fad356085eee089abf195
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
bd0dac9fa7bbe50935b6c9f84e6c609e62e408c776a1d3831d6d718d81bc3db6
c90a8ce5a38f7eeeefec4fd600b5fe74a970bf4a2f667eb9a97ff4d6e2218b1c
ca55f11ba4a95f15283e2ce5ae53a1fec88f8f783f8ef1dfc5c7d467e7ef673e
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d02f0712dfdac77bbddfc39b9746f44fc6bc3d9fd9569588a5040dc005bc7586
d3502546d7259608617e3f1840b44160b322b305e1697fef265f4dd22ec91729
d6be89949acf77484fc0ec75d82cc7b371fae352a4551cca8f7154d19e1a8512
d78c04018b61b681beb00d9cb54b099bdcef08cb81e2c9eec84d1ec1a8566f0e
dc0796a68bf8ffc9ee01d472ae117bdc1a23d7010d34a6a9228e796f5d9b9942
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0b70d95f168e9a99f22d2c9085a8c66be5e5f851828b0e3a097d87dd9918114
e266b2dca89ca3e60a17eee3cd23274ef877899741038ab1fd12684537e7ec57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66835236955f7011c82074aeeff7f88ebad593d021e022415bd66f76ea85189
e732cc4596e766ca015dc0141af72f8fc361c2ee11d86d102a5664a8ca08a5e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9dbf039fb5bad9aecf243aac15ab8899b5306a5ae5d1a168e1086ac2aa00cb0

get.underweark.com Open in urlscan Pro 2606:4700:3035::6815:14d7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

99 %HTTPS

72 %IPv6

14 Domains

21 Subdomains

17 IPs

4 Countries

5761 kBTransfer

9191 kBSize

32 Cookies

0 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

get.underweark.com Open in urlscan Pro
2606:4700:3035::6815:14d7 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

99 %
HTTPS

72 %
IPv6

14
Domains

21
Subdomains

17
IPs

4
Countries

5761 kB
Transfer

9191 kB
Size

32
Cookies

110 HTTP transactions
0 data transactions