urlscan.io logo urlscan.io
SecurityTrails logo

hmv.com Open in urlscan Pro
20.93.230.245  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/uo3mTqiHof
Effective URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Submission: On June 17 via manual from RS — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 51 HTTP transactions. The main IP is 20.93.230.245, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is hmv.com. The Cisco Umbrella rank of the primary domain is 386565.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 2nd 2024. Valid for: a year.
This is the only time hmv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 93.184.221.165 15133 (EDGECAST)
1 1 52.205.82.181 14618 (AMAZON-AES)
23 20.93.230.245 8075 (MICROSOFT...)
9 2606:2800:233... 15133 (EDGECAST)
2 34.117.175.203 396982 (GOOGLE-CL...)
2 2400:52e0:1e0... 60068 (CDN77 _)
1 52.222.236.107 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
1 52.222.236.71 16509 (AMAZON-02)
1 172.217.18.2 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.185.130 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 20.50.88.238 8075 (MICROSOFT...)
51 14
1    93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)
t.co
1    52.205.82.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-82-181.compute-1.amazonaws.com
ow.ly
23    20.93.230.245 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hmv.com
9    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.hmv.com
2    34.117.175.203 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.175.117.34.bc.googleusercontent.com
files.queue-fair.net
2    2400:52e0:1e00::1081:1 (Germany)

ASN60068 (CDN77 _, GB)
cdn.usefathom.com
1    52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net
widget.trustpilot.com
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net
widget.trustpilot.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
pagead2.googlesyndication.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
ade.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    20.50.88.238 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
32 hmv.com
hmv.com — Cisco Umbrella Rank: 386565
cdn.hmv.com — Cisco Umbrella Rank: 471575
498 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
region1.google-analytics.com — Cisco Umbrella Rank: 2347
21 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
ade.googlesyndication.com — Cisco Umbrella Rank: 335
1008 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
289 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 585
200 B
2 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5788
7 KB
2 usefathom.com
cdn.usefathom.com — Cisco Umbrella Rank: 22147
3 KB
2 queue-fair.net
files.queue-fair.net — Cisco Umbrella Rank: 376540
13 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2947
22 KB
1 ow.ly
ow.ly — Cisco Umbrella Rank: 120663
235 B
1 t.co
t.co — Cisco Umbrella Rank: 711
547 B
51 11
Domain Requested by
23 hmv.com t.co
hmv.com
cdn.hmv.com
9 cdn.hmv.com hmv.com
cdn.hmv.com
3 www.google-analytics.com www.googletagmanager.com
hmv.com
3 www.googletagmanager.com hmv.com
www.googletagmanager.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 ade.googlesyndication.com 1 redirects hmv.com
2 widget.trustpilot.com hmv.com
widget.trustpilot.com
2 cdn.usefathom.com hmv.com
2 files.queue-fair.net hmv.com
files.queue-fair.net
1 region1.google-analytics.com www.googletagmanager.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 az416426.vo.msecnd.net hmv.com
1 ow.ly 1 redirects
1 t.co
51 14
Subject Issuer Validity Valid
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.hmv.com
Go Daddy Secure Certificate Authority - G2		 2024-04-02 -
2025-05-04		 a year crt.sh
sni19d55gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-21 -
2025-06-21		 a year crt.sh
*.queue-fair.net
AlphaSSL CA - SHA256 - G4		 2024-01-10 -
2025-02-10		 a year crt.sh
cdn.usefathom.com
R3		 2024-05-22 -
2024-08-20		 3 months crt.sh
*.trustpilot.com
Amazon RSA 2048 M03		 2024-01-03 -
2025-01-31		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-04-10 -
2025-04-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://hmv.com/store/prize-draws/ghost-prize-draw
Frame ID: C311741A90F255D0900F1ABB002F9641
Requests: 49 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=47783f4d0000640005020d61
Frame ID: EAD785168642D698D4243BF3E3196C93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found | HMV Store

Page URL History Show full URLs

  1. https://t.co/uo3mTqiHof Page URL
  2. https://ow.ly/AurV50Sbuke HTTP 301
    https://hmv.com/store/prize-draws/ghost-prize-draw Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

51
Requests

98 %
HTTPS

40 %
IPv6

11
Domains

14
Subdomains

14
IPs

4
Countries

855 kB
Transfer

1981 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/uo3mTqiHof Page URL
  2. https://ow.ly/AurV50Sbuke HTTP 301
    https://hmv.com/store/prize-draws/ghost-prize-draw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://ade.googlesyndication.com/ddm/activity/src=12431772;type=counter;cat=hmvst0;ord=7130955554062;npa=1;u1=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw;u2=undefined;u3=undefined;u5=undefined;u6=undefined;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0z8830646585za201zb830646585;gcs=G100;gcd=13q3q3q2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=12431772;dc_pre=CI25r5SK4oYDFfATogMd6n0OCw;type=counter;cat=hmvst0;ord=7130955554062;npa=1;u1=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw;u2=undefined;u3=undefined;u5=undefined;u6=undefined;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0z8830646585za201zb830646585;gcs=G100;gcd=13q3q3q2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
uo3mTqiHof
t.co/ 		230 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/uo3mTqiHof
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
177
content-type
text/html; charset=utf-8
date
Mon, 17 Jun 2024 07:08:38 GMT
expires
Mon, 17 Jun 2024 07:13:38 GMT
perf
7402827104
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
ade1e58c03ccc29b99c7e1534cd1b45f080042b711a0817432e828122547e01b
x-response-time
111
x-transaction-id
d5148179f494fbd7
x-xss-protection
0
Primary Request ghost-prize-draw
hmv.com/store/prize-draws/
Redirect Chain
  • https://ow.ly/AurV50Sbuke
  • https://hmv.com/store/prize-draws/ghost-prize-draw
146 KB
149 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hmv.com/store/prize-draws/ghost-prize-draw
Requested by
Host: t.co
URL: https://t.co/uo3mTqiHof
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c22cade020dd5d406bc745f1c271899a119e79921a1ddebce46df1815782c3a6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://t.co/uo3mTqiHof
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-expose-headers
Request-Context
cache-control
private
content-length
149577
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-type
text/html; charset=utf-8
date
Mon, 17 Jun 2024 07:08:39 GMT
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
x-ua-compatible
IE=Edge

Redirect headers

content-length
0
date
Mon, 17 Jun 2024 07:08:39 GMT
location
https://hmv.com/store/prize-draws/ghost-prize-draw
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
source-sans-pro-regular.woff2
hmv.com/assets/fonts/ 		16 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Origin
https://hmv.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
date
Mon, 17 Jun 2024 07:08:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
last-modified
Wed, 24 Apr 2024 08:15:35 GMT
etag
"9b286a951f96da1:0"
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
font/woff
access-control-allow-origin
https://hmv.com
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
16112
x-ua-compatible
IE=Edge
source-sans-pro-italic.woff2
hmv.com/assets/fonts/ 		15 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/fonts/source-sans-pro-italic.woff2
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29b561a8a01edc4acf52d1c4c763aa21a1b540bc020b92f8bbfaf656b53a02b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Origin
https://hmv.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
date
Mon, 17 Jun 2024 07:08:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
last-modified
Wed, 24 Apr 2024 08:15:35 GMT
etag
"727759951f96da1:0"
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
font/woff
access-control-allow-origin
https://hmv.com
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
15280
x-ua-compatible
IE=Edge
source-sans-pro-semibold.woff2
hmv.com/assets/fonts/ 		16 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/fonts/source-sans-pro-semibold.woff2
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Origin
https://hmv.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
date
Mon, 17 Jun 2024 07:08:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
last-modified
Wed, 24 Apr 2024 08:15:35 GMT
etag
"437778951f96da1:0"
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
font/woff
access-control-allow-origin
https://hmv.com
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
15948
x-ua-compatible
IE=Edge
source-sans-pro-bold.woff2
hmv.com/assets/fonts/ 		15 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/fonts/source-sans-pro-bold.woff2
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Origin
https://hmv.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
date
Mon, 17 Jun 2024 07:08:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
last-modified
Wed, 24 Apr 2024 08:15:35 GMT
etag
"6cc648951f96da1:0"
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
font/woff
access-control-allow-origin
https://hmv.com
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
15764
x-ua-compatible
IE=Edge
main.638495433350598591.css
cdn.hmv.com/assets/css/ 		270 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hmv.com/assets/css/main.638495433350598591.css
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C83) / ASP.NET
Resource Hash
ad018dd39d5c3b0205546bdb43ff90b137dc8bbb9ac46a9d01948fc50a25fa05

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:39 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2024 08:15:16 GMT
server
ECAcc (frc/4C83)
age
4661473
etag
"02bf891f96da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
46328
expires
Wed, 18 Jun 2025 07:08:39 GMT
queue-fair-adapter.js
files.queue-fair.net/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.queue-fair.net/queue-fair-adapter.js
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.175.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.175.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ff6d21d7d3164aabc1b1aa08ddd372628d722d21f5e02e25c299fb80031dee3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:06:48 GMT
content-encoding
br
age
111
x-guploader-uploadid
ACJd0NoKscl8yalVxSw3aPJ3D9_efmLuA9jphGrOJWFk1e7nmxc66GUSC-ydqQ0fsYLZejh2E_sGhFg65Q
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10109
last-modified
Wed, 17 Apr 2024 00:08:24 GMT
server
UploadServer
etag
W/"af1f564476ceb7a5ff099751e6c1ea45"
vary
Accept-Encoding
x-goog-generation
1713312504266485
x-goog-hash
crc32c=w0TMVA==, md5=rx9WRHbOt6X/CZdR5sHqRQ==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=300
x-goog-stored-content-length
22763
accept-ranges
none
content-type
application/javascript
expires
Mon, 17 Jun 2024 07:11:48 GMT
script.js
cdn.usefathom.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.usefathom.com/script.js
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
br
cdn-edgestorageid
1080
x-vapor-base64-encode
True
cdn-cachedat
06/03/2024 13:51:53
cdn-pullzone
506217
last-modified
Thu, 11 Apr 2024 02:47:00 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control
public, max-age=0
cdn-requestid
29bbe0857fdee49f0f9c59f25019dffd
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ftf_popupimage.jpg
cdn.hmv.com/r/w-1400/p-webp/hmv/media/misc/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hmv.com/r/w-1400/p-webp/hmv/media/misc/ftf_popupimage.jpg?height=600&ext=.jpg&width=320
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDE) / ASP.NET
Resource Hash
9e61bebec43f973ea1d1d7ff7baae946d41c9683b080b7e4731c9c806ef1e159

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:39 GMT
last-modified
Fri, 24 May 2024 12:06:30 GMT
server
ECAcc (frc/4CDE)
age
1997179
imageprocessedby
ImageProcessor/2.9.0.207 - ImageProcessor.Web/4.12.0.206
etag
"0x8DC7BE9F236622E"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
content-length
23450
expires
Thu, 18 Jul 2024 07:08:39 GMT
modernizr-custom.638525648790944012.js
cdn.hmv.com/assets/js/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hmv.com/assets/js/lib/modernizr-custom.638525648790944012.js
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE4) / ASP.NET
Resource Hash
e1a0e45c555b7e55fae7b8d7df643c261c7892bd720693cd5200267139726529

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:39 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 07:34:23 GMT
server
ECAcc (frc/4CE4)
age
1639992
etag
"80291aa09ab1da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
2376
expires
Wed, 18 Jun 2025 07:08:39 GMT
main.638525648741538579.js
cdn.hmv.com/assets/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hmv.com/assets/js/main.638525648741538579.js
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD4) / ASP.NET
Resource Hash
441b1d5d78245e26202881c7fb7fdfd03aff3a8aa7c6bebe76808dafdb796f82

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Origin
https://hmv.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 07:34:20 GMT
server
ECAcc (frc/4CD4)
age
1639993
etag
"066509e9ab1da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
4431
expires
Wed, 18 Jun 2025 07:08:40 GMT
logger.js
hmv.com/kentico.resource/activities/kenticoactivitylogger/ 		697 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/kentico.resource/activities/kenticoactivitylogger/logger.js?pageIdentifier=27
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba505fa77f8fd28a44c3a5c369623970424f160a3e488ce9a1cfd7753d329e63
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
date
Mon, 17 Jun 2024 07:08:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
x-content-type-options
nosniff
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private
content-length
514
x-ua-compatible
IE=Edge
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:37:57 GMT
content-encoding
gzip
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P4
age
19844
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6759
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 12:27:20 GMT
server
AmazonS3
etag
"15864ce88fa79a3e954417d0c3396798"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
F9FMuk_vXjZS6Wpjva66wuyI0g7x3xROZ6RxzPY3sV6HeCXWlLZ2_A==
gtm.js
www.googletagmanager.com/ 		318 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MLQPG27
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a32363d03364e89e04f3a1645eb552f8b0d3fef1cc23c95de2d3d5e1342ec6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109184
x-xss-protection
0
last-modified
Mon, 17 Jun 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jun 2024 07:08:40 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
192
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
81aed076-d01e-0001-5884-c012fd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 17 Jun 2024 07:38:40 GMT
queue-fair-settings.js
files.queue-fair.net/hmv/ 		30 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.queue-fair.net/hmv/queue-fair-settings.js
Requested by
Host: files.queue-fair.net
URL: https://files.queue-fair.net/queue-fair-adapter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.175.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.175.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
486489964662d237863f50ac2821bee62d9fbc02f3742f973a9a7d87c4c9457b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:07:07 GMT
content-encoding
br
age
93
x-guploader-uploadid
ABPtcPrhyS1Q4J7PssP04r3vqdZINw4rpAW4YmuNwLuHXlNAr8JvzjQlKA6LxHQSTX9iLOCfyI04Lc2Xvw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1937
last-modified
Sat, 15 Jun 2024 16:03:53 GMT
server
UploadServer
etag
W/"ce58c058f7003c3428483e1fa58bd01b"
vary
Accept-Encoding
x-goog-generation
1718467433888361
x-goog-hash
crc32c=UxXsWw==, md5=zljAWPcAPDQoSD4fpYvQGw==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=300
x-goog-stored-content-length
30531
accept-ranges
none
content-type
application/javascript
expires
Mon, 17 Jun 2024 07:12:07 GMT
icons.svg
hmv.com/assets/img/ 		75 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/img/icons.svg
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b305207df2e12c52a040829b6c5a0945b8841cb041a0b0cb77103c9829e2d67c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
26059
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 24 Apr 2024 08:15:36 GMT
etag
"0c4aa951f96da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
image/svg+xml
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
print.638495433351870977.css
cdn.hmv.com/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hmv.com/assets/css/print.638495433351870977.css
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8C) / ASP.NET
Resource Hash
a231667100f18bdb1dfe8856970a8f2b63219926d9e691eb58264beadb7a54ad

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2024 08:15:16 GMT
server
ECAcc (frc/4C8C)
age
4661473
etag
"02bf891f96da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
1252
expires
Wed, 18 Jun 2025 07:08:40 GMT
source-sans-pro-regular.woff2
cdn.hmv.com/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.hmv.com/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/css/main.638495433350598591.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE9) / ASP.NET
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.hmv.com/assets/css/main.638495433350598591.css
Origin
https://hmv.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
last-modified
Tue, 16 Apr 2024 08:36:55 GMT
server
ECAcc (frc/4CE9)
age
5351164
etag
"7096e23cd98fda1:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
16112
expires
Wed, 18 Jun 2025 07:08:40 GMT
source-sans-pro-semibold.woff2
cdn.hmv.com/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.hmv.com/assets/fonts/source-sans-pro-semibold.woff2
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/css/main.638495433350598591.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) / ASP.NET
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.hmv.com/assets/css/main.638495433350598591.css
Origin
https://hmv.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
last-modified
Tue, 16 Apr 2024 08:36:55 GMT
server
ECAcc (frc/4CC2)
age
5351164
etag
"9de4f03cd98fda1:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
15948
expires
Wed, 18 Jun 2025 07:08:40 GMT
source-sans-pro-bold.woff2
cdn.hmv.com/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.hmv.com/assets/fonts/source-sans-pro-bold.woff2
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/css/main.638495433350598591.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB2) / ASP.NET
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.hmv.com/assets/css/main.638495433350598591.css
Origin
https://hmv.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
last-modified
Tue, 16 Apr 2024 08:36:55 GMT
server
ECAcc (frc/4CB2)
age
5351164
etag
"fde5c53cd98fda1:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
15764
expires
Wed, 18 Jun 2025 07:08:40 GMT
log
hmv.com/kentico.activities/kenticoactivitylogger/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hmv.com/kentico.activities/kenticoactivitylogger/log
Requested by
Host: hmv.com
URL: https://hmv.com/kentico.resource/activities/kenticoactivitylogger/logger.js?pageIdentifier=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
date
Mon, 17 Jun 2024 07:08:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
text/plain
access-control-allow-origin
https://hmv.com
access-control-expose-headers
Request-Context
cache-control
private
content-length
0
x-ua-compatible
IE=Edge
index.html
widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/ Frame EAD7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=47783f4d0000640005020d61
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://hmv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
17785
cache-control
max-age=86400
content-encoding
gzip
content-length
2019
content-type
text/html
date
Mon, 17 Jun 2024 02:12:32 GMT
etag
"15c1a833433e5fb3549558663ab35585"
last-modified
Mon, 08 May 2023 11:42:34 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
x-amz-cf-id
JBA-F2LjLrho0mEF0KA9YNItZVeoORX4NSy8_aQ6VO8yXqL_U_h9wQ==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
983.9f87b31c27f36583f4f6.js
hmv.com/assets/js/ 		9 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/983.9f87b31c27f36583f4f6.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823a960dc0428965c0eda9b96175a84b09b29adbe9da4386284bab1d9c974a1e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
3668
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:34 GMT
etag
"0a1a8a69ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
3190.8b6d774c811c9f830743.js
hmv.com/assets/js/ 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/3190.8b6d774c811c9f830743.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f27843e8ffea8dd9f3cd4af41546becac6dffda2d039680345249d4b5d7f85ad
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
20731
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:31 GMT
etag
"80dddea49ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
6326.3311738ebeb75e57502f.js
hmv.com/assets/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/6326.3311738ebeb75e57502f.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
93279ed9667f1cca4e98f3f630e7977089f89008ad0554e0621638991ab2f62f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
18807
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:32 GMT
etag
"07477a59ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
6298.1034042d0af0a48a95f7.js
hmv.com/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/6298.1034042d0af0a48a95f7.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f3e3c9c6f984232ce4b14be3e2773c274bb9cce5bba1d1197cca5a147dfa4b59
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
2477
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:32 GMT
etag
"07477a59ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
4943.af298bf33e5bb3911beb.js
hmv.com/assets/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/4943.af298bf33e5bb3911beb.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
82106421e4278c39d8b82c38aac06ba3d267b8b6c511ecdd96a48831da291613
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
3582
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:32 GMT
etag
"07477a59ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
9758.3b40107faf0d8bd2dd1d.js
hmv.com/assets/js/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/9758.3b40107faf0d8bd2dd1d.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d77ee5f80b89b41c0ef105a197cb87416ed4adc59803b9e44c716e1a10f8736
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
3438
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:33 GMT
etag
"80a10a69ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
2278.94c246df69b5efe5a563.js
hmv.com/assets/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/2278.94c246df69b5efe5a563.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f74abf840bd300b0887f9d1ef2b9386e0ec38efe1092510f172bf07f6e7d1e30
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
1026
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:31 GMT
etag
"80dddea49ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
5582.a4f93be0cc142602b03d.js
hmv.com/assets/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/5582.a4f93be0cc142602b03d.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4485f361c24df8523aa5d62bc33ddd3e0b7aa13951edab205bb586c209c8daac
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
885
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:32 GMT
etag
"07477a59ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
130.fb34a5532adcb7c88d75.js
hmv.com/assets/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/130.fb34a5532adcb7c88d75.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
605f245846ca8231389e8ce0e1a6257c1c025686859b83547bf1d6c81d4e1cca
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
959
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:31 GMT
etag
"80dddea49ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
9327.feb2cefafe7c5b1d6a58.js
hmv.com/assets/js/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/9327.feb2cefafe7c5b1d6a58.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6bc0902862663dbd0f4d2e6b5d7881c5bc3777de78f863c9a0a48af2f4e363cd
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
1893
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:33 GMT
etag
"80a10a69ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
4813.b4740c4884b263192002.js
hmv.com/assets/js/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/4813.b4740c4884b263192002.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c543195cfebd48653126419cb0b199d2459014e180d7c80eb039e5abd29cc98a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
4484
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:32 GMT
etag
"07477a59ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
4224.93efb0f595ef45474b7e.js
hmv.com/assets/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/4224.93efb0f595ef45474b7e.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
467329aef5f6b7c16840438013fa6944474db090b214f6fbf7ac56712cf163df
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
3147
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:32 GMT
etag
"07477a59ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
6120.b9cf62c3f311ed9f4a92.js
hmv.com/assets/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmv.com/assets/js/6120.b9cf62c3f311ed9f4a92.js
Requested by
Host: cdn.hmv.com
URL: https://cdn.hmv.com/assets/js/main.638525648741538579.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf98de9e1788f42e174807602278525a8c4581ad8abc81fb71458686d0b50ae8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
content-length
1349
x-ua-compatible
IE=Edge
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
last-modified
Wed, 29 May 2024 07:34:32 GMT
etag
"07477a59ab1da1:0"
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public,max-age=31536000
accept-ranges
bytes
/
cdn.usefathom.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.usefathom.com/?h=https%3A%2F%2Fhmv.com&p=%2Fhttperrors%2Fnotfound&r=https%3A%2F%2Ft.co%2F&sid=UZUGLRHV&qs=%7B%7D&cid=19064097
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
cdn-edgestorageid
1082
cdn-cachedat
06/17/2024 07:08:40
cdn-pullzone
506217
content-length
43
pragma
no-cache
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
tk
N
content-type
text/plain; charset=utf-8, image/gif
cdn-cache
MISS
cdn-uid
aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control
public, max-age=0
cdn-requestid
cb90231003035301580e9421cb67f336
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
landing
pagead2.googlesyndication.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13q3q3q2q5&tag_exp=0&rnd=1602172496.1718608120&url=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw&dma_cps=-&dma=1&npa=1&gtm=45He46c0n81MLQPG27v830646585za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLQPG27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 07:08:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLQPG27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Jun 2024 06:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2372
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 17 Jun 2024 08:29:08 GMT
destination
www.googletagmanager.com/gtag/ 		204 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12431772&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLQPG27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
acf76b7b32e6ec403091cc5517ee0e58b4a733ebc373f742b0c13194ab3ef1a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75674
x-xss-protection
0
last-modified
Mon, 17 Jun 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jun 2024 07:08:40 GMT
js
www.googletagmanager.com/gtag/ 		358 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WJW9FR9YBD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLQPG27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85a4d1a39d169f2063022ab44c8143d22f4bde5ca0a8a36f6a16ba20f3ee5a86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
110895
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Jun 2024 07:08:40 GMT
basket
hmv.com/api/ 		431 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmv.com/api/basket?
Requested by
Host: hmv.com
URL: https://hmv.com/assets/js/6298.1034042d0af0a48a95f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cced8320953eaa0488c6151cdac14ba323f4e053fafcfe50c985d36a289e55be
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=Edge
pragma
no-cache
date
Mon, 17 Jun 2024 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
expires
-1
vary
Accept-Encoding
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
application/json; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
no-cache
content-length
381
request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
src=12431772;dc_pre=CI25r5SK4oYDFfATogMd6n0OCw;type=counter;cat=hmvst0;ord=7130955554062;npa=1;u1=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw;u2=undefined;u3=undefined;u5=undefin...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=12431772;type=counter;cat=hmvst0;ord=7130955554062;npa=1;u1=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw;u2=undefined;u3=undefin...
  • https://ade.googlesyndication.com/ddm/activity/src=12431772;dc_pre=CI25r5SK4oYDFfATogMd6n0OCw;type=counter;cat=hmvst0;ord=7130955554062;npa=1;u1=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=12431772;dc_pre=CI25r5SK4oYDFfATogMd6n0OCw;type=counter;cat=hmvst0;ord=7130955554062;npa=1;u1=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw;u2=undefined;u3=undefined;u5=undefined;u6=undefined;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0z8830646585za201zb830646585;gcs=G100;gcd=13q3q3q2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw?
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://hmv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 07:08:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jun 2024 07:08:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=12431772;dc_pre=CI25r5SK4oYDFfATogMd6n0OCw;type=counter;cat=hmvst0;ord=7130955554062;npa=1;u1=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw;u2=undefined;u3=undefined;u5=undefined;u6=undefined;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0z8830646585za201zb830646585;gcs=G100;gcd=13q3q3q2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ftf_popupimage.jpg
cdn.hmv.com/r/w-1400/p-webp/hmv/media/misc/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hmv.com/r/w-1400/p-webp/hmv/media/misc/ftf_popupimage.jpg?height=600&ext=.jpg&width=640
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDE) / ASP.NET
Resource Hash
9e61bebec43f973ea1d1d7ff7baae946d41c9683b080b7e4731c9c806ef1e159

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:08:40 GMT
last-modified
Fri, 24 May 2024 12:06:30 GMT
server
ECAcc (frc/4CDE)
age
1997180
imageprocessedby
ImageProcessor/2.9.0.207 - ImageProcessor.Web/4.12.0.206
etag
"0x8DC7BE9F236622E"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
content-length
23450
expires
Thu, 18 Jul 2024 07:08:40 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WJW9FR9YBD&gtm=45je46c0v875681688z8830646585za200zb830646585&_p=1718608120074&gcs=G100&gcd=13q3q3q2q5&npa=1&dma_cps=-&dma=1&tag_exp=0&gtm_up=1&cid=1103218627.1718608121&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1718608120&sct=1&seg=0&dl=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw&dr=https%3A%2F%2Ft.co%2F&dt=Page%20not%20found%20%7C%20HMV%20Store&en=page_view&_fv=1&_nsi=1&_ss=1&ep.firstPathCategory=prize-draws&ep.secondPathCategory=ghost-prize-draw&up.cdv=&tfd=1795&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WJW9FR9YBD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 07:08:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hmv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1247101495&t=event&ni=1&_s=1&dl=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw&dr=https%3A%2F%2Ft.co%2F&ul=en-gb&de=UTF-8&dt=Page%20not%20found%20%7C%20HMV%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=404&ea=View&el=%2Fstore%2Fprize-draws%2Fghost-prize-draw&_u=YAgAAAABAAAAAAAAAk~&cid=1103218627.1718608121&tid=UA-7975044-1&_gid=307249978.1718608121&gtm=45He46c0n81MLQPG27v830646585za200&gcs=G100&gcd=13q3q3q2q5&dma_cps=-&dma=1&tag_exp=0&npa=1&z=690872447
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 02:28:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16797
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1247101495&t=pageview&_s=1&dl=https%3A%2F%2Fhmv.com%2Fstore%2Fprize-draws%2Fghost-prize-draw&dr=https%3A%2F%2Ft.co%2F&ul=en-gb&de=UTF-8&dt=Page%20not%20found%20%7C%20HMV%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCgAiAABBAAAAAAAAk~&cid=1103218627.1718608121&tid=UA-7975044-1&_gid=1766839676.1718608121&gtm=45He46c0n81MLQPG27v830646585za200&gcs=G100&gcd=13q3q3q2q5&dma_cps=-&dma=1&tag_exp=0&npa=1&z=202010436
Requested by
Host: hmv.com
URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 02:28:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16797
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
df809cda70131154400f16c3ded25d94fbebda5b0f8f93bd16bacc2443eef04b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://hmv.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Mon, 17 Jun 2024 07:08:41 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://hmv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Mon, 17 Jun 2024 07:08:41 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
favicon.ico
hmv.com/ 		7 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hmv.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.93.230.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
480360b7f856426b2179fdd3efa495e9171aed860c392ecc3290f6afc17df100
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmv.com/store/prize-draws/ghost-prize-draw
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:35180e5d-89db-49a4-b4c9-0a52a70d8f80
date
Mon, 17 Jun 2024 07:08:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; img-src 'self' data: https://*.hmv.com https://*.usefathom.com https://*.googleapis.com https://*.addressy.com https://*.brcdn.com https://*.brsrvr.com https://*.cloudfront.net https://*.googletagmanager.com https://*.gstatic.com https://*.msecnd.net https://*.scarabresearch.com https://*.visualstudio.com https://*.worldpay.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.sessioncam.com https://*.facebook.com https://*.google.com https://*.google.co.uk https://*.twitter.com https://hmvliveblobstorage.blob.core.windows.net https://*.emarsys.net https://*.hotjar.com wss://*.hotjar.com https://*.queue-fair.net https://widget.trustpilot.com https://*.klarnaservices.com https://*.klarnacdn.net https://*.simplecast.com https://hmv.com https://*.trustpilot.com https://*.mention-me.com https://mention-me.com https://*.uk.exponea.com https://*.klarna.com https://*.klarnaevt.com https://*.clarity.ms https://*.googlesyndication.com; frame-ancestors
last-modified
Mon, 22 Nov 2021 12:42:40 GMT
etag
"f2c2c86f9edfd71:0"
x-frame-options
ALLOW-FROM storeadmin.hmv.com hmv-live-admin-app-holding.azurewebsites.net
content-type
image/x-icon
access-control-expose-headers
Request-Context
accept-ranges
bytes
content-length
7406
x-ua-compatible
IE=Edge

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| gtag object| dataLayer object| appInsights function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| _toPropertyKey function| _toPrimitive function| defineQueueFair object| queueFair function| QueueFair object| Modernizr object| Trustpilot object| AI object| Microsoft function| __extends function| _endsWith object| fathom object| webpackChunkxxx_xxxxxx object| lazySizesConfig object| lazySizes object| google_tag_manager object| google_tag_data object| __core-js_shared__ object| core string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

7 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: f00835fb-c25e-451e-9c52-cf4d28edeee2
hmv.com/ Name: ASP.NET_SessionId
Value: aqpjunaahz4qwmuze5btzmh4
hmv.com/ Name: __RequestVerificationToken
Value: 137YGcUtlezlrW-qX5uTeaYQfaY17fDFWLq9DSWuAglZlGUQFGZNmpQmpq04J5WWS59207ObA7kQFk-P_vsM73op6F7XE1Q-NJvILvfcZCA1
.hmv.com/ Name: ARRAffinity
Value: 4e55ee305a83398958a97d0a5e2ae693a71dd10181585e8852fb53357b281637
.hmv.com/ Name: ARRAffinitySameSite
Value: 4e55ee305a83398958a97d0a5e2ae693a71dd10181585e8852fb53357b281637
hmv.com/ Name: ai_user
Value: 7TUig|2024-06-17T07:08:40.316Z
hmv.com/ Name: ai_session
Value: u6E9H|1718608120920.6|1718608120920.6

5 Console Messages

Source Level URL
Text
network error URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Message:
The resource https://hmv.com/assets/fonts/source-sans-pro-semibold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Message:
The resource https://hmv.com/assets/fonts/source-sans-pro-regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Message:
The resource https://hmv.com/assets/fonts/source-sans-pro-bold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://hmv.com/store/prize-draws/ghost-prize-draw
Message:
The resource https://hmv.com/assets/fonts/source-sans-pro-italic.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
az416426.vo.msecnd.net
cdn.hmv.com
cdn.usefathom.com
dc.services.visualstudio.com
files.queue-fair.net
hmv.com
ow.ly
pagead2.googlesyndication.com
region1.google-analytics.com
t.co
widget.trustpilot.com
www.google-analytics.com
www.googletagmanager.com
142.250.185.130
172.217.18.2
20.50.88.238
20.93.230.245
2001:4860:4802:32::36
2400:52e0:1e00::1081:1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:80f::2008
2a00:1450:4001:828::200e
34.117.175.203
52.205.82.181
52.222.236.107
52.222.236.71
93.184.221.165
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
29b561a8a01edc4acf52d1c4c763aa21a1b540bc020b92f8bbfaf656b53a02b0
441b1d5d78245e26202881c7fb7fdfd03aff3a8aa7c6bebe76808dafdb796f82
4485f361c24df8523aa5d62bc33ddd3e0b7aa13951edab205bb586c209c8daac
467329aef5f6b7c16840438013fa6944474db090b214f6fbf7ac56712cf163df
480360b7f856426b2179fdd3efa495e9171aed860c392ecc3290f6afc17df100
486489964662d237863f50ac2821bee62d9fbc02f3742f973a9a7d87c4c9457b
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5a32363d03364e89e04f3a1645eb552f8b0d3fef1cc23c95de2d3d5e1342ec6d
605f245846ca8231389e8ce0e1a6257c1c025686859b83547bf1d6c81d4e1cca
6bc0902862663dbd0f4d2e6b5d7881c5bc3777de78f863c9a0a48af2f4e363cd
6d77ee5f80b89b41c0ef105a197cb87416ed4adc59803b9e44c716e1a10f8736
82106421e4278c39d8b82c38aac06ba3d267b8b6c511ecdd96a48831da291613
823a960dc0428965c0eda9b96175a84b09b29adbe9da4386284bab1d9c974a1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a4d1a39d169f2063022ab44c8143d22f4bde5ca0a8a36f6a16ba20f3ee5a86
93279ed9667f1cca4e98f3f630e7977089f89008ad0554e0621638991ab2f62f
9e61bebec43f973ea1d1d7ff7baae946d41c9683b080b7e4731c9c806ef1e159
a231667100f18bdb1dfe8856970a8f2b63219926d9e691eb58264beadb7a54ad
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acf76b7b32e6ec403091cc5517ee0e58b4a733ebc373f742b0c13194ab3ef1a4
ad018dd39d5c3b0205546bdb43ff90b137dc8bbb9ac46a9d01948fc50a25fa05
b305207df2e12c52a040829b6c5a0945b8841cb041a0b0cb77103c9829e2d67c
ba505fa77f8fd28a44c3a5c369623970424f160a3e488ce9a1cfd7753d329e63
c22cade020dd5d406bc745f1c271899a119e79921a1ddebce46df1815782c3a6
c543195cfebd48653126419cb0b199d2459014e180d7c80eb039e5abd29cc98a
cced8320953eaa0488c6151cdac14ba323f4e053fafcfe50c985d36a289e55be
cf98de9e1788f42e174807602278525a8c4581ad8abc81fb71458686d0b50ae8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df809cda70131154400f16c3ded25d94fbebda5b0f8f93bd16bacc2443eef04b
e1a0e45c555b7e55fae7b8d7df643c261c7892bd720693cd5200267139726529
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f27843e8ffea8dd9f3cd4af41546becac6dffda2d039680345249d4b5d7f85ad
f3e3c9c6f984232ce4b14be3e2773c274bb9cce5bba1d1197cca5a147dfa4b59
f74abf840bd300b0887f9d1ef2b9386e0ec38efe1092510f172bf07f6e7d1e30
ff6d21d7d3164aabc1b1aa08ddd372628d722d21f5e02e25c299fb80031dee3d