urlscan.io logo urlscan.io
SecurityTrails logo

www.treatwell.com Open in urlscan Pro
52.222.155.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.treatwell-beauty.com/?qs=3fae8a8a53ecae0d486998a096cdb302c6af7a2a6b8c792216b1ea47a4de85b5ce8e20c8a0bae2873ad1d0e17d31...
Effective URL: https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm...
Submission: On January 20 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 29 HTTP transactions. The main IP is 52.222.155.254, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.treatwell.com.
TLS certificate: Issued by Amazon on August 20th 2019. Valid for: a year.
This is the only time www.treatwell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.36.131 22606 (EXACT-7)
1 1 52.30.124.1 16509 (AMAZON-02)
18 52.222.155.254 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.149.215 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.203.166.60 16509 (AMAZON-02)
29 7
1    13.111.36.131 (United States)

ASN22606 (EXACT-7, US)
PTR: click.treatwell-beauty.com
click.treatwell-beauty.com
1    52.30.124.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-124-1.eu-west-1.compute.amazonaws.com
treatwell.onelink.me
18    52.222.155.254 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-155-254.fra53.r.cloudfront.net
www.treatwell.com
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.222.149.215 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-215.fra53.r.cloudfront.net
d20z7gt2aiyw68.cloudfront.net
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    18.203.166.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-166-60.eu-west-1.compute.amazonaws.com
collector.treatwell.com
Domain Requested by
18 www.treatwell.com www.treatwell.com
4 collector.treatwell.com d20z7gt2aiyw68.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net
1 d20z7gt2aiyw68.cloudfront.net www.treatwell.com
1 www.googletagmanager.com www.treatwell.com
1 treatwell.onelink.me 1 redirects
1 click.treatwell-beauty.com 1 redirects
0 freegeoip.net Failed www.treatwell.com
29 9
Subject Issuer Validity Valid
treatwell.com
Amazon		 2019-08-20 -
2020-09-20		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
collector.treatwell.com
Amazon		 2019-06-10 -
2020-07-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
Frame ID: F40B06DBE45A6AE9BCCFCDE1D624B0BE
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.treatwell-beauty.com/?qs=3fae8a8a53ecae0d486998a096cdb302c6af7a2a6b8c792216b1ea47a4de85b5ce8e20c8... HTTP 302
    https://treatwell.onelink.me/32083905?af_dp=treatwell%3A%2F%2Fhome&is_retargeting=true&pid=salesforce-b2c... HTTP 302
    https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

29
Requests

93 %
HTTPS

38 %
IPv6

8
Domains

9
Subdomains

7
IPs

4
Countries

255 kB
Transfer

669 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.treatwell-beauty.com/?qs=3fae8a8a53ecae0d486998a096cdb302c6af7a2a6b8c792216b1ea47a4de85b5ce8e20c8a0bae2873ad1d0e17d315bf034055106d0fd555e HTTP 302
    https://treatwell.onelink.me/32083905?af_dp=treatwell%3A%2F%2Fhome&is_retargeting=true&pid=salesforce-b2c-crm&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&content=footer&utm_source=salesforce-b2c-crm&utm_medium=email&utm_campaign=LDT%7e20012020_CC%7eBE_LG%7eNL_FMT%7eEMAIL_LS%7eLUR_EMT%7eBRA_CN%7eV1-EM1-WINTERBOOST-ACTIVATION&utm_content=LDT%7e20012020_CC%7eBE_LG%7eNL_FMT%7eEMAIL_LS%7eLUR_EMT%7eBRA_CN%7eV1-EM1-WINTERBOOST-ACTIVATION&utm_term=footer_icon_app&sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&sf_ebid=18&sf_ejid=670500&mkt_params= HTTP 302
    https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.treatwell.com/
Redirect Chain
  • https://click.treatwell-beauty.com/?qs=3fae8a8a53ecae0d486998a096cdb302c6af7a2a6b8c792216b1ea47a4de85b5ce8e20c8a0bae2873ad1d0e17d315bf034055106d0fd555e
  • https://treatwell.onelink.me/32083905?af_dp=treatwell%3A%2F%2Fhome&is_retargeting=true&pid=salesforce-b2c-crm&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&co...
  • https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTER...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
938126897c7ca7273c1e65afd9855304776ae7e2180c0a35649b130318db4815

Request headers

:method
GET
:authority
www.treatwell.com
:scheme
https
:path
/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
1758
date
Mon, 20 Jan 2020 20:20:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-encoding
gzip
last-modified
Fri, 19 Jan 2018 13:53:05 GMT
etag
"f6129b5e2315e7eaf19bbb6d0b1cba88"
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53
x-amz-cf-id
lg6-RSFvXcfUmozyX7XP6Hefch4z4UFQE-vfkxzWwXWxOlhelMLDEQ==

Redirect headers

Content-Type
application/octet-stream
Date
Mon, 20 Jan 2020 20:20:06 GMT
Location
https://www.treatwell.com?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
Set-Cookie
af_id=7184f8ea-9769-49ed-a725-eb3ad7a898bb-o;Expires=Wed, 19 Jan 2022 20:20:06 +0000;Domain=onelink.me;Path=/
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
0
Connection
keep-alive
global.css
www.treatwell.com/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.treatwell.com/css/global.css
Requested by
Host: www.treatwell.com
URL: https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50674c2531918dd168c567b0dda573d97d7c777c52736cd76303ed2dff2715bb

Request headers

Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Thu, 24 Oct 2019 09:02:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"b65435a0f833ae2f479950a386cf9711"
x-cache
Miss from cloudfront
content-type
text/css; charset=utf-8
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
5593
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
Ws7-LEjHV8PlWKa9MuXA9IJDnHoNeoKPlF8Z-t1kLcWIWJ7cPs7jcg==
global.js
www.treatwell.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.treatwell.com/js/global.js
Requested by
Host: www.treatwell.com
URL: https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3dacdf968e5f639f37427f034b5a4c61a6f557202affb5d77e64ab19ef70f436

Request headers

Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Tue, 03 Apr 2018 14:56:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"1107ac695baccf1332f01862a3d87de7"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1039
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
wJBWGnMghk4DCBS3vuCHiI-fyxW8TUh7mrCMHwyF4CyJ-478x2xTTQ==
gtm.js
www.googletagmanager.com/ 		318 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K5GQMC&l=dataLayer1
Requested by
Host: www.treatwell.com
URL: https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ba875bdf51eb20c07f25cda63107931c80f9d86f77151a047c4af00db8a55cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:06 GMT
content-encoding
br
last-modified
Mon, 20 Jan 2020 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
59868
x-xss-protection
0
expires
Mon, 20 Jan 2020 20:20:06 GMT
/
freegeoip.net/json/ 		0
0
b2157cee79b8b98f5ea177e06817bdec.js
d20z7gt2aiyw68.cloudfront.net/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d20z7gt2aiyw68.cloudfront.net/b2157cee79b8b98f5ea177e06817bdec.js
Requested by
Host: www.treatwell.com
URL: https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.215 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-215.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12f8c0705cf1f2d8161a4999ac6298c1b7332eb3be07daf0e3f7382c8b96a675

Request headers

Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 19:52:28 GMT
content-encoding
gzip
last-modified
Mon, 08 Jan 2018 10:43:22 GMT
server
AmazonS3
age
20132859
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=315360000
x-amz-cf-pop
FRA53
x-amz-cf-id
P4t_ZYAfZ39FZ8wJ0hBUuKMYBPchEAQ_ioR0Pn_ktFGCaFKurKdopg==
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
shutdown
freegeoip.net/ 		0
0
background.jpg
www.treatwell.com/img/global-background/ 		73 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/global-background/background.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cafd88357d9712a4f1397b7d50182c9876cc236536be3253cba3065a2c98677f

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Thu, 24 Oct 2019 09:03:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"33c87c4a41604ac9b614a2821ff55055"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
46474
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
CDSoS4FV_shHLIXqUPCZxOECmfNRQffHhL1cGY2FjKtAsfd_5bWWLw==
logo-white.svg
www.treatwell.com/img/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/logo-white.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f71cde3b9fd3da4d93ba213eda78bcd3293e51dcf224adf241a1331d6ccbaf7

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"6a11dc47f00825783584e323d2396da1"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
2218
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
IxxQ5bYlMo_E1C2tSDPdsMlM9d1rBAn4G-LB5NnXCuE4MzbtPfXX3A==
flag-be.svg
www.treatwell.com/img/flags/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-be.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
178e7571050788bf78829885630ae911c9e1a49f780a3372987c465bfea7d7c9

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"ea14a19815934d6d39c87489623a7d49"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1082
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
jrCH4WLD04cAtt4ZiXXBI8hZK-4RaWW_JccCiUh5W-HVesYBnbVoHg==
flag-de.svg
www.treatwell.com/img/flags/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-de.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e22ec85d0b1d2b72f74aec843f36ef66ed8639f9ac2b4b52281a3ee692326992

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"8c819bbd74fb734540cb6771562af99f"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1076
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
-pa0lVhpUXE72puOHmhp4Tpt8T8nc2pqzW5T7cXPQMcOZO4wYRsg8g==
flag-es.svg
www.treatwell.com/img/flags/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-es.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc8556161abcb9d2eba0800baf535eb840c229b4392f0be19dca233576d1fa4c

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"4b027c8f72e3101717902220fc1719c5"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1586
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
1TA6ApnfV_5jaJOv3hfYB-8v79HBXFcVXZ1pWNzmHVkivFKtvPA9lQ==
flag-fr.svg
www.treatwell.com/img/flags/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-fr.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d0ef9c209b9fe0a5f1c162a7e3adcb5d06751ed3934ab23db7da62ebf46bdff

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"84b597da4314e3bf5b4a35a56d2e9965"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1080
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
TkoDvzio_TuDnJLiftwkoCo7na-khP4xhfYilo35JgOVksJzxryLbA==
flag-ie.svg
www.treatwell.com/img/flags/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-ie.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
736cd00bfb840a63ea7043fb27ebd19e9dc7c69204e627c60b85760c3dd1b8da

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"21cc38082c27b6d9d1a47008c6891c65"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1083
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
xix3w5CidjfKW8aeQWG-wyiJ9L1H-4gUuVQVU15FpU_8rf6lG6cqXg==
flag-it.svg
www.treatwell.com/img/flags/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-it.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47ad3bf3070a8e2cbb9f9da6674302cd92648066afc72b4958acd584b391be63

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"557987ed9517b228efb7670087af2ad6"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1083
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
nfUvv4RFedYQtE4uOMciZvnmyDNTHbMYc8taSXFDaIURiGwFt5B8zw==
flag-lt.svg
www.treatwell.com/img/flags/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-lt.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f54a32a80710b67a9108f2b2346e1ce17b83e9d235468071d2d76b8d7fcce756

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"e860a05e1c8fbf42a66a77352f98bfd9"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1084
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
arYfXGVSoErl7_6rJc00SzcdoI8TyWIvZKbiNhdJWBiEWV0IpCg9Bw==
flag-nl.svg
www.treatwell.com/img/flags/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-nl.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
571e6f8632458c4f2c18f97cf507ff1b46b621d8eded97d12abd0b6e54e9a415

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"16d4c4a22222eed33788dae5463c66f6"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1081
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
NsrrO2II--Bvj7dIO3oereqSpPRGwhgtviwdkTAYYDPKktMxSEdcxg==
flag-at.svg
www.treatwell.com/img/flags/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-at.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdff5fdae494e587fd5303c1e244bb4b1e5fbccfbdab479fa18836b3b44eacf2

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"6a31173b2fadec647df6017cad35c210"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1073
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
sLyHVZimCS7u9GFyjpN1lByeJLzO4irZUZaOvGM6kGZ5NOSIKabthQ==
flag-ch.svg
www.treatwell.com/img/flags/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-ch.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3baf9c710e20795b59339ca9a13b09625f7678169ea6b271551f77ab44990e3

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"8ba260f6d28cf21e22365c65a7ccc039"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1069
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
SkQy0BwOgfUlyxy-btHiPBtcHyFFJ9DRMbNfdPjPX0aHD5AhRfgmHA==
flag-gb.svg
www.treatwell.com/img/flags/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treatwell.com/img/flags/flag-gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6996252b6b975c91443655fad31df3f184def864cf811079b7c7f7e882078fa4

Request headers

Referer
https://www.treatwell.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 13:54:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"ea41d37d06955721ebb911a3c8660526"
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
content-length
1306
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
x-amz-cf-id
RPgEGSmJRWkrwAbuoJnluWYczMJkSAqMG77orH4p78Sqg16cpkN3SQ==
TreatwellSansWeb-Bold.woff
www.treatwell.com/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.treatwell.com/fonts/TreatwellSansWeb-Bold.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
881aa24c52dc3d458279e461271c171ea3b04d6f492128f0be46bfe510fe712c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.treatwell.com/css/global.css
Origin
https://www.treatwell.com

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53
x-cache
Miss from cloudfront
status
200
content-length
39735
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2017 13:53:59 GMT
server
AmazonS3
etag
"6be16f7bcc883778942e9145f4c6f6ac"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
x-amz-cf-id
F-SAq603DZko4IyG0yX5Qht3-Y1YB24eUsVyLSOqA7CMLorKBA20bA==
TreatwellSansWeb-Regular.woff
www.treatwell.com/fonts/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.treatwell.com/fonts/TreatwellSansWeb-Regular.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.254 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-254.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d694443bd69ff00ee876741c3c91a24a16773c43aa91fcaabd7321b7178d075

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.treatwell.com/css/global.css
Origin
https://www.treatwell.com

Response headers

date
Mon, 20 Jan 2020 20:20:07 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53
x-cache
Miss from cloudfront
status
200
content-length
39167
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2017 13:54:01 GMT
server
AmazonS3
etag
"946e64971a2d923ff1b516f639a6bcde"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate, public
x-amz-cf-id
yp6VKpotWHCsBKpZns0AQexcecWNamNDI9NKiDMoVweOll7i8q7m9g==
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5GQMC&l=dataLayer1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2511
date
Mon, 20 Jan 2020 19:38:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 20 Jan 2020 21:38:15 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=694366922&t=pageview&_s=1&dl=https%3A%2F%2Fwww.treatwell.com%2F%3Fsp_uidh%3DC4F1798022B09492638F46F07E876082B663DEBB%26pid%3Dsalesforce-b2c-crm%26is_retargeting%3Dtrue%26utm_content%3DLDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION%26utm_source%3Dsalesforce-b2c-crm%26content%3Dfooter%26utm_medium%3Demail%26utm_campaign%3DLDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION%26sf_ejid%3D670500%26sf_ebid%3D18%26utm_term%3Dfooter_icon_app%26c%3DLDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Treatwell&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=908553735&gjid=1299025828&cid=1562381290.1579551607&tid=UA-3992576-56&_gid=279634677.1579551607&gtm=2wg181K5GQMC&cg1=homepage&cg2=STANDARD&cg3=STANDARD-WEB&cg4=WEB&cd1=homepage&cd3=STANDARD&cd4=STANDARD-WEB&cd9=home&cd14=1562381290.1579551607&cd29=lg&cd33=None&cd34=sp_uidh%3DC4F1798022B09492638F46F07E876082B663DEBB%26pid%3Dsalesforce-b2c-crm%26is_retargeting%3Dtrue%26utm_content%3DLDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION%26utm_source%3Dsalesforce-b2c-crm%26content%3Dfooter%26utm_medium%3Demail%26utm_campaign%3DLDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION%26sf_ejid%3D670500%26sf_ebid%3D18%26utm_term%3Dfooter_icon_app%26c%3DLDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&z=707497375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5197031
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-3992576-56&cid=1562381290.1579551607&jid=908553735&gjid=1299025828&_gid=279634677.1579551607&_u=YGBAgEAB~&z=1668169776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Mon, 20 Jan 2020 20:20:06 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp2
collector.treatwell.com/com.snowplowanalytics.snowplow/ 		0
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.treatwell.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d20z7gt2aiyw68.cloudfront.net
URL: https://d20z7gt2aiyw68.cloudfront.net/b2157cee79b8b98f5ea177e06817bdec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.166.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-166-60.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.treatwell.com
Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 20 Jan 2020 20:20:06 GMT
Server
Apache-Coyote/1.1
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.treatwell.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
Content-Length
0
tp2
collector.treatwell.com/com.snowplowanalytics.snowplow/ 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.treatwell.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.166.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-166-60.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
Origin
https://www.treatwell.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Mon, 20 Jan 2020 20:20:06 GMT
Server
Apache-Coyote/1.1
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.treatwell.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
0
tp2
collector.treatwell.com/com.snowplowanalytics.snowplow/ 		0
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.treatwell.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d20z7gt2aiyw68.cloudfront.net
URL: https://d20z7gt2aiyw68.cloudfront.net/b2157cee79b8b98f5ea177e06817bdec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.166.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-166-60.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.treatwell.com
Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 20 Jan 2020 20:20:06 GMT
Server
Apache-Coyote/1.1
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.treatwell.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
Content-Length
0
tp2
collector.treatwell.com/com.snowplowanalytics.snowplow/ 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.treatwell.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.166.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-166-60.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.treatwell.com/?sp_uidh=C4F1798022B09492638F46F07E876082B663DEBB&pid=salesforce-b2c-crm&is_retargeting=true&utm_content=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&utm_source=salesforce-b2c-crm&content=footer&utm_medium=email&utm_campaign=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION&sf_ejid=670500&sf_ebid=18&utm_term=footer_icon_app&c=LDT~20012020_CC~BE_LG~NL_FMT~EMAIL_LS~LUR_EMT~BRA_CN~V1-EM1-WINTERBOOST-ACTIVATION
Origin
https://www.treatwell.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Mon, 20 Jan 2020 20:20:06 GMT
Server
Apache-Coyote/1.1
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.treatwell.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
freegeoip.net
URL
https://freegeoip.net/json/
Domain
freegeoip.net
URL
http://freegeoip.net/shutdown

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer1 object| countryCodeMapping object| locatedCountry number| timer undefined| countdown undefined| timerCount function| removeClass function| redirectString object| google_tag_manager function| postscribe object| snowplowQueue undefined| args function| snowplow object| GlobalSnowplowNamespace string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Snowplow

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://d20z7gt2aiyw68.cloudfront.net/b2157cee79b8b98f5ea177e06817bdec.js(Line 33)
Message:
Snowplow: argmap.useLocalStorage is deprecated. Use argmap.stateStorageStrategy instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.treatwell-beauty.com
collector.treatwell.com
d20z7gt2aiyw68.cloudfront.net
freegeoip.net
stats.g.doubleclick.net
treatwell.onelink.me
www.google-analytics.com
www.googletagmanager.com
www.treatwell.com
freegeoip.net
13.111.36.131
18.203.166.60
2a00:1450:4001:81a::200e
2a00:1450:4001:820::2008
2a00:1450:400c:c06::9b
52.222.149.215
52.222.155.254
52.30.124.1
12f8c0705cf1f2d8161a4999ac6298c1b7332eb3be07daf0e3f7382c8b96a675
178e7571050788bf78829885630ae911c9e1a49f780a3372987c465bfea7d7c9
2ba875bdf51eb20c07f25cda63107931c80f9d86f77151a047c4af00db8a55cf
2d694443bd69ff00ee876741c3c91a24a16773c43aa91fcaabd7321b7178d075
3dacdf968e5f639f37427f034b5a4c61a6f557202affb5d77e64ab19ef70f436
47ad3bf3070a8e2cbb9f9da6674302cd92648066afc72b4958acd584b391be63
4f71cde3b9fd3da4d93ba213eda78bcd3293e51dcf224adf241a1331d6ccbaf7
50674c2531918dd168c567b0dda573d97d7c777c52736cd76303ed2dff2715bb
571e6f8632458c4f2c18f97cf507ff1b46b621d8eded97d12abd0b6e54e9a415
6996252b6b975c91443655fad31df3f184def864cf811079b7c7f7e882078fa4
736cd00bfb840a63ea7043fb27ebd19e9dc7c69204e627c60b85760c3dd1b8da
7d0ef9c209b9fe0a5f1c162a7e3adcb5d06751ed3934ab23db7da62ebf46bdff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
881aa24c52dc3d458279e461271c171ea3b04d6f492128f0be46bfe510fe712c
938126897c7ca7273c1e65afd9855304776ae7e2180c0a35649b130318db4815
b3baf9c710e20795b59339ca9a13b09625f7678169ea6b271551f77ab44990e3
cafd88357d9712a4f1397b7d50182c9876cc236536be3253cba3065a2c98677f
cc8556161abcb9d2eba0800baf535eb840c229b4392f0be19dca233576d1fa4c
cdff5fdae494e587fd5303c1e244bb4b1e5fbccfbdab479fa18836b3b44eacf2
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e22ec85d0b1d2b72f74aec843f36ef66ed8639f9ac2b4b52281a3ee692326992
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f54a32a80710b67a9108f2b2346e1ce17b83e9d235468071d2d76b8d7fcce756