promos.finning.com Open in urlscan Pro
34.205.248.193 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promos.finning.com/2023loyalty/
Submission: On February 23 via manual (February 23rd 2023, 12:48:30 am UTC) from US — Scanned from CA

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 26 domains to perform 77 HTTP transactions. The main IP is 34.205.248.193, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is promos.finning.com.
TLS certificate: Issued by R3 on February 17th 2023. Valid for: 3 months.

This is the only time promos.finning.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	34.205.248.193 34.205.248.193	14618 (AMAZON-AES) (AMAZON-AES)
2	18.238.4.129 18.238.4.129	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:25c... 2600:9000:25c8:9e00:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
3	2600:1400:d:5... 2600:1400:d:5a5::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
3	13.224.214.46 13.224.214.46	16509 (AMAZON-02) (AMAZON-02)
1	18.238.4.89 18.238.4.89	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
15	13.224.208.206 13.224.208.206	16509 (AMAZON-02) (AMAZON-02)
2	52.219.194.74 52.219.194.74	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
2	35.174.181.225 35.174.181.225	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:9000:25c... 2600:9000:25c8:f800:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
6	18.238.4.10 18.238.4.10	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	13.224.214.105 13.224.214.105	16509 (AMAZON-02) (AMAZON-02)
1	52.201.126.247 52.201.126.247	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.210.217.65 44.210.217.65	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2004	15169 (GOOGLE) (GOOGLE)
1	63.140.38.128 63.140.38.128	14618 (AMAZON-AES) (AMAZON-AES)
1	54.164.38.118 54.164.38.118	14618 (AMAZON-AES) (AMAZON-AES)
1 1	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
1	52.214.4.138 52.214.4.138	16509 (AMAZON-02) (AMAZON-02)
77	32

2 34.205.248.193 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-248-193.compute-1.amazonaws.com

promos.finning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.4.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-129.phl51.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25c8:9e00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1400:d:5a5::1e80 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.214.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-46.phl50.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-89.phl51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.224.208.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-206.phl50.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.194.74 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com

universtd.s3-us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.174.181.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-181-225.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:25c8:f800:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

316283.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.238.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-10.phl51.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-105.phl50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.126.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-126-247.compute-1.amazonaws.com

finning.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.210.217.65 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-217-65.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.128 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-128.data.adobedc.net

finninginternationalinc.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.38.118 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-38-118.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.4.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-4-138.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	3 MB
6	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 25065	82 KB
6	tctm.co 316283.tctm.co	16 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 8356	669 B
3	google.com analytics.google.com — Cisco Umbrella Rank: 315 www.google.com — Cisco Umbrella Rank: 2	809 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	2 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 199 finning.demdex.net	5 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	60 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 368	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 628 script.hotjar.com — Cisco Umbrella Rank: 767 in.hotjar.com — Cisco Umbrella Rank: 1676	72 KB
3	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 8338 js.callrail.com — Cisco Umbrella Rank: 9991	37 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	63 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	194 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	216 B
2	amazonaws.com universtd.s3-us-west-1.amazonaws.com	61 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	136 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 18261	36 KB
2	finning.com 1 redirects promos.finning.com	13 KB
1	google.fr www.google.fr — Cisco Umbrella Rank: 16120	472 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 163	415 B
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 24559	245 B
1	omtrdc.net finninginternationalinc.sc.omtrdc.net	344 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1029	517 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 699	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
77	26

	Domain	Requested by
15	d9hhrg4mnvzow.cloudfront.net	promos.finning.com
6	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
6	316283.tctm.co	assets.adobedtm.com 316283.tctm.co
3	www.google.ca	promos.finning.com
3	bat.bing.com	promos.finning.com bat.bing.com
3	www.google-analytics.com	promos.finning.com www.google-analytics.com
3	assets.adobedtm.com	promos.finning.com assets.adobedtm.com
3	www.googletagmanager.com	promos.finning.com www.googletagmanager.com
2	www.google.com	promos.finning.com
2	www.facebook.com	promos.finning.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	dpm.demdex.net	assets.adobedtm.com promos.finning.com
2	js.callrail.com	cdn.callrail.com
2	universtd.s3-us-west-1.amazonaws.com	promos.finning.com
2	connect.facebook.net	promos.finning.com connect.facebook.net
2	d34qb8suadcc4g.cloudfront.net	promos.finning.com d34qb8suadcc4g.cloudfront.net
2	builder-assets.unbounce.com	promos.finning.com
2	promos.finning.com	1 redirects
1	in.hotjar.com	script.hotjar.com
1	www.google.fr	promos.finning.com
1	www.googleadservices.com	1 redirects
1	events.ub-analytics.com	promos.finning.com
1	finninginternationalinc.sc.omtrdc.net	promos.finning.com
1	analytics.google.com	www.googletagmanager.com
1	cm.everesttech.net	1 redirects
1	finning.demdex.net	assets.adobedtm.com
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	promos.finning.com
1	cdn.callrail.com	promos.finning.com
1	code.jquery.com	promos.finning.com
1	fonts.googleapis.com	promos.finning.com
77	34

This site contains no links.

Subject Issuer	Validity	Valid
promos.finning.com R3	`2023-02-17` - `2023-05-18`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
swappy.callrail.com Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-12-02` - `2023-03-02`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.s3-us-west-1.amazonaws.com Amazon	`2022-09-21` - `2023-08-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.tctm.co Amazon	`2022-09-08` - `2023-10-06`	a year	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2022-11-17` - `2023-12-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-02-22` - `2023-05-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://promos.finning.com/2023loyalty/
Frame ID: 518AEA1DCE4AC5482BEF2964CD3CEB38
Requests: 75 HTTP requests in this frame

Frame: https://finning.demdex.net/dest5.html?d_nsid=0
Frame ID: E2D216704066839C7F8C779CD0D01A50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://promos.finning.com/2023loyalty HTTP 301
https://promos.finning.com/2023loyalty/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

96 %
HTTPS

55 %
IPv6

26
Domains

34
Subdomains

32
IPs

3
Countries

3467 kB
Transfer

4898 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://promos.finning.com/2023loyalty HTTP 301
https://promos.finning.com/2023loyalty/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://cm.everesttech.net/cm/dd?d_uuid=63635397242920171992833643195156945610 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-a32AAAAKhucAN2

Request Chain 69

https://www.googleadservices.com/pagead/conversion/859769411/wcm?cc=ZZ&dn=18883460604&cl=y1WqCMXk8fcDEMOU_JkD&ct_eid=2 HTTP 302
https://www.google.fr/pagead/attribution/wcm?cc=ZZ&dn=18883460604&cl=y1WqCMXk8fcDEMOU_JkD

77 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
promos.finning.com/2023loyalty/
Redirect Chain

https://promos.finning.com/2023loyalty
https://promos.finning.com/2023loyalty/

57 KB
13 KB

28ms
28ms

Document
text/html

34.205.248.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://promos.finning.com/2023loyalty/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.205.248.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-248-193.compute-1.amazonaws.com
Software: /
Resource Hash: 9fdc55e3a7d2978614198b0d2b5b61bf46d8e5c0885f93c19a479a8aa74b1c53

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-length: 12190
content-location: https://promos.finning.com/2023loyalty/
content-type: text/html; charset=utf-8
date: Thu, 23 Feb 2023 00:48:23 GMT
etag: "q:9c99ff02b8e543019173520ad75a47fa"
link: <https://promos.finning.com/2023loyalty/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: 3483a1fc-a422-4199-884e-a471baeda073
x-unbounce-variant: q
x-unbounce-visitorid: 9c99ff02-b8e5-4301-9173-520ad75a47fa

Redirect headers

content-length: 0
date: Thu, 23 Feb 2023 00:48:23 GMT
location: /2023loyalty/
x-proxy-backend: page-server

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 273ms
91ms Stylesheet
text/css 18.238.4.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-129.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 22:03:46 GMT
content-encoding: gzip
via: 1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
x-amz-version-id: _pPW.aj0rRvKjmQKE6Xodu91My8OK0.y
last-modified: Wed, 25 Jan 2023 21:57:41 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 2429078
etag: "331b67168b7dc01e35aa5073125bd928"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2902
x-amz-cf-id: sMhbY2UMrBI-iUBmfHtH86WqOEqnUZEsEdoO7q4_JliGGOVlva-G_w==

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 87ms
38ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;900&display=swap

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f35c0ae7363d59bade0127ac9bf9bdc6592c293d370bac50513933d569801c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Feb 2023 00:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 00:48:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Feb 2023 00:48:23 GMT

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 298ms
96ms Script
application/javascript 2600:9000:25c8:9e00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990112
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:9e00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:20:53 GMT
content-encoding: gzip
via: 1.1 34db9bd11ebdbcc746e357ed5d665244.cloudfront.net (CloudFront)
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 2435252
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1865
x-amz-cf-id: ldX7Qnv8wCeHru_D1HhouwnVYUQUrNp1mVyLH9XE-Jjje9ZOPRR4lQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 127ms
68ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-859769411

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

899be1363041e030aae9093aad872a4b48260a2968aae6c1e662a547dcd5d9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64808
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Feb 2023 00:48:24 GMT

GET
H2 200 launch-EN9846311dea6e4c8c86e0d1de54de9ecc.min.js Show response
assets.adobedtm.com/6771b242b346/cd244dbd9c89/ 178 KB
49 KB 87ms
25ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6771b242b346/cd244dbd9c89/launch-EN9846311dea6e4c8c86e0d1de54de9ecc.min.js
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 87e021a79f45a8638424414a0db6fd238dd31633c04b4edc8b9c62aeba266ba8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: gzip
last-modified: Sat, 19 Nov 2022 01:16:32 GMT
server: AkamaiNetStorage
etag: "c384680f104efa32099c916279b019d6:1668820592.931005"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://promos.finning.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 49918
expires: Thu, 23 Feb 2023 01:48:24 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 94ms
27ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://promos.finning.com/
Origin: https://promos.finning.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15283"
vary: Accept-Encoding
x-hw: 1677113303.dop048.dc2.t,1677113303.cds045.dc2.hn,1677113303.cds218.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 main.bundle-dd3afeb.z.js Show response
builder-assets.unbounce.com/published-js/ 103 KB
33 KB 121ms
115ms Script
application/javascript 18.238.4.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-dd3afeb.z.js
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-129.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd3afeb2f3897a9d12fc3c3fcaef3f1f6f20b017ed10a02a74142a6a853674bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 17:31:52 GMT
content-encoding: gzip
via: 1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
x-amz-version-id: OJCsvnXaeUjQoZawo3Z3P3T3iQNXm6gR
last-modified: Mon, 30 Jan 2023 23:05:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 1926993
etag: "9f98babc326b534fcf51ae9fd8784b17"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33470
x-amz-cf-id: t04tfWjCCGgn-gn6tKJ95gsGpMe-wz1UY8jxoCxRgFdflP_Aaxv3qg==

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/390737907/b067edd811eee7ad4f3d/12/ 35 KB
36 KB 295ms
113ms Script
text/javascript 13.224.214.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/390737907/b067edd811eee7ad4f3d/12/swap.js
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-46.phl50.r.cloudfront.net
Software: /
Resource Hash: f4f1bafbbb0d73f07fedf26f3ed3e28013f57517ef3f1743e006c7ce31fc8c19

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-runtime: 0.012098
date: Thu, 23 Feb 2023 00:48:23 GMT
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: W/"f4f1bafbbb0d73f07fedf26f3ed3e280"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: V3R8pizFoch7bkNgBE3zNxMk2YK2UgjxvQ8xI_F2Gg426JP-_5CNWg==
x-request-id: dce00be0-ccba-4e79-9f2c-58acbc931bac

GET
H2 200 hotjar-162446.js Show response
static.hotjar.com/c/ 9 KB
4 KB 301ms
98ms Script
application/javascript 18.238.4.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-162446.js?sv=6

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-89.phl51.r.cloudfront.net

Software

Resource Hash

af1e62d30f7108633a5703342644e15dab1bd2aef9fcc5793e077b6508dfbcc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 00:48:24 GMT
via: 1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/e1c46fd438d9dc5340a1356e1612fe37
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: SmAj_sprPH4fWMwVVDirN6LxUCQC-K5Pfesrx3qDTbfB5oi8Ysm28A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 76ms
19ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 00:41:43 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 23 Feb 2023 02:41:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 77ms
20ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Feb 2023 00:48:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: aHhVsi9yqx0AunCs12d099s5OqSZxNAtcUjm4jRabInVTqkXmQDuTAN9QTVzo5R+nT3OUocfwR/xUEiTLeL0yg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 70ms
38ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 23 Feb 2023 00:48:23 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7E16545967714EFFB2977ACB140D7419 Ref B: YMQ01EDGE0316 Ref C: 2023-02-23T00:48:23Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
50 KB 97ms
41ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57F3

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab5f47911cde3acb3062d96a1bdae3a224d8bb58c6206eeab5d018865d33ef52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50905
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Feb 2023 00:48:24 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 21840ca9-14may-crc-160.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 2 MB
2 MB 389ms
197ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/21840ca9-14may-crc-160.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc44b295ded16f5200a741ea3d95a04deec53ffae4274b764dc6a9397ee47ad6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: R11WAezPB2alqxawVp3dshi0VNaEWhtf
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "3025117ae64ead91fd60e4df311db1bb"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1637324
x-amz-cf-id: BSVuh7i-fvhgnk3IYqT2QXLw4ukTmaSQutqh-rZe0EwzY31kF36riw==

GET
H/1.1 200
OK UniversLTStd-Light.otf
universtd.s3-us-west-1.amazonaws.com/ 32 KB
33 KB 301ms
118ms Font
binary/octet-stream 52.219.194.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universtd.s3-us-west-1.amazonaws.com/UniversLTStd-Light.otf
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.194.74 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a882a1d3c7979254081fd3f618c1f370ab6f35197a9f4e8101d739e48d7f68be

Request headers

Referer: https://promos.finning.com/
Origin: https://promos.finning.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 00:48:25 GMT
Last-Modified: Mon, 12 Apr 2021 21:39:48 GMT
Server: AmazonS3
x-amz-request-id: MBS0F5TT0E557JTA
ETag: "e93576bbe6e7599d042e2cae1bdba8c4"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD, DELETE, PUT, POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: https://promos.finning.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 32832
x-amz-id-2: tqlxFtfg9ax7qciewIj6oYxYTw2QftM+s1JiWsbBRPYhgEfagtofNe7DkeRwByC6eYndRkAs/iM=

GET
H/1.1 200
OK UniversLTStd-BoldCn.otf
universtd.s3-us-west-1.amazonaws.com/ 27 KB
28 KB 291ms
113ms Font
binary/octet-stream 52.219.194.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universtd.s3-us-west-1.amazonaws.com/UniversLTStd-BoldCn.otf
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.194.74 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 653f377e9136bd4cf7d37ded54e83e7ba0d79a8cb32b3371dec2cfba03394f92

Request headers

Referer: https://promos.finning.com/
Origin: https://promos.finning.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 00:48:25 GMT
Last-Modified: Mon, 12 Apr 2021 21:39:45 GMT
Server: AmazonS3
x-amz-request-id: MBS1RAKM7KHS15XB
ETag: "8de29731a2a1099f808c727450f5dd10"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD, DELETE, PUT, POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: https://promos.finning.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 28012
x-amz-id-2: ENlsqh98yGRdrPFtbCScW1XpFnUtj0g52PJXG2VXrJ8+78D6wCLsSTj5gtPHeP6CcotpcYfemgA=

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 77ms
19ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promos.finning.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 22:47:29 GMT
x-content-type-options: nosniff
age: 525655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 22:47:29 GMT

GET
H2 200 21840ca9-14may-crc-160_11hc0z9000000000000000.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 904 KB
906 KB 487ms
382ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/21840ca9-14may-crc-160_11hc0z9000000000000000.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16b2382933146786f8a8da10d79d43c879155d406fc1ffbdb3340ecf2decc566

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: YGn.whU3sRtcN.CRjvHkEvjE3a9MfUZL
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "c9632646eaec9df38daccb873862009d"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 926139
x-amz-cf-id: SP4du6wZKNvppfDZYVy_prAZk_HRpdSTEgHHP2T5bkP87VgJX1l2eA==

POST
H2 200 swap_session.json Show response
js.callrail.com/group/0/b067edd811eee7ad4f3d/12/ 142 B
642 B 382ms
185ms XHR
application/json 13.224.214.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.callrail.com/group/0/b067edd811eee7ad4f3d/12/swap_session.json
Requested by: Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/390737907/b067edd811eee7ad4f3d/12/swap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-46.phl50.r.cloudfront.net
Software: /
Resource Hash: 8b660dadd99f363ac663e00bf5247da8d8107661583e60afc312b40c2e1028c8

Request headers

Accept: application/json
Referer: https://promos.finning.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

x-runtime: 0.089869
date: Thu, 23 Feb 2023 00:48:24 GMT
via: 1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: W/"8b660dadd99f363ac663e00bf5247da8"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin
x-amz-cf-id: 7_KQgKUTO5QUja1QluwZQJMicwq-9YLPLVwsW8oYTKY-iJMbRqRa6A==
x-request-id: 3e7c06d4-c5c6-4724-96bd-cbe587155353

GET
H2 204 5489151.js Show response
bat.bing.com/p/action/ 0
119 B 65ms
63ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5489151.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 23 Feb 2023 00:48:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76DB9C6A1A994146945FF19C626CC8BE Ref B: YMQ01EDGE0316 Ref C: 2023-02-23T00:48:24Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 40ms
39ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5489151&Ver=2&mid=bb329d05-3f4f-4570-9a33-cd30fdbf4d0b&sid=c6ed6290b31311edb5df9755bb06a08c&vid=c6ed9af0b31311edb5637d4aa48ad65c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&r=&lt=652&evt=pageLoad&sv=1&rn=430380

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Feb 2023 00:48:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E084E11297604F549DB3FD1CB42BF375 Ref B: YMQ01EDGE0316 Ref C: 2023-02-23T00:48:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 786321061548708 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 61ms
60ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/786321061548708?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

379e5aefc15fc90190b931cc76df213deef292e4fbf73d126cdc721d9e63ca9c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Feb 2023 00:48:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 8JcjjqRdxxSmgy3q+O/jbfe5GqtkobKG5TEtkQhoHY2Rg10zdfwwMHS2c/8FSDQLsGyxy5nupQvukmvIUDhj0A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 366 B
1 KB 148ms
36ms XHR
application/json 35.174.181.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B95C9D73578665E37F000101%40AdobeOrg&d_nsid=0&ts=1677113304219

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6771b242b346/cd244dbd9c89/launch-EN9846311dea6e4c8c86e0d1de54de9ecc.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.181.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-181-225.compute-1.amazonaws.com

Software

Resource Hash

cd4d73e97c5099aa20464c6d1fdfaac697d3235bd533425d9209f1bb70c45863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.finning.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-1-v045-0819368d5.edge-va6.demdex.com 11 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: P6U4jz+cSDs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://promos.finning.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 310
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/ 36 KB
13 KB 36ms
19ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6771b242b346/cd244dbd9c89/launch-EN9846311dea6e4c8c86e0d1de54de9ecc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7c9cecd10e7ebe0bd54d4c544d872270d4148922ee896d2ad404dc791ad0ef3a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 18:34:43 GMT
server: AkamaiNetStorage
etag: "d6e076e7d6ae0d567c0f611bee8f9855:1573670083.361234"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://promos.finning.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 13335
expires: Thu, 23 Feb 2023 01:48:24 GMT

GET
H2 200 t.js Show response
316283.tctm.co/ 46 KB
15 KB 435ms
180ms Script
application/x-javascript 2600:9000:25c8:f800:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://316283.tctm.co/t.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6771b242b346/cd244dbd9c89/launch-EN9846311dea6e4c8c86e0d1de54de9ecc.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:f800:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 08c671d7e3a37ad2fcec3469e5504637f24b704d4bf141d3be0492049bdd60e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: gzip
via: 1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
last-modified: Thu, 23 Feb 2023 00:48:24 GMT
server: ctm
x-amz-cf-pop: PHL51-P1
etag: W/63f6b7d80004d37bf14403b4-316283
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: ptJq4LY1zVudy4dUN8NCsb_6cGholZT0X1CI7eWKg5cie6WNhDufSQ==

GET
BLOB 200
OK d4daada4-289a-41f9-8ea1-6df37acaf870
https://promos.finning.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promos.finning.com/d4daada4-289a-41f9-8ea1-6df37acaf870
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-dd3afeb.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 5523
Content-Type: text/css

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 41ms
39ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=536928639&t=pageview&_s=1&dl=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&dp=%2F2023loyalty%2Fq&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=389644194&gjid=1658039943&cid=1612050466.1677113304&tid=UA-96096943-1&_gid=2144316760.1677113304&_r=1&_slc=1&z=1094195390

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promos.finning.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 00:48:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promos.finning.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.ub-assets.com/ 11 KB
1 KB 379ms
133ms Stylesheet
text/css 18.238.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-dd3afeb.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-10.phl51.r.cloudfront.net

Software

Resource Hash

23cdcef626a4110ef75161ec6d0af550a363782a01c995a9a5888149d46cc419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
x-amzn-requestid: ee716707-a172-4824-8d43-0fc3ea3f47bd
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: AxGp5HUFIAMFw0w=
content-length: 800
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-63f6b7d8-38a01e4f7dc9dad03adbbdfd
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: p6lCOL-XzUIaGUV9II_21NF9Gyv8-NynwPX2EET_4g4Wej34BuCxzw==

GET
H2 200 tbpgji-export-finningcatlogo_105201a000000000000000.png
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 4 KB
5 KB 485ms
468ms Image
image/png 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/tbpgji-export-finningcatlogo_105201a000000000000000.png
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86a7da696e866ec3f2ff34c1eb7805e6fe5882987bccff0baa68fa87491e3bbb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: 9C9xIO0hg5A5P1F3C___0JPJmgdb4Vzy
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "0b7094c7c1a440104114aaf308868576"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4438
x-amz-cf-id: AcYvfOFdI-g81eGGtIBhYpCNZwdK0M1AFyCZqCZUod6415Fm0wjYjg==

GET
H2 200 9fd30de5-frame.svg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 1 KB
940 B 485ms
457ms Image
image/svg+xml 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/9fd30de5-frame.svg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8cb74ee3a491198eb13761b8510a231a3e631c9e2eb2b756f059b6be85c7aec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: ..NAxehABYc3SKf.zhta0NiN6cACQrEU
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: W/"157c5f671b492d10551d4fe29184bc00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: b2GuZYsIGJFcCvgTqk1Y8u7wFDcz-gPCLwFkOHlhTI6vFeCBSKp0ww==

GET
H2 200 3rtyav-export-letsdothework_105800z000000000000000.png
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 4 KB
4 KB 486ms
457ms Image
image/png 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/3rtyav-export-letsdothework_105800z000000000000000.png
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57f66f004c6c7c9be2efb010e424cad2c8659c97f36b7e09f4c772939808495b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: OWBlx75vwP4sPSQVMfI2MbsKTzu4QUVS
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "fed7b28df899687a4c2ea70821cccc8f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3828
x-amz-cf-id: vYfrewLpRO7L85vt1KYnUP6IQi-tIaa4RbqHt24c7m5zg0jdGDjt3Q==

GET
H2 200 66a2933c-lf-1_103x03x03s03r002003000.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 4 KB
5 KB 482ms
457ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/66a2933c-lf-1_103x03x03s03r002003000.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f8b46ca720b1e960cf2436629821b7d2c40e0a8df4c5ad6e72991871268afd8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: H7qX0aUVnnyD8RQdn7ybzIkJNuWTGS.P
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "ba26080113c725d4ed693d5352521ad8"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4528
x-amz-cf-id: tk7Xs21qS3Chg1SIRpd5jUtoLsg5fxsG8FFuR_RK2lEKgNlwpcMUiA==

GET
H2 200 7cbe3ed4-lf_104r04r04904900a00a000.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 6 KB
6 KB 480ms
455ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/7cbe3ed4-lf_104r04r04904900a00a000.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8597d39c4a5a19d352385d940a3794263b7935c2011de6b53881a84b5c1dae81

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: .zWsVa5.84kTPBVWS2jolPxcOwUAGJxN
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "bb451c7c0262606dca4e4370488ac3e0"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 5787
x-amz-cf-id: I5EguZA28vk8bCMS_ikIbecqp4cGVNgJ0TvOP4SrZK9cT1DkS9qhTw==

GET
H2 200 5851bba6-lf-3_104i04i04902n00000w000.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 6 KB
6 KB 483ms
458ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/5851bba6-lf-3_104i04i04902n00000w000.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d2bde06a172a85f41a30e24ed2744365659b004aed51b3db59f041aa18a5b7a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: W1NkYQiXQ1jLqmiYxwUrQJZht8jAtxkl
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "43c71d42e67ea95a534c73b0d4020756"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 5975
x-amz-cf-id: Z0jUAdNpNYFGC33leiWayU97-fwbkgZbWVqgJ4P53hH_xu2Coma0fA==

GET
H2 200 07a187a4-ccl_104g03n000000000000000.PNG
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 35 KB
35 KB 483ms
459ms Image
image/png 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/07a187a4-ccl_104g03n000000000000000.PNG
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61ea918e780107b059037653e05167e668b758647bd80b578948ab1e6f148e91

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: XFfpw.jPMo_1_KUHaNdHfF27KNGz1eOZ
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "a805c7fa17f3dd00d6c04c2d91286e13"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 35587
x-amz-cf-id: 03nQs1sWh92_HDz1In293PNxyHLd_5VQim1KAQkseUbki_0CfndJhQ==

GET
H2 200 a85975c9-lf-2_104r04q04b02p00800z000.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 4 KB
5 KB 481ms
458ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/a85975c9-lf-2_104r04q04b02p00800z000.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91e3a70961c13dc4e6627e9da6fd22ed6658f8544719fb52c4ab763b17727e97

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: _xGBZ2FrkVm61p.KIlOP_KHyvF3w5iAO
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "69ed21352c97df316260b283c7b0e492"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4316
x-amz-cf-id: Mz1rhCIfp22ZnydJRidc11QpH1V0iKPZxonb8VgxHDh-Iy4enHfyJg==

GET
H2 200 8d66334f-lf-6_103v03u000000000000000.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 5 KB
5 KB 482ms
459ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/8d66334f-lf-6_103v03u000000000000000.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b2411b31ab8b10ee9b7c373a9db8e73382403418c803b2c7776d4f667d4a4b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: rWtSbkFdjL6x6r6rlcczKfRm2EuV45Bq
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "89c5747600137c7062ccef613d7e2220"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4757
x-amz-cf-id: j7Y7mGsLZEUL_55CguVgT_4vHie_yesgJmP53PH35R3RguIPJc7ACg==

GET
H2 200 c5035ca2-lf-4_104804701t047018000000.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 3 KB
3 KB 481ms
458ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/c5035ca2-lf-4_104804701t047018000000.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7f3aab0b624e496a3965c9993d1b6d237b6acf433ba76f92e546308237dcff3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: IvBTLt_utsTrnFEJ2.xFa5Bd4_m7yBkS
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "89f985dad013de3a9ad7e5aa6a121e7b"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2667
x-amz-cf-id: YMYI7zvf2TjP15OOY5d04Kz5jlkEBab8NXxdAAsBb8hhViax4x-FMw==

GET
H2 200 60a86f7f-lf-5_102k02j023022009009000.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 3 KB
4 KB 482ms
460ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/60a86f7f-lf-5_102k02j023022009009000.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 632ff0d394ae484b3de48d3a1ed4dbadd6bba40e71c51ed0490d60ad3995e2aa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: tm.gpSlciLeHdHrNJGfc_KDcBsiNRDAN
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "7b4cf9c9a8b7b9e69e7837592c46177d"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3360
x-amz-cf-id: yeWc1oUmbL0KUBK2pHbUhsmITMPtM-TaBd2wIua_hyto07eHKzsMnQ==

GET
H2 200 e2891bd9-lf-7_102b02b021020005005000.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 1 KB
2 KB 481ms
460ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/e2891bd9-lf-7_102b02b021020005005000.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 763bf40be004a951eab1140e4ce30c0c64cd8528d68cc8522270a71d6fd33c17

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: D7AK_zG8rGko4_kCLb5tYO3_rrPu1NAB
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "6d326b3d226851eed3672ac3439eb143"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1298
x-amz-cf-id: zjhAMC9U0OToeA2lot6BKrHn1heJsv4arx3yO2f25UqZN64KCqDfqw==

GET
H2 200 24476fa6-lf-9_104004003903900e00e000.jpg
d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/ 3 KB
3 KB 481ms
460ms Image
image/jpeg 13.224.208.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promos.finning.com/2023loyalty/24476fa6-lf-9_104004003903900e00e000.jpg
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.208.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-208-206.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c70aef3a650e1bccdec68e33793ecffb11849499f836d4e3802c754065778619

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
x-amz-version-id: 17kfLM8eXrMoygwWlnqftUiWZLhTeFZt
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 19:54:50 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "74cb218638d4cfe4fdb317dfb88c7ca3"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2640
x-amz-cf-id: Oc57vwFB_61huqWNdUFi9N7L1kav6-8npytKyAIaKlQ2DW61MUQ5zA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
81 KB 37ms
36ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TJ5V8LKHLE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-859769411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f30b418e58030f74e5a2d93edef04990085676f6587e3757f56ea7bb6f389ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Feb 2023 00:48:24 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859769411/ 2 KB
1 KB 179ms
98ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859769411/?random=1677113304315&cv=11&fst=1677113304315&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&auid=874394955.1677113304&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-859769411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78e82624a1ab30830deb0ac3cf1b65f868b215f0966987ca46f468eda1543228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 862
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 101ms
24ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-859769411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Feb 2023 01:48:02 GMT

GET
H2 200 RCfedfb266a3b1497b8452768daa34b133-source.min.js Show response
assets.adobedtm.com/6771b242b346/cd244dbd9c89/255fc7604d83/ 1 KB
839 B 26ms
26ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6771b242b346/cd244dbd9c89/255fc7604d83/RCfedfb266a3b1497b8452768daa34b133-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6771b242b346/cd244dbd9c89/launch-EN9846311dea6e4c8c86e0d1de54de9ecc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0c901778d1d498d64b73dd654d28572618908a3f3112df67a00b284bb7b1b61e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: gzip
last-modified: Sat, 19 Nov 2022 01:16:33 GMT
server: AkamaiNetStorage
etag: "48f25eb8eabf53fb5b8b5caef43f7709:1668820593.603619"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://promos.finning.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 571
expires: Thu, 23 Feb 2023 01:48:24 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 100ms
33ms XHR
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-96096943-1&cid=1612050466.1677113304&jid=389644194&gjid=1658039943&_gid=2144316760.1677113304&_u=KEBAAEAAAAAAACAAI~&z=77226211

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promos.finning.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Feb 2023 00:48:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promos.finning.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 131ms
129ms Script
application/javascript 2600:9000:25c8:9e00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:9e00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:20:53 GMT
content-encoding: gzip
via: 1.1 34db9bd11ebdbcc746e357ed5d665244.cloudfront.net (CloudFront)
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 2435252
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: U5f8_r9k7zklLb3GBUHuBaKhi8aLgH2mX6D-hPgATtFVOd69ZAt3hA==

GET
H2 200 modules.7cafb00353603cadd6c4.js Show response
script.hotjar.com/ 263 KB
67 KB 274ms
89ms Script
application/javascript 13.224.214.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7cafb00353603cadd6c4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-162446.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-105.phl50.r.cloudfront.net

Software

Resource Hash

253bfa7c968b5859efe9fd412e9aec2177575574e639e88eee4ba599bea06be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
age: 31998
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68446
last-modified: Wed, 22 Feb 2023 15:54:32 GMT
etag: "75f1519020fb26b2d79428053cef7ce8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2YfAoDboMGyrlpKh_MWwfqfX9k8aS9AJZKODmNTg3lJgkRl7DvEqpw==

GET
H/1.1 200
OK dest5.html Show response
finning.demdex.net/ Frame E2D2 7 KB
3 KB 117ms
24ms Document
text/html 52.201.126.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://finning.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6771b242b346/cd244dbd9c89/launch-EN9846311dea6e4c8c86e0d1de54de9ecc.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.126.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-126-247.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.finning.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-1-v045-0f2997797.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qggF0fm+TOI=
content-encoding: gzip
date: Thu, 23 Feb 2023 00:48:24 GMT
last-modified: Fri, 10 Feb 2023 12:29:50 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y-a32AAAAKhucAN2
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=63635397242920171992833643195156945610
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-a32AAAAKhucAN2

42 B
940 B

27ms
27ms

Image
image/gif

35.174.181.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-a32AAAAKhucAN2

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

HTTP/1.1

Server

35.174.181.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-181-225.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v045-0bd565926.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: owYPrzTIQRI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-a32AAAAKhucAN2
Date: Thu, 23 Feb 2023 00:48:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 73ms
19ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=786321061548708&ev=PageView&dl=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&rl=&if=false&ts=1677113304446&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677113304444.805994987&it=1677113304184&coo=false&rqm=GET

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Feb 2023 00:48:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
247 B 91ms
36ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TJ5V8LKHLE&gtm=45je32f0&_p=536928639&_gaz=1&cid=1612050466.1677113304&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677113304&sct=1&seg=0&dl=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ5V8LKHLE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 00:48:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promos.finning.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 35ms
32ms Ping
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TJ5V8LKHLE&cid=1612050466.1677113304&gtm=45je32f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ5V8LKHLE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 00:48:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promos.finning.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 107ms
58ms Image
image/gif 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TJ5V8LKHLE&cid=1612050466.1677113304&gtm=45je32f0&aip=1&z=1567905522

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 00:48:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 104ms
46ms Image
image/gif 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-96096943-1&cid=1612050466.1677113304&jid=389644194&_u=KEBAAEAAAAAAACAAI~&z=1827434772

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 00:48:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 80ms
37ms Image
image/gif 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-96096943-1&cid=1612050466.1677113304&jid=389644194&_u=KEBAAEAAAAAAACAAI~&z=1827434772

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 00:48:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icap.js Show response
js.callrail.com/group/0/b067edd811eee7ad4f3d/12/ 22 B
379 B 116ms
113ms Script
text/javascript 13.224.214.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.callrail.com/group/0/b067edd811eee7ad4f3d/12/icap.js?t=1677113304601&GoogleAnalytics__ga=GA1.1.1612050466.1677113304&Facebook__fbp=fb.1.1677113304444.805994987&Custom_AMCV_B95C9D73578665E37F000101%2540AdobeOrg=-432600572%7CMCIDTS%7C19412%7CMCMID%7C64072756188370301672880049670502380530%7CMCAAMLH-1677718104%7C7%7CMCAAMB-1677718104%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1677120504s%7CNONE%7CvVersion%7C4.5.2&ga=GA1.1.1612050466.1677113304&uuid=0cf14ff2-203f-4d34-8edc-e4b4e00552b2&ids%5B%5D=390737907
Requested by: Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/390737907/b067edd811eee7ad4f3d/12/swap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-46.phl50.r.cloudfront.net
Software: /
Resource Hash: 1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-runtime: 0.024744
date: Thu, 23 Feb 2023 00:48:24 GMT
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: W/"1643b5cec44cc597bc2cce3448ce5434"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: T7rNS9TUnMK3uuq-pmMZy9nu9mC586oDfd1ALQdwNQcGUteWxt9KCw==
x-request-id: 17553c5d-c1b8-4e9c-98bd-a4069eab6cf7

GET
H2 200 s83329630976046
finninginternationalinc.sc.omtrdc.net/b/ss/finningallsitesprod/1/JS-2.17.0-LCXS/ 43 B
344 B 103ms
29ms Image
image/gif 63.140.38.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finninginternationalinc.sc.omtrdc.net/b/ss/finningallsitesprod/1/JS-2.17.0-LCXS/s83329630976046?AQB=1&ndh=1&pf=1&t=23%2F1%2F2023%200%3A48%3A24%204%200&mid=64072756188370301672880049670502380530&aamlh=7&ce=UTF-8&ns=finning&g=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&cc=CAD&server=promos.finning.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c4=promos.finning.com&v4=promos.finning.com&c5=external&v5=external&c6=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&v6=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&c14=logged%20out&v22=promos.finning.com1&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=B95C9D73578665E37F000101%40AdobeOrg&AQE=1

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-128.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 00:48:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Feb 2023 00:48:24 GMT
server: jag
etag: 3601573396719108096-4619349294051290569
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 22 Feb 2023 00:48:24 GMT

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 24ms
22ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 16:48:03 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/859769411/ 42 B
154 B 40ms
38ms Image
image/gif 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859769411/?random=1677113304315&cv=11&fst=1677110400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3479048721&rmt_tld=0&ipr=y

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 00:48:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/859769411/ 42 B
154 B 44ms
41ms Image
image/gif 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/859769411/?random=1677113304315&cv=11&fst=1677110400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3479048721&rmt_tld=1&ipr=y

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 00:48:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.ub-assets.com/fonts/s/robotocondensed/v25/ 15 KB
16 KB 360ms
188ms Font
font/woff2 18.238.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-10.phl51.r.cloudfront.net

Software

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700
Origin: https://promos.finning.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 07:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15660
via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 4295211
x-amzn-requestid: 6c1e490e-6611-45cb-8a4c-d098952562f6
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: eNQTEHsXIAMFRRQ=
content-length: 15683
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63b52dad-0f3a0b7412374baf06c1261c
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Gk7N3tKCTXAfuuJv3XjzqtGXL3_fTwNH42Qb2GYrGuofRa4EvVWUhg==

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 334ms
163ms Font
font/woff2 18.238.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-10.phl51.r.cloudfront.net

Software

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700
Origin: https://promos.finning.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15740
via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 3511405
x-amzn-requestid: 2b05f09d-cb61-4d32-9b21-c37038e264e7
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: erJ43HimoAMFq7w=
content-length: 15763
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63c1236b-4a75fd2605bbff5744ca1ce0
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JggUh4aRdYIcdbxUJWRESng2L0e4JoQhvZ-CEOd1MxQM5i89ByYSvA==

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.ub-assets.com/fonts/s/robotocondensed/v25/ 15 KB
16 KB 420ms
253ms Font
font/woff2 18.238.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-10.phl51.r.cloudfront.net

Software

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700
Origin: https://promos.finning.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15700
via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 1422042
x-amzn-requestid: c028c1e0-9861-4487-86d1-3941c1c5fd0c
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: f6233FONoAMF3eg=
content-length: 15723
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63e104fe-2ebf8c2818ebf740281939ff
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8FjCBTILE5pb2CF86pIVBafPRBQJirQg-PY9kxwhqDAHaqEplh5R8g==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 436ms
270ms Font
font/woff2 18.238.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-10.phl51.r.cloudfront.net

Software

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700
Origin: https://promos.finning.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 17:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15860
via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 2185041
x-amzn-requestid: 5dbcc139-aa92-4f4d-9a95-d78e0cc04b73
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: fdwFNFekoAMFSKQ=
content-length: 15883
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63d56087-483b923703f969964d190e9c
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TQe_nu2CC0vJCMXyqVqGix8PRHx5bTKmNZ1WvZq2tmAW_Xkyv4_2yg==

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.ub-assets.com/fonts/s/robotocondensed/v25/ 15 KB
16 KB 444ms
282ms Font
font/woff2 18.238.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-10.phl51.r.cloudfront.net

Software

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto+Condensed:700,regular,300%7CRoboto:300,700
Origin: https://promos.finning.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 12:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15528
via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 4362949
x-amzn-requestid: 60ab0a75-c636-4ee7-a87a-3d62e932475d
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: eKq7BF6qoAMFh7Q=
content-length: 15551
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63b42513-15b4c3b66aa76f6214185d70
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: lHMr7s3iQCi74dx-zn6lAEyNHTp3AV-IwfoeTlaFAojA5Gc2MEy8dg==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 87ms
24ms Image
image/gif 54.164.38.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1677113304698&e=pv&url=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=e2fe858b-7b83-4d8c-b6c3-9439a18dbbcf&dtm=1677113304680&vp=1600x1200&ds=1600x2197&vid=1&sid=7af33163-5115-46b7-92c6-ea413e631ab4&duid=075ebd0b-1177-4308-9bb9-802f6c4a84ac&uid=9c99ff02-b8e5-4301-9173-520ad75a47fa&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMzQ4M2ExZmMtYTQyMi00MTk5LTg4NGUtYTQ3MWJhZWRhMDczIiwidmFyaWFudElkIjoicSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.38.118 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-38-118.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Feb 2023 00:48:24 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.0.9
content-length: 43
content-type: image/gif

GET
H2 200 p.js Show response
316283.tctm.co/ 74 B
445 B 115ms
114ms Script
application/x-javascript 2600:9000:25c8:f800:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://316283.tctm.co/p.js?sid=63f6b7d80004d37bf14403b4&p=1326229.1.888.346.6464&
Requested by: Host: 316283.tctm.co
URL: https://316283.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:f800:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 86d5e165c7f840154195eb0dc20ce53d8b7f3451c8a3d1f3d03b96d4ff617e9d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: gzip
via: 1.1 0d7b07b36f46ce1652b97dbb50107674.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: Ytvo8SR301LQac0EaxwaTr7veHi3Xk9SENV3ZBlLy1udH6KXDsQuQQ==

GET
H2

200

wcm Show response
www.google.fr/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/859769411/wcm?cc=ZZ&dn=18883460604&cl=y1WqCMXk8fcDEMOU_JkD&ct_eid=2
https://www.google.fr/pagead/attribution/wcm?cc=ZZ&dn=18883460604&cl=y1WqCMXk8fcDEMOU_JkD

80 B
472 B

89ms
36ms

XHR
application/json

2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.fr/pagead/attribution/wcm?cc=ZZ&dn=18883460604&cl=y1WqCMXk8fcDEMOU_JkD

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Thu, 23 Feb 2023 00:48:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.fr/pagead/attribution/wcm?cc=ZZ&dn=18883460604&cl=y1WqCMXk8fcDEMOU_JkD
access-control-allow-origin: https://promos.finning.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/162446/ 148 B
323 B 356ms
139ms XHR
application/json 52.214.4.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/162446/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7cafb00353603cadd6c4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.4.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-4-138.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e06e9fa0c40a8cc645b697a45747eb06cb230ca0a48862a26847435d314ab228

Request headers

Referer: https://promos.finning.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 23 Feb 2023 00:48:25 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
18ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=786321061548708&ev=Microdata&dl=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&rl=&if=false&ts=1677113304957&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22http%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=30&fbp=fb.1.1677113304444.805994987&it=1677113304184&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: promos.finning.com
URL: https://promos.finning.com/2023loyalty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Feb 2023 00:48:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=536928639&t=timing&_s=2&dl=https%3A%2F%2Fpromos.finning.com%2F2023loyalty%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1692&pdt=2&dns=0&rrt=166&srt=27&tcp=0&dit=632&clt=632&_gst=490&_gbt=701&_u=KHBAAEABAAAAACAAI~&jid=&gjid=&cid=1612050466.1677113304&tid=UA-96096943-1&_gid=2144316760.1677113304&z=1142012760

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://promos.finning.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 15:06:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34937
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 201 x.json Show response
316283.tctm.co/ 0
373 B 108ms
107ms XHR
text/plain 2600:9000:25c8:f800:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://316283.tctm.co/x.json
Requested by: Host: 316283.tctm.co
URL: https://316283.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:f800:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promos.finning.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 23 Feb 2023 00:48:26 GMT
via: 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: PHL51-P1
access-control-max-age: 2592000
access-control-allow-methods: POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
x-amz-cf-id: IAQKuH3-7kmXmr4kFKRTaHCWF7hvPd7yghEVN-gUOyqifRfx0CqaLw==

POST
H2 201 x.json Show response
316283.tctm.co/ 0
372 B 127ms
127ms XHR
text/plain 2600:9000:25c8:f800:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://316283.tctm.co/x.json
Requested by: Host: 316283.tctm.co
URL: https://316283.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:f800:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promos.finning.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 23 Feb 2023 00:48:26 GMT
via: 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: PHL51-P1
access-control-max-age: 2592000
access-control-allow-methods: POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
x-amz-cf-id: roOfHWSvQshN31MO_wM2r741EfAlPeygPLd3r12fHhjwIEKNE7JOkA==

OPTIONS
H2 201 x.json
316283.tctm.co/ Frame 0
0 243ms
85ms Preflight
text/plain 2600:9000:25c8:f800:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://316283.tctm.co/x.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:f800:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://promos.finning.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
date: Thu, 23 Feb 2023 00:48:25 GMT
server: ctm
via: 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
x-amz-cf-id: _ZcoBL9nz5ZQJ671-rncMO0D9aV9XEM6IsiET03XPUerTnhlR5OGkQ==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

OPTIONS
H2 201 x.json
316283.tctm.co/ Frame 0
0 259ms
102ms Preflight
text/plain 2600:9000:25c8:f800:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://316283.tctm.co/x.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:f800:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://promos.finning.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
date: Thu, 23 Feb 2023 00:48:25 GMT
server: ctm
via: 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
x-amz-cf-id: gGUiQUfVCqSIq0UjhJq0cGISrTWJ-wxRKmJBZSYBYUZ8uHPDCHWw0g==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
promos.finning.com/2023loyalty/	1970-01-20 14:16:50	Name: ubpv Value: q%2C3483a1fc-a422-4199-884e-a471baeda073
promos.finning.com/	1970-01-20 14:11:05	Name: ubvs Value: 9c99ff02-b8e5-4301-9173-520ad75a47fa
.finning.com/	1970-01-20 09:56:12	Name: ubvt Value: v2%7C9c99ff02-b8e5-4301-9173-520ad75a47fa%7C3483a1fc-a422-4199-884e-a471baeda073%3Aq%3Asingle
.finning.com/	1970-01-20 18:37:29	Name: calltrk_referrer Value: direct
.finning.com/	1970-01-20 18:37:29	Name: calltrk_landing Value: https%3A//promos.finning.com/2023loyalty/
.finning.com/	1970-01-20 18:37:29	Name: calltrk_session_id Value: 0cf14ff2-203f-4d34-8edc-e4b4e00552b2
.finning.com/	1970-01-20 09:53:19	Name: _uetsid Value: c6ed6290b31311edb5df9755bb06a08c
.finning.com/	1970-01-20 19:13:29	Name: _uetvid Value: c6ed9af0b31311edb5637d4aa48ad65c
.finning.com/	1970-01-20 09:53:19	Name: _gid Value: GA1.2.2144316760.1677113304
.bing.com/	1970-01-20 19:13:29	Name: MUID Value: 0DE60E9E6DBA6C6030541C5F6C6C6D4C
.bat.bing.com/	1970-01-20 10:01:58	Name: MR Value: 0
.finning.com/	1970-01-20 09:51:53	Name: _gat Value: 1
.finning.com/	1970-01-20 12:01:29	Name: _gcl_au Value: 1.1.874394955.1677113304
.demdex.net/	1970-01-20 14:11:05	Name: demdex Value: 63635397242920171992833643195156945610
.finning.com/	1969-12-31 23:59:59	Name: AMCVS_B95C9D73578665E37F000101%40AdobeOrg Value: 1
.finning.com/	1970-01-20 12:01:29	Name: _fbp Value: fb.1.1677113304444.805994987
.doubleclick.net/	1970-01-20 09:51:54	Name: test_cookie Value: CheckForPermission
.everesttech.net/	1970-01-20 18:37:29	Name: everest_g_v2 Value: g_surferid~Y-a32AAAAKhucAN2
.finning.com/	1970-01-20 19:27:53	Name: _ga_TJ5V8LKHLE Value: GS1.1.1677113304.1.0.1677113304.60.0.0
.finning.com/	1970-01-20 19:27:53	Name: _ga Value: GA1.1.1612050466.1677113304
.dpm.demdex.net/	1970-01-20 14:11:05	Name: dpm Value: 63635397242920171992833643195156945610
.finning.com/	1970-01-20 10:00:28	Name: s_vnum Value: 1677628800645%26vn%3D1
.finning.com/	1970-01-20 09:51:55	Name: s_invisit Value: true
.finning.com/	1969-12-31 23:59:59	Name: s_cc Value: true
316283.tctm.co/	1969-12-31 23:59:59	Name: ct316283 Value: 63f6b7d80004d37bf14403b4
.finning.com/	1970-01-20 19:27:53	Name: AMCV_B95C9D73578665E37F000101%40AdobeOrg Value: -432600572%7CMCIDTS%7C19412%7CMCMID%7C64072756188370301672880049670502380530%7CMCAAMLH-1677718104%7C7%7CMCAAMB-1677718104%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1677120504s%7CNONE%7CMCSYNCSOP%7C411-19419%7CvVersion%7C4.5.2
.finning.com/	1970-01-20 10:35:05	Name: __ctmid Value: 63f6b7d80004d37bf14403b4
promos.finning.com/	1970-01-20 10:35:05	Name: __ctmid Value: 63f6b7d80004d37bf14403b4
.finning.com/	1970-01-20 18:37:29	Name: _hjSessionUser_162446 Value: eyJpZCI6ImZiNWE3MjlhLWM1NDYtNThlYy05ZWZiLTA4MjJiYmQ5MzU0ZiIsImNyZWF0ZWQiOjE2NzcxMTMzMDQ3OTYsImV4aXN0aW5nIjpmYWxzZX0=
.finning.com/	1970-01-20 09:51:55	Name: _hjFirstSeen Value: 1
.finning.com/	1970-01-20 09:51:53	Name: _hjIncludedInSessionSample_162446 Value: 0
.finning.com/	1970-01-20 09:51:55	Name: _hjSession_162446 Value: eyJpZCI6ImEwMjYxODZkLTM1MWYtNDhmYy1hYmViLTU1ZGU3ZGEzZTBlMyIsImNyZWF0ZWQiOjE2NzcxMTMzMDQ4MjEsImluU2FtcGxlIjpmYWxzZX0=
promos.finning.com/	1970-01-20 09:51:53	Name: _hjIncludedInPageviewSample Value: 1
.finning.com/	1970-01-20 09:51:55	Name: _hjAbsoluteSessionInProgress Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

316283.tctm.co
analytics.google.com
assets.adobedtm.com
bat.bing.com
builder-assets.unbounce.com
cdn.callrail.com
cm.everesttech.net
code.jquery.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dpm.demdex.net
events.ub-analytics.com
finning.demdex.net
finninginternationalinc.sc.omtrdc.net
fonts.googleapis.com
fonts.gstatic.com
fonts.ub-assets.com
googleads.g.doubleclick.net
in.hotjar.com
js.callrail.com
promos.finning.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
universtd.s3-us-west-1.amazonaws.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
13.224.208.206
13.224.214.105
13.224.214.46
142.251.40.162
18.238.4.10
18.238.4.129
18.238.4.89
2001:4860:4802:32::181
2001:4de0:ac18::1:a:2a
2600:1400:d:5a5::1e80
2600:9000:25c8:9e00:1d:11cf:5800:93a1
2600:9000:25c8:f800:12:de4a:40:93a1
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80e::2003
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::2008
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::200e
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.205.248.193
35.174.181.225
44.210.217.65
52.201.126.247
52.214.4.138
52.219.194.74
54.164.38.118
63.140.38.128
08c671d7e3a37ad2fcec3469e5504637f24b704d4bf141d3be0492049bdd60e0
0c901778d1d498d64b73dd654d28572618908a3f3112df67a00b284bb7b1b61e
0d2bde06a172a85f41a30e24ed2744365659b004aed51b3db59f041aa18a5b7a
1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d
16b2382933146786f8a8da10d79d43c879155d406fc1ffbdb3340ecf2decc566
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
23cdcef626a4110ef75161ec6d0af550a363782a01c995a9a5888149d46cc419
253bfa7c968b5859efe9fd412e9aec2177575574e639e88eee4ba599bea06be4
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2f8b46ca720b1e960cf2436629821b7d2c40e0a8df4c5ad6e72991871268afd8
379e5aefc15fc90190b931cc76df213deef292e4fbf73d126cdc721d9e63ca9c
3b2411b31ab8b10ee9b7c373a9db8e73382403418c803b2c7776d4f667d4a4b8
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
57f66f004c6c7c9be2efb010e424cad2c8659c97f36b7e09f4c772939808495b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
61ea918e780107b059037653e05167e668b758647bd80b578948ab1e6f148e91
632ff0d394ae484b3de48d3a1ed4dbadd6bba40e71c51ed0490d60ad3995e2aa
653f377e9136bd4cf7d37ded54e83e7ba0d79a8cb32b3371dec2cfba03394f92
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6f30b418e58030f74e5a2d93edef04990085676f6587e3757f56ea7bb6f389ce
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
763bf40be004a951eab1140e4ce30c0c64cd8528d68cc8522270a71d6fd33c17
78e82624a1ab30830deb0ac3cf1b65f868b215f0966987ca46f468eda1543228
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c9cecd10e7ebe0bd54d4c544d872270d4148922ee896d2ad404dc791ad0ef3a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8597d39c4a5a19d352385d940a3794263b7935c2011de6b53881a84b5c1dae81
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86a7da696e866ec3f2ff34c1eb7805e6fe5882987bccff0baa68fa87491e3bbb
86d5e165c7f840154195eb0dc20ce53d8b7f3451c8a3d1f3d03b96d4ff617e9d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87e021a79f45a8638424414a0db6fd238dd31633c04b4edc8b9c62aeba266ba8
899be1363041e030aae9093aad872a4b48260a2968aae6c1e662a547dcd5d9a4
8b660dadd99f363ac663e00bf5247da8d8107661583e60afc312b40c2e1028c8
91e3a70961c13dc4e6627e9da6fd22ed6658f8544719fb52c4ab763b17727e97
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
9fdc55e3a7d2978614198b0d2b5b61bf46d8e5c0885f93c19a479a8aa74b1c53
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a882a1d3c7979254081fd3f618c1f370ab6f35197a9f4e8101d739e48d7f68be
ab5f47911cde3acb3062d96a1bdae3a224d8bb58c6206eeab5d018865d33ef52
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1e62d30f7108633a5703342644e15dab1bd2aef9fcc5793e077b6508dfbcc3
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
c70aef3a650e1bccdec68e33793ecffb11849499f836d4e3802c754065778619
c8cb74ee3a491198eb13761b8510a231a3e631c9e2eb2b756f059b6be85c7aec
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc44b295ded16f5200a741ea3d95a04deec53ffae4274b764dc6a9397ee47ad6
cd4d73e97c5099aa20464c6d1fdfaac697d3235bd533425d9209f1bb70c45863
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
dd3afeb2f3897a9d12fc3c3fcaef3f1f6f20b017ed10a02a74142a6a853674bb
e06e9fa0c40a8cc645b697a45747eb06cb230ca0a48862a26847435d314ab228
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7f3aab0b624e496a3965c9993d1b6d237b6acf433ba76f92e546308237dcff3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35c0ae7363d59bade0127ac9bf9bdc6592c293d370bac50513933d569801c86
f4f1bafbbb0d73f07fedf26f3ed3e28013f57517ef3f1743e006c7ce31fc8c19
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

promos.finning.com Open in urlscan Pro 34.205.248.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

96 %HTTPS

55 %IPv6

26 Domains

34 Subdomains

32 IPs

3 Countries

3467 kBTransfer

4898 kBSize

34 Cookies

0 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

promos.finning.com Open in urlscan Pro
34.205.248.193 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

96 %
HTTPS

55 %
IPv6

26
Domains

34
Subdomains

32
IPs

3
Countries

3467 kB
Transfer

4898 kB
Size

34
Cookies

77 HTTP transactions
1 data transactions