www2.webbernaturals.com Open in urlscan Pro
104.198.49.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://webbernaturals.com/
Effective URL:
https://www2.webbernaturals.com/en-us/
Submission: On September 28 via manual (September 28th 2022, 9:09:05 pm UTC) from CA — Scanned from CA

Summary HTTP 188 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 59 IPs in 9 countries across 69 domains to perform 188 HTTP transactions. The main IP is 104.198.49.12, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www2.webbernaturals.com.
TLS certificate: Issued by R3 on August 26th 2022. Valid for: 3 months.

This is the only time www2.webbernaturals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 75	104.198.49.12 104.198.49.12	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:210... 2600:9000:210b:4a00:d:9072:7e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.192.143 151.101.192.143	54113 (FASTLY) (FASTLY)
3	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
1	185.167.164.47 185.167.164.47	198622 (ADFORM) (ADFORM)
3	2606:4700::68... 2606:4700::6812:148a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1b30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1a30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1 7	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
1	169.63.31.200 169.63.31.200	36351 (SOFTLAYER) (SOFTLAYER)
1 12	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
2	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
1 2	174.129.2.117 174.129.2.117	14618 (AMAZON-AES) (AMAZON-AES)
1	23.78.208.213 23.78.208.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.29.117.164 52.29.117.164	16509 (AMAZON-02) (AMAZON-02)
1 1	199.187.193.193 199.187.193.193	47043 (SMARTADSE...) (SMARTADSERVER)
1 2	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
1	63.251.28.234 63.251.28.234	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 2	52.3.138.212 52.3.138.212	14618 (AMAZON-AES) (AMAZON-AES)
1	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
3 3	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
2 3	34.200.191.187 34.200.191.187	14618 (AMAZON-AES) (AMAZON-AES)
3	104.76.100.229 104.76.100.229	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	3.248.26.101 3.248.26.101	16509 (AMAZON-02) (AMAZON-02)
1	52.218.90.19 52.218.90.19	16509 (AMAZON-02) (AMAZON-02)
3 3	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
1	52.20.31.118 52.20.31.118	14618 (AMAZON-AES) (AMAZON-AES)
3 4	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	99.84.37.5 99.84.37.5	16509 (AMAZON-02) (AMAZON-02)
2 3	18.210.31.151 18.210.31.151	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.85.212.104 54.85.212.104	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.161.34.7 18.161.34.7	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	23.52.161.201 23.52.161.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.220.73.72 3.220.73.72	14618 (AMAZON-AES) (AMAZON-AES)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
1	64.58.232.177 64.58.232.177	13649 (ASN-VINS) (ASN-VINS)
3 4	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	104.76.105.133 104.76.105.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
2 2	2600:9000:220... 2600:9000:2209:1200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
3 3	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	52.1.222.188 52.1.222.188	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	44.208.243.83 44.208.243.83	14618 (AMAZON-AES) (AMAZON-AES)
5	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:24e... 2600:9000:24eb:2600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24e... 2600:9000:24eb:f200:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.102.157.158 34.102.157.158	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:141b:900... 2600:141b:9000:59c::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
188	59

75 104.198.49.12 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 12.49.198.104.bc.googleusercontent.com

webbernaturals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www2.webbernaturals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:4a00:d:9072:7e80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.webbernaturals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80b::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.143 (United States)

ASN54113 (FASTLY, US)

s.swiftypecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.47 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:148a (United States)

ASN13335 (CLOUDFLARENET, US)

omnisnippet1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1b30 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.soundestlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1a30 (United States)

ASN13335 (CLOUDFLARENET, US)

wt.soundestlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.167.164.37 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.63.31.200 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c8.1f.3fa9.ip4.static.sl-reverse.com

cc.swiftype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.167.164.49 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.129.2.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-2-117.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.78.208.213 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-208-213.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.117.164 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-117-164.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.193 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.87.114 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.234 (United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.57.31.206 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.138.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-138-212.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.200.191.187 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-191-187.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.76.100.229 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.26.101 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-26-101.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.90.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.212 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.31.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-31-118.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.166 (Secaucus, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.37.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-5.ewr52.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.210.31.151 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-31-151.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.85.212.104 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-212-104.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.161.34.7 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-161-34-7.bos50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.161.201 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.73.72 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-73-72.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.38 (Cranford, United States) 1 redirects

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.177 (United States)

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.33.111 (Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.105.133 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-105-133.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2209:1200:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.246.49 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.222.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-222-188.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.208.243.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-243-83.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24eb:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24eb:f200:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.157.158 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 158.157.102.34.bc.googleusercontent.com

monitoring.getelevar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:9000:59c::1931 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	webbernaturals.com 2 redirects webbernaturals.com www.webbernaturals.com www2.webbernaturals.com	5 MB
20	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 6100 a2.adform.net — Cisco Umbrella Rank: 6023 c1.adform.net — Cisco Umbrella Rank: 614 dmp.adform.net — Cisco Umbrella Rank: 4683	42 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	574 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 393	25 KB
7	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	4 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 869	2 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	283 B
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 456	5 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 428 ib.adnxs.com — Cisco Umbrella Rank: 229	4 KB
4	google.ca www.google.ca — Cisco Umbrella Rank: 8590	692 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	197 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 430	597 B
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 344	2 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2379	3 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3176	1 KB
3	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 524	1 KB
3	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 708	1 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 329	549 B
3	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1041	2 KB
3	soundestlink.com forms.soundestlink.com — Cisco Umbrella Rank: 17455 wt.soundestlink.com — Cisco Umbrella Rank: 18180	3 KB
3	omnisnippet1.com omnisnippet1.com — Cisco Umbrella Rank: 17373	58 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
3	swiftypecdn.com s.swiftypecdn.com — Cisco Umbrella Rank: 8885	149 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 788	20 KB
2	getelevar.com monitoring.getelevar.com — Cisco Umbrella Rank: 84113	697 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 376	720 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 712	1 KB
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 13777	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10667	528 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 727	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 211	2 KB
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 1805	381 B
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 723	718 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 940	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 288	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 282	489 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 6103	694 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 671	829 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 922 pixel.quantserve.com — Cisco Umbrella Rank: 417	11 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	166 KB
1	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 993	550 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 861	754 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1184	120 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1884	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 22260	49 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2614	463 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1039	287 B
1	mookie1.com ib.mookie1.com — Cisco Umbrella Rank: 2485	421 B
1	ib-ibi.com 1 redirects global.ib-ibi.com — Cisco Umbrella Rank: 2109	499 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 935	628 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1523	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 455	644 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 19468	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 686	448 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 515	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 24734	406 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 4438	391 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1477	324 B
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 517	716 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 716	755 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626	669 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 667	664 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 2179	522 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 18561	344 B
1	swiftype.com cc.swiftype.com — Cisco Umbrella Rank: 9967	279 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 129	16 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2945	7 KB
188	69

	Domain	Requested by
74	www2.webbernaturals.com	www2.webbernaturals.com
12	c1.adform.net	1 redirects a2.adform.net c1.adform.net
7	www.google.com	www2.webbernaturals.com www.gstatic.com www.google.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	ct.pinterest.com	s.pinimg.com
5	www.facebook.com	www2.webbernaturals.com
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	www.google.ca	www2.webbernaturals.com
4	connect.facebook.net	www2.webbernaturals.com connect.facebook.net
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	pixel.onaudience.com	3 redirects
3	tags.bluekai.com	c1.adform.net
3	sync.crwdcntrl.net	2 redirects c1.adform.net
3	cm.g.doubleclick.net	3 redirects
3	idsync.rlcdn.com	2 redirects c1.adform.net
3	uipglob.semasio.net	2 redirects c1.adform.net
3	a2.adform.net	1 redirects www2.webbernaturals.com s2.adform.net
3	omnisnippet1.com	www2.webbernaturals.com omnisnippet1.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	www2.webbernaturals.com www.google.com
3	s.swiftypecdn.com	www2.webbernaturals.com s.swiftypecdn.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	monitoring.getelevar.com	www2.webbernaturals.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	s.ad.smaato.net	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	pippio.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	forms.soundestlink.com	omnisnippet1.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www2.webbernaturals.com www.googletagmanager.com
1	pixel.quantserve.com	a2.adform.net
1	pxl.qccerttest.com	a2.adform.net
1	rules.quantcount.com	secure.quantserve.com
1	e1.emxdgt.com	c1.adform.net
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	t.adx.opera.com	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	ib.adnxs.com	1 redirects
1	ib.mookie1.com	c1.adform.net
1	global.ib-ibi.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	tags.rd.linksynergy.com	1 redirects
1	loadm.exelator.com	c1.adform.net
1	bh.contextweb.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	secure.quantserve.com	a2.adform.net
1	a1.seadform.net	www2.webbernaturals.com
1	cc.swiftype.com	www2.webbernaturals.com
1	wt.soundestlink.com	www2.webbernaturals.com
1	analytics.google.com	www.googletagmanager.com
1	s2.adform.net	www2.webbernaturals.com
1	www.googleadservices.com	www.googletagmanager.com
1	netdna.bootstrapcdn.com	www2.webbernaturals.com
1	www.webbernaturals.com	1 redirects
1	webbernaturals.com	1 redirects
188	81

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
www2.webbernaturals.com R3	`2022-08-26` - `2022-11-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
s.swiftypecdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-08` - `2022-10-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.swiftype.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-07` - `2023-06-30`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
monitoring.getelevar.com GTS CA 1D4	`2022-08-12` - `2022-11-10`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www2.webbernaturals.com/en-us/
Frame ID: A87F05C89BFD2B712D4B2A9F4628F998
Requests: 127 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY4kEaAAAAAH0APnUxk1lz3s8WlAFtUoZgMEEj&co=aHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbTo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&theme=light&size=normal&cb=wgvznuz67zr6
Frame ID: 8038F93ADDE8EE339EBF84994FD32636
Requests: 8 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=2080009&lid=98825884&ctype=0&media=0&PageName=.webbernaturals.com%2fen-us%2f&orderid=undefined&sysvars=%7corderid%3dundefined%7c%7c%7c%40%40%7cpid%3dundefined%7cpnm%3dundefined%7c&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ&rnd=1280817975&cpref=&loc=https%3a%2f%2fwww2.webbernaturals.com%2fen-us%2f
Frame ID: A6DEFD37CC69438FD1BF14A3E9CBF036
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Frame ID: 7E9D5DA11009C8209555EC33E77A8DDD
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LcY4kEaAAAAAH0APnUxk1lz3s8WlAFtUoZgMEEj
Frame ID: 65E304C3A97A3D668930C003F4331290
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9D393AE5E471AFB783ECF2106D59A083
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2B4F31922CE33A9E11D334B0943595E3
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: D042540B0A7368CE2ACF0107B348F968
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Webber Naturals US

Page URL History Show full URLs

http://webbernaturals.com/ HTTP 301
https://www.webbernaturals.com/ HTTP 301
https://www2.webbernaturals.com/en-us/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

188
Requests

84 %
HTTPS

27 %
IPv6

69
Domains

81
Subdomains

59
IPs

9
Countries

6248 kB
Transfer

10475 kB
Size

103
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/webbernaturals/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/webbernaturals
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://webbernaturals.com/ HTTP 301
https://www.webbernaturals.com/ HTTP 301
https://www2.webbernaturals.com/en-us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://a2.adform.net/Serving/TrackPoint/?pm=2080009&ADFdivider=|&ord=81666295570&ADFtpmode=2&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ&loc=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2080009&ADFdivider=|&ord=81666295570&ADFtpmode=2&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ&loc=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 119

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=7440553897814294387&Expiration=1665608939 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=7440553897814294387&Expiration=1665608939

Request Chain 122

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=7440553897814294387&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=7440553897814294387&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=39e3925fb3b745eab66518b7d128d206 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=9c09034cd074958054c207826b0b70e802229fab821e23138eca42911405dc2f

Request Chain 123

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=7440553897814294387&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=5182014013067990277

Request Chain 124

https://ups.analytics.yahoo.com/ups/55944/sync?uid=7440553897814294387&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=7440553897814294387&_origin=1&verify=true

Request Chain 126

https://x.bidswitch.net/sync?dsp_id=70&user_id=7440553897814294387 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=7440553897814294387 HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=42ecce68-56d7-4b50-8c63-1160209ad7b8

Request Chain 127

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7440553897814294387&expiration=1665608939 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7440553897814294387&expiration=1665608939&C=1

Request Chain 128

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=7440553897814294387&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=7440553897814294387&sInitiator=external

Request Chain 129

https://ps.eyeota.net/match?uid=7440553897814294387&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=7440553897814294387&bid=9gdtmu1

Request Chain 131

https://idsync.rlcdn.com/398366.gif?partner_uid=7440553897814294387 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNzQ0MDU1Mzg5NzgxNDI5NDM4NxAAGg0I7O_SmQYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=ae04ed45cd9a0aeff839815f5f7cffa8d3fd7886fe32c9e75ad6ed21690383ae791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhZTA0ZWQ0NWNkOWEwYWVmZjgzOTgxNWY1ZjdjZmZhOGQzZmQ3ODg2ZmUzMmM5ZTc1YWQ2ZWQyMTY5MDM4M2FlNzkxNDI2YjU0MTdkY2UyMRAAGgwI7O_SmQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhZTA0ZWQ0NWNkOWEwYWVmZjgzOTgxNWY1ZjdjZmZhOGQzZmQ3ODg2ZmUzMmM5ZTc1YWQ2ZWQyMTY5MDM4M2FlNzkxNDI2YjU0MTdkY2UyMRAAGgwI7O_SmQYSBAgCEABCAEoA&google_gid=CAESEJKjKfvtWVJZ9e_6tKAZYys&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=e179733d-4d89-48a8-bc14-32991113d655

Request Chain 132

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7440553897814294387/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=7440553897814294387/gdpr=/gdpr_consent=

Request Chain 134

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7440553897814294387 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7440553897814294387

Request Chain 135

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 136

https://pixel.onaudience.com/?mapped=7440553897814294387&partner=68 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be25c53d9fee0e78/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=501930c75165aa98d31a4737a29e7934&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=7fa4f2fee4635404

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NzQ0MDU1Mzg5NzgxNDI5NDM4Nw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDry-nZVMB6wyUqOsF5GEYw&google_cver=1&google_ula=1641347,0

Request Chain 139

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=5435012317982400214&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=7440553897814294387

Request Chain 143

https://a.audrte.com/a?adform_uid=7440553897814294387 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEEVVobtU-ZSW3qpdwAQoxy4&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 144

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=7440553897814294387&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=7440553897814294387&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=33554381566737319980389135008899173895&noredirect=1

Request Chain 145

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=7440553897814294387 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214740604288012850834

Request Chain 146

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7148540732801218704

Request Chain 148

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=a0426334-b7ec-4300-890a-6285dcff5b42

Request Chain 149

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=rc1YMWeM1ODEiE5

Request Chain 150

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=27a2657c-4fd7-4c9d-959e-0d0458e2d5dc

Request Chain 151

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=7440553897814294387 HTTP 302
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=7440553897814294387

Request Chain 152

https://id5-sync.com/s/10/0.gif?puid=7440553897814294387 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=7440553897814294387&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/1/2.gif?puid=5435012317982400214&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F10%2F112%2F0%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/10/112/0/3.gif?puid=E7BF6EEB76D3F308&gdpr=0&gdpr_consent=

Request Chain 153

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4060179214 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=R7UvCqPCf33Uxk4xikv70.

Request Chain 155

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7440553897814294387 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7440553897814294387&cs=1

Request Chain 156

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=7440553897814294387 HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=7440553897814294387&cookieCheck=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60139&uid=4d0ada22

Request Chain 157

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=7440553897814294387&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=7440553897814294387&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6ea68e6d-bae0-4805-84da-18945c571c07%252Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253D2007%2526cid%253D6ea68e6d-bae0-4805-84da-18945c571c07&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=27a2657c-4fd7-4c9d-959e-0d0458e2d5dc&ttd_puid=6ea68e6d-bae0-4805-84da-18945c571c07%2Chttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D2007%26cid%3D6ea68e6d-bae0-4805-84da-18945c571c07 HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=6ea68e6d-bae0-4805-84da-18945c571c07

Request Chain 160

https://eb2.3lift.com/xuid?mid=7354&xuid=7440553897814294387&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=7440553897814294387&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

188 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www2.webbernaturals.com/en-us/
Redirect Chain

http://webbernaturals.com/
https://www.webbernaturals.com/
https://www2.webbernaturals.com/en-us/

105 KB
22 KB

357ms
56ms

Document
text/html

104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 708f4dfa4f2359d4b025a53ba593a1042c47d52d4d995537d447ebc144a26537

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=15552000, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Tue, 22 Feb 2022 23:05:03 GMT
link: <https://www2.webbernaturals.com/en-us/wp-json/>; rel="https://api.w.org/" <https://www2.webbernaturals.com/en-us/wp-json/wp/v2/pages/532>; rel="alternate"; type="application/json" <https://www2.webbernaturals.com/en-us/>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 3
x-cache-group: normal
x-cacheable: YES:15552000.000
x-powered-by: WP Engine

Redirect headers

content-length: 0
date: Wed, 28 Sep 2022 21:08:58 GMT
location: https://www2.webbernaturals.com/en-us/
server: CloudFront
via: 1.1 48242c037992a87d34be1f3c114efc0a.cloudfront.net (CloudFront)
x-amz-cf-id: OR0-xP0l4p5sIFlayrU_PgpOhv9lGix0D-Lyhe7gFTFMeHrjSbYy8g==
x-amz-cf-pop: EWR53-C3
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 layerslider.css
www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/css/ 22 KB
4 KB 51ms
43ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.9.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 39eadd1cbab3247462a6e2c98e375d19e3e6e9b7a52bcf5996f396b83e82fc85

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 20:55:27 GMT
server: nginx
etag: W/"6255e73f-5883"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 factors-pim-content-generator-public.css
www2.webbernaturals.com/en-us/wp-content/plugins/factors-pim-content-generator/public/css/ 98 B
292 B 52ms
42ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/factors-pim-content-generator/public/css/factors-pim-content-generator-public.css?ver=1.0.5
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 30 Nov 2018 23:16:17 GMT
server: nginx
etag: W/"5c01c4c1-62"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fg-language-support-public.css
www2.webbernaturals.com/en-us/wp-content/plugins/fg-language-support/public/css/ 98 B
292 B 53ms
43ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/fg-language-support/public/css/fg-language-support-public.css?ver=1.0.3
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 26 Apr 2019 18:13:27 GMT
server: nginx
etag: W/"5cc34a47-62"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 testimonial-rotator-style.css
www2.webbernaturals.com/en-us/wp-content/plugins/testimonial-rotator/ 13 KB
2 KB 54ms
45ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/testimonial-rotator/testimonial-rotator-style.css?ver=6.0.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f5664ebe85adb158bfee2a03e94443ed0ceb23ac870b2ee917a4dd750429ddd3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 19 Jun 2020 19:08:40 GMT
server: nginx
etag: W/"5eed0d38-33bd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/latest/css/ 30 KB
7 KB 61ms
21ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css?ver=6.0.2

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 845
age: 2509424
cdn-cachedat: 06/05/2022 22:17:02
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3c90c0e7bb71d568c3e5a7436be3a8ab
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 751f751a29474bcb-YUL
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
www2.webbernaturals.com/en-us/wp-content/plugins/anythingslider-divi/styles/ 35 KB
3 KB 64ms
55ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/anythingslider-divi/styles/style.min.css?ver=1.6
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ecd8da02fc2e8156d9403ee0c2b6fa9101bb70ed5ace1a1e682ae41c5e5e8069

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Thu, 23 Apr 2020 01:15:29 GMT
server: nginx
etag: W/"5ea0ec31-8da2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 formreset.min.css
www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/legacy/css/ 4 KB
600 B 51ms
43ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.7
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 20:40:10 GMT
server: nginx
etag: W/"632b76aa-f14"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 formsmain.min.css
www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/legacy/css/ 79 KB
13 KB 53ms
44ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.7
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a1072fc5e60a404c249f32eef7ebbeec0722a2fc6ecce393926a39ba8075293

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 20:40:10 GMT
server: nginx
etag: W/"632b76aa-13aba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 readyclass.min.css
www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/legacy/css/ 30 KB
4 KB 64ms
56ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.7
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 20:40:10 GMT
server: nginx
etag: W/"632b76aa-781d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 browsers.min.css
www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/legacy/css/ 8 KB
1 KB 65ms
58ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.7
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 20:40:10 GMT
server: nginx
etag: W/"632b76aa-20d7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gf-form-multicolumn.min.css
www2.webbernaturals.com/en-us/wp-content/plugins/gf-form-multicolumn/includes/public/css/ 2 KB
797 B 66ms
59ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/gf-form-multicolumn/includes/public/css/gf-form-multicolumn.min.css?ver=4.0.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 25fb9eeb871aca7cbbfd071c2516ffd6cdb4342afc0020e0c7fd0f63fe9bb208

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 20:16:20 GMT
server: nginx
etag: W/"62154494-726"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style-static.min.css
www2.webbernaturals.com/en-us/wp-content/themes/Divi/ 799 KB
78 KB 67ms
60ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/Divi/style-static.min.css?ver=4.14.8
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1791c919c7fa56c1612c0a092d2a172deb241e373562eda9991936a4f35d04e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 20:14:05 GMT
server: nginx
etag: W/"6215440d-c7d79"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 divi-bak.css
www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/style/ 8 KB
2 KB 67ms
60ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/style/divi-bak.css?ver=6.0.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d1beb976b79fed135b444a99d9f60c4d116ad5357ff1a72510405eb98cc8f52

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 17 Jul 2020 23:19:57 GMT
server: nginx
etag: W/"5f12321d-20a1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 main.css
www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/ 129 KB
19 KB 68ms
61ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/main.css?ver=20200625
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 82b4bfdd561cfb7f196f08a0b327ce23e2684359daa3e2d98a751c021138e844

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 16:06:41 GMT
server: nginx
etag: W/"6172e191-20370"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/ 3 KB
1 KB 68ms
62ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/style.css?ver=4.14.8
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3b70551fc9dd20fce8a615d7556323cd52bacd97b0cb24c726feafe5f061504a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 17:06:30 GMT
server: nginx
etag: W/"5efb7116-b32"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 greensock.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/js/ 119 KB
42 KB 70ms
64ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0d5d31daf049b4444184f5a7dab253c49bf1ba86b1ce5e182c0ca99dae382804

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 20:55:27 GMT
server: nginx
etag: W/"6255e73f-1dd7f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/jquery/ 87 KB
31 KB 70ms
64ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/jquery/ 11 KB
4 KB 70ms
65ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 layerslider.kreaturamedia.jquery.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/js/ 123 KB
46 KB 83ms
78ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.9.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fef6d1fd3fe4b01f07b669cbd32fbf0eeb611bbd8df226e0ea303ad4aa1fa961

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 20:55:27 GMT
server: nginx
etag: W/"6255e73f-1edce"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 layerslider.transitions.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/js/ 23 KB
3 KB 84ms
79ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.9.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e60fbf0bdc14cbc9e44557e622bdd1864f5556b72b7d9f46e0f039aed2f4840a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 20:55:27 GMT
server: nginx
etag: W/"6255e73f-5d17"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 factors-pim-content-generator-public.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/factors-pim-content-generator/public/js/ 815 B
670 B 84ms
80ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/factors-pim-content-generator/public/js/factors-pim-content-generator-public.js?ver=1.0.5
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0d17fc85d22eb1f6c056ea79c018062eda0f312350c68c836364dc082b9a06bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 30 Nov 2018 23:16:17 GMT
server: nginx
etag: W/"5c01c4c1-32f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jq-sticky-anything.min.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/ 7 KB
2 KB 85ms
80ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js?ver=2.1.1
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a26faad0e000fc66242f75aff308c79232abb99cc2e6dab878c539de3ef8ae94

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Mon, 22 Feb 2021 08:09:26 GMT
server: nginx
etag: W/"603366b6-1d5b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.cycletwo.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/testimonial-rotator/js/ 48 KB
11 KB 89ms
84ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/testimonial-rotator/js/jquery.cycletwo.js?ver=6.0.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ebfeb891f4e96bbf2adf9436124bf49376afa5403c5c702fb2afa7f3b1d4c910

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 19 Jun 2020 19:08:40 GMT
server: nginx
etag: W/"5eed0d38-c197"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.cycletwo.addons.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/testimonial-rotator/js/ 9 KB
3 KB 90ms
85ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/testimonial-rotator/js/jquery.cycletwo.addons.js?ver=6.0.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 969b2cd43674326bed5abfe780bb7604f30cbb7cac699b1fffe7360ce163c9c1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 19 Jun 2020 19:08:40 GMT
server: nginx
etag: W/"5eed0d38-23bf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.json.min.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/js/ 2 KB
1 KB 52ms
47ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.7
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 20:40:10 GMT
server: nginx
etag: W/"632b76aa-730"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gravityforms.min.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/js/ 43 KB
14 KB 53ms
48ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.7
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7524d490c61134e066b3cb0c7ee65a5d791c0f2ad7bfe20f64cae9025eb88c95

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 20:40:10 GMT
server: nginx
etag: W/"632b76aa-ad29"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 114ms
42ms Script
text/javascript 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&ver=6.0.2

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91b729f00e7b893e0b8158d9d786315ed01b763e6b1053d72e2d6abbb906f70e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Wed, 28 Sep 2022 21:08:58 GMT

GET
H2 200 js.cookie.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/fg-language-support/public/js/ 4 KB
2 KB 90ms
86ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/fg-language-support/public/js/js.cookie.js?ver=1.0.3
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 26 Apr 2019 18:13:27 GMT
server: nginx
etag: W/"5cc34a47-f20"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 et-divi-customizer-global.min.css
www2.webbernaturals.com/en-us/wp-content/et-cache/1/12/global/ 6 KB
2 KB 66ms
63ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/et-cache/1/12/global/et-divi-customizer-global.min.css?ver=1661994495
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 29b9445dfd0bb95165e76f2542435847ff61d8cef44bca8fd9c2752844c837eb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Thu, 01 Sep 2022 01:08:15 GMT
server: nginx
etag: W/"631005ff-1850"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webber-naturals-logo.png
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2017/12/ 4 KB
4 KB 79ms
75ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2017/12/webber-naturals-logo.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8d122f2b973f0ce48ab56ef2fdbb48f63332de427dfc58414490a435919b874d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Fri, 14 Feb 2020 00:38:48 GMT
server: nginx
etag: "5e45ec18-e9b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3739

GET
H2 200 mediaelementplayer-legacy.min.css
www2.webbernaturals.com/en-us/wp-includes/js/mediaelement/ 11 KB
3 KB 40ms
40ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
etag: W/"5f735862-2bf8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-mediaelement.min.css
www2.webbernaturals.com/en-us/wp-includes/js/mediaelement/ 4 KB
1 KB 76ms
76ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
etag: W/"5cfaccce-105a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 stickThis.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/ 726 B
550 B 50ms
44ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js?ver=2.1.1
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8fc646c9ba5a91dded24716aec18659da956f775f3342854241fad3a53340f70

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Mon, 22 Feb 2021 08:09:26 GMT
server: nginx
etag: W/"603366b6-2d6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm4wp-form-move-tracker.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
577 B 51ms
43ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.15
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 20:56:07 GMT
server: nginx
etag: W/"6255e767-5a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick.min.js Show response
www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/js/ 41 KB
11 KB 53ms
45ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/js/slick.min.js
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 05 Feb 2020 18:34:25 GMT
server: nginx
etag: W/"5e3b0ab1-a3e1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 site.js Show response
www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/js/ 4 KB
2 KB 54ms
46ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/js/site.js?ver=20181118
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f2b9decde54503efb62eafe0417f7a632658a767b1bf3ca6dedd418bffce2ab7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 05 Feb 2020 18:34:26 GMT
server: nginx
etag: W/"5e3b0ab2-e74"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scripts.min.js Show response
www2.webbernaturals.com/en-us/wp-content/themes/Divi/js/ 267 KB
60 KB 56ms
48ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.8
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e373889e048fa90cffa96d1332c52db160d24ce7a45fbce87327a1b62789bfb7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 20:14:05 GMT
server: nginx
etag: W/"6215440d-42a73"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-bundle.min.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/anythingslider-divi/scripts/ 799 B
619 B 58ms
50ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/anythingslider-divi/scripts/frontend-bundle.min.js?ver=1.6
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 01029da61e6d0f7fb937fbd3a680a43fde5fd7b8d63c33f75d8d9d3502adf996

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Thu, 23 Apr 2020 01:15:29 GMT
server: nginx
etag: W/"5ea0ec31-31f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 regenerator-runtime.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/dist/vendor/ 6 KB
3 KB 59ms
51ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
etag: W/"6254194e-194b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-polyfill.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/dist/vendor/ 19 KB
7 KB 60ms
52ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
etag: W/"6254194e-4ac6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dom-ready.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/dist/ 498 B
536 B 63ms
55ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
etag: W/"6254194e-1f2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hooks.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/dist/ 5 KB
2 KB 63ms
56ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
etag: W/"6254194e-132e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 i18n.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/dist/ 10 KB
4 KB 64ms
57ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
server: nginx
etag: W/"625596ef-27ee"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 a11y.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/dist/ 2 KB
1 KB 64ms
58ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
etag: W/"6254194e-9cc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 placeholders.jquery.min.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/js/ 5 KB
2 KB 80ms
76ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.7
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 20:40:10 GMT
server: nginx
etag: W/"632b76aa-121f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 common.js Show response
www2.webbernaturals.com/en-us/wp-content/themes/Divi/core/admin/js/ 1 KB
797 B 65ms
59ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.8
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 20:14:05 GMT
server: nginx
etag: W/"6215440d-53f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fg-language-support-public.js Show response
www2.webbernaturals.com/en-us/wp-content/plugins/fg-language-support/public/js/ 967 B
776 B 66ms
59ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/fg-language-support/public/js/fg-language-support-public.js?ver=1.0.3
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 27503ddaec84374dc5ad660408f920cd53396e409b2d270cf756be84d4a9fdce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 26 Apr 2019 18:13:27 GMT
server: nginx
etag: W/"5cc34a47-3c7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mediaelement-and-player.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/mediaelement/ 154 KB
38 KB 66ms
60ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
etag: W/"5f735862-267aa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mediaelement-migrate.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/mediaelement/ 1 KB
759 B 66ms
60ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
etag: W/"625095f6-4a7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-mediaelement.min.js Show response
www2.webbernaturals.com/en-us/wp-includes/js/mediaelement/ 906 B
684 B 67ms
61ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
server: nginx
etag: W/"60083196-38a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 salvattore.js Show response
www2.webbernaturals.com/en-us/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 8 KB
4 KB 67ms
62ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.14.8
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 20:14:05 GMT
server: nginx
etag: W/"6215440d-217e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.fitvids.js Show response
www2.webbernaturals.com/en-us/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
1 KB 68ms
62ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.8
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 20:14:05 GMT
server: nginx
etag: W/"6215440d-d15"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 easypiechart.js Show response
www2.webbernaturals.com/en-us/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 9 KB
3 KB 49ms
44ms Script
application/javascript 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.14.8
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 20:14:05 GMT
server: nginx
etag: W/"6215440d-2466"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 292 KB
91 KB 131ms
60ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJBPQHG

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d24e751bb90d41ba88ce38ce55a38a038d5a67b765ef3224af9fdc3fde096e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 21:08:58 GMT

GET
H/1.1 200
OK st.js Show response
s.swiftypecdn.com/install/v2/ 416 KB
110 KB 81ms
12ms Script
text/javascript 151.101.192.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/install/v2/st.js
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 046ebed195f3cf6307fac7f7424add330105fb27efdd4f7bae86f671bb29c25f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 21:08:58 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 6
X-Cache: HIT
Connection: keep-alive
Content-Length: 112251
X-Served-By: cache-yul12820-YUL
X-Timer: S1664399339.861370,VS0,VE1
ETag: "62cc4715-1b67b"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, public, max-age=300, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 flag-us.png
www2.webbernaturals.com/wp-content/themes/divi-language-tunnel/blocks/images/language-tunnel/ 11 KB
11 KB 80ms
77ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/wp-content/themes/divi-language-tunnel/blocks/images/language-tunnel/flag-us.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/wp-content/et-cache/1/12/global/et-divi-customizer-global.min.css?ver=1661994495
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 085ba87f031e5e0f214f0639664d7ab891fd214c4c55d4b4a33949cd0586ab10

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/wp-content/et-cache/1/12/global/et-divi-customizer-global.min.css?ver=1661994495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Fri, 15 Nov 2019 18:43:33 GMT
server: nginx
etag: "5dcef1d5-2c43"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11331

GET
H2 200 modules.ttf
www2.webbernaturals.com/en-us/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
91 KB 80ms
78ms Font
application/octet-stream 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/wp-content/themes/Divi/style-static.min.css?ver=4.14.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer: https://www2.webbernaturals.com/en-us/wp-content/themes/Divi/style-static.min.css?ver=4.14.8
Origin: https://www2.webbernaturals.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Tue, 22 Feb 2022 20:14:05 GMT
server: nginx
etag: "6215440d-168f0"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 92400

GET
H2 200 ProximaNova-Reg-webfont-1.ttf
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/et-fonts/ 49 KB
49 KB 85ms
83ms Font
application/octet-stream 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/et-fonts/ProximaNova-Reg-webfont-1.ttf
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: dd48137224e044b6ab3c88ab9913a94ef68b18192c2c78b06f0cb1532add1e76

Request headers

Referer: https://www2.webbernaturals.com/en-us/
Origin: https://www2.webbernaturals.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Thu, 12 Mar 2020 18:06:10 GMT
server: nginx
etag: "5e6a7a12-c4c4"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 50372

GET
H2 200 Family-Icon-1.png
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2018/07/ 2 KB
2 KB 58ms
57ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2018/07/Family-Icon-1.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 93e7341b5998f2934033620754d7310914a0c651e0d068877068260b7c3bbc42

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Fri, 14 Feb 2020 00:39:22 GMT
server: nginx
etag: "5e45ec3a-723"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1827

GET
H2 200 Sustainability-Icon-1.png
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2018/07/ 2 KB
2 KB 54ms
40ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2018/07/Sustainability-Icon-1.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1c587032520027584f9abe7845afe1e9242516dbe1d13a524cd11745409fcf13

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Fri, 14 Feb 2020 00:39:22 GMT
server: nginx
etag: "5e45ec3a-763"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1891

GET
H2 200 RD-Icon.png
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2018/07/ 2 KB
2 KB 62ms
49ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2018/07/RD-Icon.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3718626b95a3a7a17eafc80c592985d5e53e1fcd971579d3e45a96daca348bf0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Fri, 14 Feb 2020 00:39:22 GMT
server: nginx
etag: "5e45ec3a-8f0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2288

GET
H2 200 3279_WN_USAEHR.png
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/04/ 742 KB
743 KB 63ms
50ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/04/3279_WN_USAEHR.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4a89beaadf9953c65c58f08575835047e9584d851dc35ecfe9ec93cb1c70dbe6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Tue, 07 Apr 2020 18:05:01 GMT
server: nginx
etag: "5e8cc0cd-b96ae"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 759470

GET
H2 200 5054_WN_USAEHR.png
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/04/ 753 KB
754 KB 63ms
50ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/04/5054_WN_USAEHR.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28a7fd8107e3934841f79c68e307eecf378da37d970824b5f4de8d374505f4c2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Tue, 07 Apr 2020 17:49:07 GMT
server: nginx
etag: "5e8cbd13-bc44c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 771148

GET
H2 200 3808_WN_USAEHR.png
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/04/ 1 MB
1 MB 64ms
51ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/04/3808_WN_USAEHR.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 33cf0cc839d21a448ef2afe8c19407bb2877f84d8e4cc2b7081f3404a5ae94d7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Tue, 07 Apr 2020 18:03:13 GMT
server: nginx
etag: "5e8cc061-1160d0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1138896

GET
H2 200 wn-home-leaf-banner.jpg
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2018/01/ 87 KB
87 KB 42ms
40ms Image
image/jpeg 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2018/01/wn-home-leaf-banner.jpg
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6eca378f40199e69150e1b5f8ee4130aa718b99b6c4a6b2617bb865ed986d11d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Fri, 14 Feb 2020 00:38:49 GMT
server: nginx
etag: "5e45ec19-15ace"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 88782

GET
H2 200 How-to-Eat-in-Fall-and-Winter-Traditional-Chinese-Medicine-768x480.jpg
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2016/11/ 51 KB
51 KB 51ms
46ms Image
image/jpeg 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2016/11/How-to-Eat-in-Fall-and-Winter-Traditional-Chinese-Medicine-768x480.jpg
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f55af0638f9533b4d3da6e334482541fba872a11f072748c661e3ab476e85b8f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
last-modified: Fri, 14 Feb 2020 00:38:48 GMT
server: nginx
etag: "5e45ec18-cc7b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 52347

GET
H2 200 style.min.css
www2.webbernaturals.com/en-us/wp-includes/css/dist/block-library/ 87 KB
12 KB 44ms
43ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:58 GMT
content-encoding: br
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
server: nginx
etag: W/"62c2d8bd-15b64"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H/1.1 200
OK s6zuo7sXPdg82n-fRtsU.json Show response
s.swiftypecdn.com/install/v2/config/ 20 KB
5 KB 321ms
296ms XHR
application/json 151.101.192.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://s.swiftypecdn.com/install/v2/config/s6zuo7sXPdg82n-fRtsU.json

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.143 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6dc7acc25d1001832826e95e47619f07872ed995f5fe1fe073327a3ff0940f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www2.webbernaturals.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Swiftype-Backend-Region: dal
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Age: 0
Status: 200 OK
Connection: keep-alive
X-Swiftype-Backend-Datacenter: dal10
X-Served-By: cache-yul12827-YUL
Referrer-Policy: strict-origin-when-cross-origin
X-Swiftype-Backend-Node: app-website02b.dal10
X-Timer: S1664399339.083109,VS0,VE286
ETag: W/"11754971ec22ebdd0a365288febc0862"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
Vary: Accept-Encoding, Origin
X-Rack-Cache: pass
X-Cache-Hits: 0
Date: Wed, 28 Sep 2022 21:08:59 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: MISS
Content-Length: 4328
X-XSS-Protection: 1; mode=block
X-Request-Id: a61073945a65411797765507fed29bfe
X-Runtime: 0.072194
Last-Modified: Fri, 05 Jul 2019 19:02:24 GMT
X-Download-Options: noopen
Access-Control-Max-Age: 7200
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 21 KB
22 KB 70ms
21ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.webbernaturals.com/
Origin: https://www2.webbernaturals.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 20:41:10 GMT
x-content-type-options: nosniff
age: 174469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21516
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 20:41:10 GMT

GET
H2 200 Museo_Slab_500.otf
www2.webbernaturals.com/wp-content/uploads/sites/2/et-fonts/ 61 KB
61 KB 40ms
40ms Font
application/octet-stream 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/wp-content/uploads/sites/2/et-fonts/Museo_Slab_500.otf
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/main.css?ver=20200625
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8b285af29d1fc1c13a29d7aa7e907d48eb3f82b396410874f8bec890c535718c

Request headers

Referer: https://www2.webbernaturals.com/en-us/wp-content/themes/webbernaturals/main.css?ver=20200625
Origin: https://www2.webbernaturals.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
last-modified: Tue, 30 Jan 2018 21:59:30 GMT
server: nginx
etag: "5a70eac2-f2e4"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 62180

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 22 KB
22 KB 82ms
38ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.webbernaturals.com/
Origin: https://www2.webbernaturals.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 20:10:29 GMT
x-content-type-options: nosniff
age: 176310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22084
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 20:10:29 GMT

GET
H2 200 WN-blueberry-smoothie.jpg
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/07/ 82 KB
83 KB 40ms
40ms Image
image/jpeg 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/07/WN-blueberry-smoothie.jpg
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: cfc8340169b69046bedd04fa39e9209257a5bf2307fa869edc7b25aadac16d29

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
last-modified: Wed, 22 Jul 2020 19:48:03 GMT
server: nginx
etag: "5f1897f3-149b4"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 84404

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ 389 KB
156 KB 71ms
21ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&ver=6.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.webbernaturals.com/
Origin: https://www2.webbernaturals.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158844
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 21:05:35 GMT

GET
H2 200 skin.css
www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/skins/v6/ 6 KB
1 KB 40ms
40ms Stylesheet
text/css 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/skins/v6/skin.css
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 25f4e79a4fa0b14b5c8f0f6420a993414b66bbae0f3b5294dc87ec329fb47810

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 20:55:27 GMT
server: nginx
etag: W/"6255e73f-164a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 WN-blog-5-Essential-Nutrients-for-Your-Body-CAN-20150805-e1531412404575.jpg
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2018/12/ 29 KB
29 KB 40ms
40ms Image
image/jpeg 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2018/12/WN-blog-5-Essential-Nutrients-for-Your-Body-CAN-20150805-e1531412404575.jpg
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 841c97435eec7298609db62fd941f42706405fc24954dbb48757641a8f6e16f3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
last-modified: Fri, 14 Feb 2020 00:39:28 GMT
server: nginx
etag: "5e45ec40-7266"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 29286

GET
H2 200 webber-naturals-logo-white-300x40.png
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2019/05/ 2 KB
2 KB 78ms
77ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2019/05/webber-naturals-logo-white-300x40.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ed5a67b0a0df92331381cdd07b439e4a30e2e6c76ee4733bda85476fb501c68c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
last-modified: Fri, 14 Feb 2020 00:39:35 GMT
server: nginx
etag: "5e45ec47-7ea"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2026

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
19ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJBPQHG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 20:34:58 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 2041
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 28 Sep 2022 22:34:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 72ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Sep 2022 21:08:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: USeJbcUuwVVzVCso0PQvROqnc+g1cr0Zk+vM62M5sDbQPHMa7BCjY4xylLoTF9o5Ur7BKZD3hLQOiws30bjbOA==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 114ms
57ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJBPQHG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15699
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 21:08:59 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 78 KB
30 KB 124ms
34ms Script
application/javascript 185.167.164.47
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.47 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: faa7c5a62d21d645024e4385c3dfaf01614dffb80b2f51e9aa07b3a35a2c5090

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 11:35:31 GMT
server: nginx
x-amz-request-id: tx00000000000000299d45c-00633340c4-328fb259-default
etag: W/"64271612f9771203ff18d1de033d1b31"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
75 KB 44ms
43ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WWY5ELT4Y7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJBPQHG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53454f2bedb1ccee7f36a8eb8cd6eda905501be5b440bf3d2798f4c7b197155a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 21:08:59 GMT

GET
H2 200 launcher-v2.js Show response
omnisnippet1.com/inshop/ 56 KB
15 KB 78ms
36ms Script
application/javascript 2606:4700::6812:148a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omnisnippet1.com/inshop/launcher-v2.js

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:148a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

679fbb530d75150701e044c22e3f32684815e8e8401b032bbc0f7dbadc35b5fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 2019
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 20 Sep 2022 14:32:18 GMT
server: cloudflare
etag: W/"6329cef2-de42"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 751f751eed71ca4f-YUL
expires: Wed, 28 Sep 2022 20:49:21 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8038 43 KB
23 KB 99ms
53ms Document
text/html 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY4kEaAAAAAH0APnUxk1lz3s8WlAFtUoZgMEEj&co=aHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbTo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&theme=light&size=normal&cb=wgvznuz67zr6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8c45853cd167dccc8122777bb25f955cf20db14e97c32db902934958466e7210

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ManxeXKPvGTtnfhP70aPrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.webbernaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23154
content-security-policy: script-src 'report-sample' 'nonce-ManxeXKPvGTtnfhP70aPrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:08:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
analytics.google.com/g/ 0
353 B 75ms
32ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WWY5ELT4Y7&gtm=2oe9q0&_p=1805909400&_gaz=1&cid=599313823.1664399339&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664399339&sct=1&seg=0&dl=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&dt=Home%20%7C%20Webber%20Naturals%20US&en=page_view&_fv=1&_nsi=1&_ss=1&up.visitor_type=guest
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WWY5ELT4Y7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.webbernaturals.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
353 B 87ms
33ms Ping
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WWY5ELT4Y7&cid=599313823.1664399339&gtm=2oe9q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WWY5ELT4Y7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.webbernaturals.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 109ms
38ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WWY5ELT4Y7&cid=599313823.1664399339&gtm=2oe9q0&aip=1&z=1399778614

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 76ms
33ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&aip=1&a=1805909400&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Webber%20Naturals%20US&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAAC~&jid=594924972&gjid=790613588&cid=599313823.1664399339&tid=UA-513731-2&_gid=684554756.1664399339&_r=1&gtm=2wg9q0WJBPQHG&z=1020955858

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.webbernaturals.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.webbernaturals.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK new_embed-91517c1e71e10890e4017d4c45b2dcd307c1d94998b851abdeefd8780de40d90.css
s.swiftypecdn.com/assets/ 89 KB
34 KB 11ms
11ms Stylesheet
text/css 151.101.192.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/assets/new_embed-91517c1e71e10890e4017d4c45b2dcd307c1d94998b851abdeefd8780de40d90.css
Requested by: Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 91517c1e71e10890e4017d4c45b2dcd307c1d94998b851abdeefd8780de40d90

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Cache-Hits: 54469
Date: Wed, 28 Sep 2022 21:08:59 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 2598265
X-Cache: HIT
Connection: keep-alive
Content-Length: 33983
X-Served-By: cache-yul12820-YUL
X-Timer: S1664399339.423336,VS0,VE0
ETag: "62b9d076-84bf"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Expires: Tue, 29 Aug 2023 19:24:34 GMT

GET
H3 200 1453545201494769 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 110ms
88ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1453545201494769?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af144d801e8f268d5be2cd3c58c288615d3bc91d62d0ce8c77a24c69262d529a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Sep 2022 21:08:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: BdPvNEzD9el+ih23MDudgcTt8byyDrZwptB1Zup4wi9zP6MPEcJOo8o3tlyQZ7RTGwigIPkBz60ZVmktbjzjww==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 getSettings Show response
forms.soundestlink.com/REST/inShop/v1/ 7 KB
2 KB 134ms
89ms Script
application/json 2606:4700::6812:1b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.soundestlink.com/REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=www2.webbernaturals.com&shopType=api&brandID=610adccfca12af001aa93171

Requested by

Host: omnisnippet1.com
URL: https://omnisnippet1.com/inshop/launcher-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83a19cc610ec4ba44c257648d9e37dd586ed575283840f4db56a562ac136b3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 28 Sep 2022 21:08:59 GMT
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=0, s-maxage=600, public
x-envoy-upstream-service-time: 8
cf-ray: 751f751fc81e4bca-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 event
wt.soundestlink.com/REST/webTracking/v1/ 42 B
252 B 109ms
67ms Image
image/gif 2606:4700::6812:1a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wt.soundestlink.com/REST/webTracking/v1/event?timestamp=1664399339437&brandID=610adccfca12af001aa93171&shopType=api&shopHostname=www2.webbernaturals.com&url=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&title=Home%20%7C%20Webber%20Naturals%20US&anonymousID=nwqFxO7PB7oJMW-20220928210859&sessionID=ACnnFNuMKwINmP-20220928210859&type=pageview

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
content-type: image/gif
x-envoy-upstream-service-time: 1
cf-ray: 751f751fc9d37154-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842512717/ 2 KB
2 KB 119ms
69ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842512717/?random=1664399339439&cv=9&fst=1664399339439&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&tiba=Home%20%7C%20Webber%20Naturals%20US&auid=844551895.1664399339&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee28e03b8f607089d34f9b9eb571966a5469cb952e421e28fbe5468df228453a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1023
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2080009&ADFdivider=|&ord=81666295570&ADFtpmode=2&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2080009&ADFdivider=|&ord=81666295570&ADFtpmode=2&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLm...

1 KB
1 KB

19ms
19ms

Script
text/javascript

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2080009&ADFdivider=|&ord=81666295570&ADFtpmode=2&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ&loc=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6d8b66b8bca26493903664c91cc3cdb87cd4dfef1631d0fc6180c9e0e980febd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1029
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2080009&ADFdivider=|&ord=81666295570&ADFtpmode=2&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ&loc=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
DATA 200
OK truncated
/ 396 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c698a536c0c176d91ae63d64f02939e0ed00922e77608a5db1636e7887372514

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 8038 52 KB
24 KB 61ms
20ms Stylesheet
text/css 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY4kEaAAAAAH0APnUxk1lz3s8WlAFtUoZgMEEj&co=aHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbTo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&theme=light&size=normal&cb=wgvznuz67zr6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 21:08:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 8038 389 KB
155 KB 60ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158844
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 20:59:32 GMT

GET
H2 200 icon-muted-white.png
www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/img/ 4 KB
4 KB 41ms
40ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/img/icon-muted-white.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.9.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2fcb192d0b85ddff74aa60a001e7b3360bafe23b627ee02320e3fe7ad73cda2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.9.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
last-modified: Tue, 12 Apr 2022 20:55:27 GMT
server: nginx
etag: "6255e73f-fa8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4008

GET
H2 200 icon-unmuted-white.png
www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/img/ 9 KB
9 KB 46ms
46ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/img/icon-unmuted-white.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.9.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f1d43391b58fc3d272ccb086f29ad4d3ccf234b62ef03b365138749d72955468

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.9.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
last-modified: Tue, 12 Apr 2022 20:55:27 GMT
server: nginx
etag: "6255e73f-2250"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8784

GET
H2 200 WN-US-Probiotic-banner.png
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/04/ 1 MB
1 MB 42ms
41ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/04/WN-US-Probiotic-banner.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0e2e32cbc27b7b02542e1e4c61dbbf84076b4bc9af5c1bb75769801318097159

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
last-modified: Wed, 15 Apr 2020 21:30:55 GMT
server: nginx
etag: "5e977d0f-10034c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1049420

GET
H2 200 AM006733_Online-Homepage-Probiotics-900x900_E.jpg
www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/04/ 337 KB
338 KB 74ms
73ms Image
image/jpeg 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/uploads/sites/12/2020/04/AM006733_Online-Homepage-Probiotics-900x900_E.jpg
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff4ec77d5712e2cd9e3d0ee8402d0396915d1c1e449bb90e6fd17cd4be5a616c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
last-modified: Thu, 23 Apr 2020 18:10:56 GMT
server: nginx
etag: "5ea1da30-54580"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 345472

GET
H2 200 nothumb.png
www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/skins/v6/ 2 KB
2 KB 74ms
73ms Image
image/png 104.198.49.12
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www2.webbernaturals.com/en-us/wp-content/plugins/LayerSlider/static/layerslider/skins/v6/nothumb.png
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.49.12 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 12.49.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7b42ebd5cebe4a9c36cb82524df2d32247f94ee8a1dacf7a1d643ad6577f670b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
last-modified: Tue, 12 Apr 2022 20:55:27 GMT
server: nginx
etag: "6255e73f-66b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1643

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 85ms
32ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-513731-2&cid=599313823.1664399339&jid=594924972&gjid=790613588&_gid=684554756.1664399339&_u=YCDACEAABAAAAC~&z=2014416616

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.webbernaturals.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 21:08:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.webbernaturals.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cc.js
cc.swiftype.com/ 43 B
279 B 222ms
47ms Image
image/gif 169.63.31.200
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.swiftype.com/cc.js?engine_key=sqU-ntKBapbawJ3sJZLz&url=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 169.63.31.200 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: c8.1f.3fa9.ip4.static.sl-reverse.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 28 Sep 2022 21:08:59 GMT
Cache-Control: no-cache
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Content-Length: 43
Expires: Wed, 28 Sep 2022 21:08:58 GMT

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame A6DE 2 KB
1 KB 33ms
29ms Document
text/html 185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=2080009&lid=98825884&ctype=0&media=0&PageName=.webbernaturals.com%2fen-us%2f&orderid=undefined&sysvars=%7corderid%3dundefined%7c%7c%7c%40%40%7cpid%3dundefined%7cpnm%3dundefined%7c&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ&rnd=1280817975&cpref=&loc=https%3a%2f%2fwww2.webbernaturals.com%2fen-us%2f

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

63b310a212c33f5b3fd16995f222985537f93a4ca57b96f96860ffe009a4f05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www2.webbernaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 21:08:59 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 7E9D 5 KB
2 KB 142ms
18ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2080009&ADFdivider=|&ord=81666295570&ADFtpmode=2&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ&loc=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

079ed31d13d5fe823fefb4856ea1bd5c2a478cf54a0327d6f0efa74c80dfa644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www2.webbernaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 21:08:59 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
344 B 234ms
17ms Image
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=7440553897814294387&stamp=arlmsHFdaskDvP-67D9Y4w2

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Sep 2022 21:08:59 GMT
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H3 200 /
www.google.com/pagead/1p-user-list/842512717/ 42 B
64 B 41ms
38ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842512717/?random=1664399339439&cv=9&fst=1664398800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&tiba=Home%20%7C%20Webber%20Naturals%20US&async=1&fmt=3&is_vtc=1&random=1337056362&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/842512717/ 42 B
64 B 84ms
40ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/842512717/?random=1664399339439&cv=9&fst=1664398800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&tiba=Home%20%7C%20Webber%20Naturals%20US&async=1&fmt=3&is_vtc=1&random=1337056362&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 forms.js Show response
omnisnippet1.com/inShop/ 130 KB
30 KB 126ms
104ms Script
application/javascript 2606:4700::6812:148a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omnisnippet1.com/inShop/forms.js?v=2022-09-28T21

Requested by

Host: omnisnippet1.com
URL: https://omnisnippet1.com/inshop/launcher-v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:148a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c99cc7ac752fd697b55c78d150709776abad54fb1ff7fff422e71522fb99b8dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 1199
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 20 Sep 2022 14:32:18 GMT
server: cloudflare
etag: W/"6329cef2-206e2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 751f75207dc5714b-YUL
expires: Wed, 28 Sep 2022 21:17:44 GMT

GET
H3 200 647690209185016 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 44ms
44ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/647690209185016?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

adcfd0d5c7462b8c043324efcb5da5c80e468b235f6218fa23cd9f9cbe1ac6cd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Sep 2022 21:08:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: eKr/q0mXK/WbnUm2y4H9GpxBjR9IJUhM/vOgGbGpRXFvnQbxZkH0UiPPPU6PaQjZ+pCFBJ6udKViwHbidQG/vA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
39ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-513731-2&cid=599313823.1664399339&jid=594924972&_u=YCDACEAABAAAAC~&z=631093989

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 46ms
39ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-513731-2&cid=599313823.1664399339&jid=594924972&_u=YCDACEAABAAAAC~&z=631093989

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8038 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8038 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8038 2 KB
2 KB 20ms
20ms Image
image/png 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:20:50 GMT
x-content-type-options: nosniff
age: 125289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 04 Oct 2022 10:20:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8038 15 KB
15 KB 61ms
20ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 11:41:34 GMT
x-content-type-options: nosniff
age: 120445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Sep 2023 11:41:34 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame A6DE 26 KB
10 KB 94ms
24ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2080009&lid=98825884&ctype=0&media=0&PageName=.webbernaturals.com%2fen-us%2f&orderid=undefined&sysvars=%7corderid%3dundefined%7c%7c%7c%40%40%7cpid%3dundefined%7cpnm%3dundefined%7c&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ&rnd=1280817975&cpref=&loc=https%3a%2f%2fwww2.webbernaturals.com%2fen-us%2f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Oct 2022 21:08:59 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8038 102 B
134 B 38ms
37ms Other
text/javascript 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a9d9b6ad855e3519a6e1855e246f96ed682cac5ef46de032038c949615d1f5c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY4kEaAAAAAH0APnUxk1lz3s8WlAFtUoZgMEEj&co=aHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbTo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&theme=light&size=normal&cb=wgvznuz67zr6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 28 Sep 2022 21:08:59 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7E9D 0
261 B 18ms
17ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 7E9D
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=7440553897814294387&Expiration=1665608939
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=7440553897814294387&Expiration=1665608939

43 B
424 B

31ms
31ms

Image
image/gif

174.129.2.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=7440553897814294387&Expiration=1665608939
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Server: 174.129.2.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-2-117.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Sep 2022 21:08:59 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=7440553897814294387&Expiration=1665608939
date: Wed, 28 Sep 2022 21:08:59 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 7E9D 0
522 B 435ms
138ms Image
text/plain 23.78.208.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=7440553897814294387

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.78.208.213 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-78-208-213.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 21:09:00 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 27 Sep 2022 21:09:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 7E9D 0
664 B 127ms
26ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 10af108baa8103fb427a2cc0433d74a0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7E9D
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=7440553897814294387&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=7440553897814294387&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=39e3925fb3b745eab...
https://c1.adform.net/serving/cookie/match?party=9&uid=9c09034cd074958054c207826b0b70e802229fab821e23138eca42911405dc2f

35 B
468 B

18ms
18ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=9c09034cd074958054c207826b0b70e802229fab821e23138eca42911405dc2f

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=9c09034cd074958054c207826b0b70e802229fab821e23138eca42911405dc2f
date: Wed, 28 Sep 2022 21:09:00 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7E9D
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=7440553897814294387&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=5182014013067990277

35 B
468 B

18ms
18ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=5182014013067990277

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=5182014013067990277
pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 7E9D
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=7440553897814294387&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=7440553897814294387&_origin=1&verify=true

0
121 B

28ms
28ms

Image
text/plain

54.175.87.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=7440553897814294387&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-87-114.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=7440553897814294387&_origin=1&verify=true
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 7E9D 43 B
755 B 367ms
19ms Image
image/gif 63.251.28.234
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 21:09:00 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1664399340186003-249

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame 7E9D
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=7440553897814294387
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=7440553897814294387
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=42ecce68-56d7-4b50-8c63-1160209ad7b8

49 B
716 B

85ms
24ms

Image
image/gif

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=42ecce68-56d7-4b50-8c63-1160209ad7b8

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-CA
content-type: image/gif;charset=iso-8859-1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-5d5cf8576-j9s7g
expires: -1

Redirect headers

Location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=42ecce68-56d7-4b50-8c63-1160209ad7b8
Date: Wed, 28 Sep 2022 21:09:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7E9D
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7440553897814294387&expiration=1665608939
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7440553897814294387&expiration=1665608939&C=1

43 B
880 B

79ms
58ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=7440553897814294387&expiration=1665608939&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5MB8E2FdXEq797FAopy%2F0LQu5cXtSuLxTmPU3b0nha57Wb1y%2BxS416Xixb5bUV%2BF1yUVR373FMF%2BbITTuNNO8Zefdrs%2FVSMVBNOX8yzVLzmk6xk90lVwjT21IKIdyBgysPaT7tCu2tpFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 751f7522ed70a252-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:08:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ49VtAlOeKhqcebJnQ1hcB8SboaK93VjWmSsivJI6EjTzHsvM7GGjWlCQ4yHvENp3e8KvWXHq25qx%2FqcflCFL6O9L18ceWLXrLTFk9ZkIp%2FqQf8ExWtGJ7x7Zh572Ge0Jue18pFHzkGhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=7440553897814294387&expiration=1665608939&C=1
cache-control: no-cache
cf-ray: 751f75226a37a1f3-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame 7E9D
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=7440553897814294387&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=7440553897814294387&sInitiator=external

42 B
604 B

33ms
32ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=7440553897814294387&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 21:09:00 GMT
Frontend-ID: 14
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type: image/gif
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 21:08:59 GMT
Frontend-ID: 6
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /adform/1/info2?sType=sync&sExtCookieId=7440553897814294387&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 7E9D
Redirect Chain

https://ps.eyeota.net/match?uid=7440553897814294387&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=7440553897814294387&bid=9gdtmu1

70 B
440 B

25ms
25ms

Image
image/gif

52.3.138.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=7440553897814294387&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: HTTP/1.1
Server: 52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-138-212.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 28 Sep 2022 21:09:00 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=7440553897814294387&bid=9gdtmu1
Date: Wed, 28 Sep 2022 21:09:00 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame 7E9D 0
324 B 151ms
37ms Image
text/plain 34.229.3.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-3-43.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:09:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame 7E9D
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=7440553897814294387
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNzQ0MDU1Mzg5NzgxNDI5NDM4NxAAGg0I7O_SmQYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=ae04ed45cd9a0aeff839815f5f7cffa8d3fd7886fe32c9e75ad6ed21690383ae791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhZTA0ZWQ0NWNkOWEwYWVmZjgzOTgxNWY1ZjdjZmZhOGQzZmQ3ODg2ZmUzMmM5ZTc1YWQ2ZWQyMTY5MDM4M2FlNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhZTA0ZWQ0NWNkOWEwYWVmZjgzOTgxNWY1ZjdjZmZhOGQzZmQ3ODg2ZmUzMmM5ZTc1YWQ2ZWQyMTY5MDM4M2FlNzkxNDI2YjU0MTdkY2UyMRAAGgwI7O_SmQYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=e179733d-4d89-48a8-bc14-32991113d655

42 B
60 B

42ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=e179733d-4d89-48a8-bc14-32991113d655
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:09:00 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=e179733d-4d89-48a8-bc14-32991113d655
date: Wed, 28 Sep 2022 21:09:00 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=7440553897814294387/gdpr=/ Frame 7E9D
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7440553897814294387/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=7440553897814294387/gdpr=/gdpr_consent=

49 B
545 B

54ms
53ms

Image
image/gif

34.200.191.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=7440553897814294387/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Server: 34.200.191.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-191-187.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.45.49
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=7440553897814294387/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.13.180
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 7E9D 62 B
426 B 346ms
195ms Image
image/gif 104.76.100.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.100.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-100-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 28 Sep 2022 21:09:00 GMT
content-length: 62
content-type: image/gif

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 7E9D
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7440553897814294387
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7440553897814294387

43 B
61 B

56ms
43ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7440553897814294387
date: Wed, 28 Sep 2022 21:09:00 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 7E9D
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

311ms
106ms

Image
image/gif

52.218.90.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: HTTP/1.1
Server: 52.218.90.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 21:09:01 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: KC1H49FRGMMANYXY
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 0SEkSRG/L0vf6D0i6tNYaZraeX/qBOWarQc4unL2f9Sow/v6InEK1KRoKs6sLYM64+lAW8KpQ94=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 28 Sep 2022 21:08:59 GMT
Server: akka-http/10.2.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

33141
tags.bluekai.com/site/ Frame 7E9D
Redirect Chain

https://pixel.onaudience.com/?mapped=7440553897814294387&partner=68
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be25c53d9fee0e78/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=501930c75165aa98d31a4737a29e7934&gdpr=0
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=7fa4f2fee4635404

62 B
424 B

211ms
211ms

Image
image/gif

104.76.100.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=7fa4f2fee4635404
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Server: 104.76.100.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-100-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 28 Sep 2022 21:09:00 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=7fa4f2fee4635404
content-length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7E9D 0
338 B 91ms
24ms Image
text/plain 52.20.31.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.31.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-31-118.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-served-by: beacon-n017-ash-prod.krxd.net
date: Wed, 28 Sep 2022 21:09:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1664399340
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 7E9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NzQ0MDU1Mzg5NzgxNDI5NDM4Nw
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDry-nZVMB6wyUqOsF5GEYw&google_cver=1&google_ula=1641347,0

35 B
468 B

18ms
17ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDry-nZVMB6wyUqOsF5GEYw&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDry-nZVMB6wyUqOsF5GEYw&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 7E9D
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=5435012317982400214&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=7440553897814294387

43 B
1008 B

20ms
19ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=7440553897814294387

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

HTTP/1.1

Server

68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 21:09:00 GMT
AN-X-Request-Uuid: e3ecff11-f639-42e6-bc4f-909af72e0bbe
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=7440553897814294387
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7E9D 0
261 B 37ms
18ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7E9D 42 B
448 B 80ms
26ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Sep 2022 21:08:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 7E9D 43 B
444 B 124ms
19ms Image
image/gif 99.84.37.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-5.ewr52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 11:49:59 GMT
Via: 1.1 029793f26ddd2fb9f0b639d3d8690c5a.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.20.0
X-Amz-Cf-Pop: EWR52-C4
Age: 33541
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: JWLJKh1gY7tKpRm76acfueicNz9X5c9lfjbGT5xloFPVPkTOnRyofg==

GET
H/1.1

200

p
a.audrte.com/ Frame 7E9D
Redirect Chain

https://a.audrte.com/a?adform_uid=7440553897814294387
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEEVVobtU-ZSW3qpdwAQoxy4&google_cver=1
https://a.audrte.com/p

68 B
424 B

32ms
32ms

Image
image/png

18.210.31.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: HTTP/1.1
Server: 18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-31-151.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 21:09:00 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 28 Sep 2022 21:09:00 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7E9D
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=7440553897814294387&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=7440553897814294387&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=33554381566737319980389135008899173895&noredirect=1

35 B
468 B

18ms
18ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=33554381566737319980389135008899173895&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-va6-2-v042-0340b19be.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: u45ajJa7SZI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=33554381566737319980389135008899173895&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7E9D
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=7440553897814294387
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214740604288012850834

35 B
468 B

20ms
19ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214740604288012850834

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
via: 1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: BOS50-P2
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214740604288012850834
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: 9PuHzbYJ2s9Tii2_aDNKRysnaA_7720I6RG-FHTdgNinj-zt7oUeCQ==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7E9D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7148540732801218704

35 B
468 B

18ms
18ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7148540732801218704

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7148540732801218704
Date: Wed, 28 Sep 2022 21:09:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 7E9D 62 B
426 B 201ms
200ms Image
image/gif 104.76.100.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.100.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-100-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 28 Sep 2022 21:09:00 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7E9D
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=a0426334-b7ec-4300-890a-6285dcff5b42

35 B
468 B

19ms
18ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=a0426334-b7ec-4300-890a-6285dcff5b42

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Wed, 28 Sep 2022 21:09:00 GMT
Server: MT3 4525 e1952b7 master iad-pixel-x19 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=a0426334-b7ec-4300-890a-6285dcff5b42
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 28 Sep 2022 21:08:59 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7E9D
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=rc1YMWeM1ODEiE5

35 B
468 B

18ms
18ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=rc1YMWeM1ODEiE5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 21:08:59 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-00582209d6e31e562@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=rc1YMWeM1ODEiE5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7E9D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=27a2657c-4fd7-4c9d-959e-0d0458e2d5dc

35 B
468 B

19ms
19ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=27a2657c-4fd7-4c9d-959e-0d0458e2d5dc

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=27a2657c-4fd7-4c9d-959e-0d0458e2d5dc
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 225

GET
H/1.1

200
OK

image.sbmx
ib.mookie1.com/ Frame 7E9D
Redirect Chain

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=7440553897814294387
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=7440553897814294387

0
421 B

556ms
122ms

Image
image/png

64.58.232.177
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: HTTP/1.1
Server: 64.58.232.177 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: be31-199.crrt01.las04.flexential.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 21:09:00 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: no-cache
X-Server: LAS02
Content-Length: 0
Expires: -1

Redirect headers

Date: Wed, 28 Sep 2022 21:08:59 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbmx?go=302927&pid=567&xid=7440553897814294387
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: NY05
Content-Length: 204

GET
H/1.1

200

3.gif
id5-sync.com/c/10/112/0/ Frame 7E9D
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=7440553897814294387
https://id5-sync.com/c/10/10/2/1.gif?puid=7440553897814294387&gdpr=0&gdpr_consent=&us_privacy=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/1/2.gif?puid=5435012317982400214&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F10%2F112%2F0%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/10/112/0/3.gif?puid=E7BF6EEB76D3F308&gdpr=0&gdpr_consent=

43 B
1 KB

99ms
99ms

Image
image/gif

141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/10/112/0/3.gif?puid=E7BF6EEB76D3F308&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

HTTP/1.1

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 28 Sep 2022 21:09:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 21:09:01 GMT
Frontend-ID: 14
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: https://id5-sync.com/c/10/112/0/3.gif?puid=E7BF6EEB76D3F308&gdpr=0&gdpr_consent=
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7E9D
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4060179214
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=R7UvCqPCf33Uxk4xikv70.

35 B
468 B

19ms
18ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=R7UvCqPCf33Uxk4xikv70.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
via: 1.1 google
last-modified: Wed, 28 Sep 2022 21:09:00 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=R7UvCqPCf33Uxk4xikv70.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7E9D 23 B
287 B 246ms
77ms Image
image/gif 104.76.105.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.105.133 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-105-133.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Wed, 28 Sep 2022 21:09:00 GMT
pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 7E9D
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7440553897814294387
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7440553897814294387&cs=1

35 B
376 B

100ms
99ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7440553897814294387&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 28 Sep 2022 21:09:00 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=7440553897814294387&cs=1
date: Wed, 28 Sep 2022 21:09:00 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

sync
t.adx.opera.com/ Frame 7E9D
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=7440553897814294387
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=7440553897814294387&cookieCheck=1
https://t.adx.opera.com/sync?vendor=60139&uid=4d0ada22

35 B
463 B

320ms
98ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60139&uid=4d0ada22
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Sep 2022 21:09:00 GMT
via: 1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://t.adx.opera.com/sync?vendor=60139&uid=4d0ada22
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: _eM5nrwGiVSnCEI1KrupUCXzU7Ltphjt2UEoJCu0CQLMACT3ZX_SgA==

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7E9D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=7440553897814294387&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=7440553897814294387&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6ea68e6d-bae0-4805-84da-18945c571c07%252Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=27a2657c-4fd7-4c9d-959e-0d0458e2d5dc&ttd_puid=6ea68e6d-bae0-4805-84da-18945c571c07%2Chttps%3A%2F%2Fc1.adform.net%2Fservin...
https://c1.adform.net/serving/cookie/match?party=2007&cid=6ea68e6d-bae0-4805-84da-18945c571c07

35 B
468 B

18ms
18ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=6ea68e6d-bae0-4805-84da-18945c571c07

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=6ea68e6d-bae0-4805-84da-18945c571c07
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 7440553897814294387
match.contentexchange.me/adform/ Frame 7E9D 0
49 B 379ms
119ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/7440553897814294387?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:09:01 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 7E9D 43 B
109 B 191ms
71ms Image
image/gif 52.1.222.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.222.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-222-188.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:09:00 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 7E9D
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=7440553897814294387&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=7440553897814294387&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

27ms
27ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=7440553897814294387&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 28 Sep 2022 21:09:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=7440553897814294387&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Wed, 28 Sep 2022 21:09:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 put
e1.emxdgt.com/ Frame 7E9D 43 B
120 B 110ms
26ms Image
image/gif 44.208.243.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=7440553897814294387
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-208-243-83.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:09:00 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7E9D 0
261 B 25ms
17ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=7440553897814294387&agencyId=7384&advertiserId=2071812&src=tp&rnd=724835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H3 200 626636748246843 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 69ms
65ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/626636748246843?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ae7cfe91c550c742d9344f024208c2afa88c869036c76625ace1e7b3aa062a1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Sep 2022 21:08:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: z4uycc7b1v4m+8i3IBnvHgj3wO0Nx+CCCtMuyO2FIvXZevnHA5tXGoYHbjEDw9kDvwDflBKmqVDrJoste9wL4A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 73ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1453545201494769&ev=PageView&dl=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&rl=&if=false&ts=1664399339801&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664399339800.2017689863&it=1664399339426&coo=false&rqm=GET

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Sep 2022 21:08:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 73ms
20ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=647690209185016&ev=PageView&dl=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&rl=&if=false&ts=1664399339802&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=28&it=1664399339426&coo=false&rqm=GET

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Sep 2022 21:08:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 65E3 7 KB
1 KB 55ms
43ms Document
text/html 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LcY4kEaAAAAAH0APnUxk1lz3s8WlAFtUoZgMEEj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f222be1098019a63fe0ef35f324f7e5e1e447b4d05dcc4db0d7218df1e6efae2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--XEh_X9onPgOBsoaJRHJCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.webbernaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce--XEh_X9onPgOBsoaJRHJCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:08:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 main.js Show response
omnisnippet1.com/forms/ 40 KB
13 KB 28ms
28ms Script
application/javascript 2606:4700::6812:148a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omnisnippet1.com/forms/main.js?v=2022-09-28T21

Requested by

Host: omnisnippet1.com
URL: https://omnisnippet1.com/inshop/launcher-v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:148a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c36d2f7636918082dc65828cbbbe55bbfe009aa4f057754f09a887ba38592e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 1199
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 20 Sep 2022 13:57:10 GMT
server: cloudflare
etag: W/"6329c6b6-9fa5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 751f752228b0714b-YUL
expires: Wed, 28 Sep 2022 21:17:44 GMT

GET
H2 200 rules-p-nLv1wMtE1M0JG.js Show response
rules.quantcount.com/ Frame A6DE 271 B
754 B 223ms
72ms Script
application/javascript 2600:9000:24eb:2600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-nLv1wMtE1M0JG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24eb:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62488f1098fb97125b6361d8762d99e94fdc1b2f815bafb33b6a6dc826331ddf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:39:51 GMT
via: 1.1 0d2f3d5020df6d2cd55884d30644c368.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-P1
age: 1750
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 271
last-modified: Sat, 27 Aug 2022 10:05:00 GMT
server: AmazonS3
etag: "44d43af70793e4cf2fcc355d22055d9b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: GnRmLE1w7jhR9hG1IJCaZv8fjMXCSsQAWECMg-50PM9tw7m8ia6gew==

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 42ms
18ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=626636748246843&ev=PageView&dl=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&rl=&if=false&ts=1664399339900&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664399339800.2017689863&it=1664399339426&coo=false&rqm=GET

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Sep 2022 21:08:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 renderedForms Show response
forms.soundestlink.com/REST/forms/v1/ 2 B
323 B 100ms
83ms Fetch
application/json 2606:4700::6812:1b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.soundestlink.com/REST/forms/v1/renderedForms?v=2022-09-28T21&brandID=610adccfca12af001aa93171

Requested by

Host: omnisnippet1.com
URL: https://omnisnippet1.com/forms/main.js?v=2022-09-28T21

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1b30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:09:00 GMT
via: 1.1 google
cf-cache-status: MISS
strict-transport-security: max-age=15552000
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
last-modified: Wed, 28 Sep 2022 21:08:59 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=600, public
accept-ranges: bytes
cf-ray: 751f7522aa0a713c-YUL
expires: Fri, 28 Oct 2022 21:08:59 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 65E3 52 KB
24 KB 20ms
19ms Stylesheet
text/css 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LcY4kEaAAAAAH0APnUxk1lz3s8WlAFtUoZgMEEj

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 21:08:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 65E3 389 KB
155 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LcY4kEaAAAAAH0APnUxk1lz3s8WlAFtUoZgMEEj

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158844
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 20:59:32 GMT

GET
H2 200 pixel
pxl.qccerttest.com/ Frame A6DE 35 B
550 B 190ms
56ms Image
image/gif 2600:9000:24eb:f200:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=667772045;fpan=1;fpa=P0-734466871-1664399340101;pbc=;ns=1;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww2.webbernaturals.com%2F;cm=;gdpr=0;d=a2.adform.net;dst=0;et=1664399340101;tzo=0;url=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2080009%26lid%3D98825884%26ctype%3D0%26media%3D0%26PageName%3D.webbernaturals.com%252fen-us%252f%26orderid%3Dundefined%26sysvars%3D%257corderid%253dundefined%257c%257c%257c%2540%2540%257cpid%253dundefined%257cpnm%253dundefined%257c%26itm%3DeyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ%26rnd%3D1280817975%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww2.webbernaturals.com%252fen-us%252f;ogl=

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2080009&lid=98825884&ctype=0&media=0&PageName=.webbernaturals.com%2fen-us%2f&orderid=undefined&sysvars=%7corderid%3dundefined%7c%7c%7c%40%40%7cpid%3dundefined%7cpnm%3dundefined%7c&itm=eyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ&rnd=1280817975&cpref=&loc=https%3a%2f%2fwww2.webbernaturals.com%2fen-us%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24eb:f200:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 10:14:35 GMT
via: 1.1 27d6451eef68b8beda74f9749214fe2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: BOS50-P1
age: 39266
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: t6AabZfcMMjd4yk8aGTRQdGD4MymvmPnSJN5O__lZxpFSA7FoPcLmQ==

GET
H2 200 pixel;r=878159984;labels=_fp.event.PageView;rf=0;a=p-nLv1wMtE1M0JG;url=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2080009%26lid%3D98825884%26ctype%3D0%26media%3D0%26PageName%3D.web...
pixel.quantserve.com/ Frame A6DE 35 B
371 B 29ms
25ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=878159984;labels=_fp.event.PageView;rf=0;a=p-nLv1wMtE1M0JG;url=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2080009%26lid%3D98825884%26ctype%3D0%26media%3D0%26PageName%3D.webbernaturals.com%252fen-us%252f%26orderid%3Dundefined%26sysvars%3D%257corderid%253dundefined%257c%257c%257c%2540%2540%257cpid%253dundefined%257cpnm%253dundefined%257c%26itm%3DeyJzbCI6InVuZGVmaW5lZCIsImlkIjoidW5kZWZpbmVkIiwic3YxIjoiaHR0cHM6Ly93d3cyLndlYmJlcm5hdHVyYWxzLmNvbS9lbi11cy8iLCJpdG1zIjpbeyJwaWQiOiJ1bmRlZmluZWQiLCJwbm0iOiJ1bmRlZmluZWQiLCJwc2wiOiJ1bmRlZmluZWQiLCJwY250IjoidW5kZWZpbmVkIn1dfQ%26rnd%3D1280817975%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww2.webbernaturals.com%252fen-us%252f;ref=https%3A%2F%2Fwww2.webbernaturals.com%2F;uht=2;fpan=0;fpa=P0-734466871-1664399340101;pbc=;ns=1;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=a2.adform.net;dst=0;et=1664399340104;tzo=0;ogl=;ses=f48bc3c7-e833-4890-ac7f-58a3a01291e2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 track.gif
monitoring.getelevar.com/ 26 B
517 B 89ms
56ms Image
image/gif 34.102.157.158
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-WJBPQHG&idx=0&event_name=gtm.js&variable_name=dlv%20-%20Thank%20You%20Page%20-%20Order%20ID&channels=&tag_names=&dlKey=ecommerce.purchase.actionField.id&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.157.158 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 158.157.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:09:00 GMT
x-guploader-uploadid: ADPycduG5tlhHar0m951K2vWngD27Y-8w4eOujQD_iQn107lJP42cSuGWkPa8OwJAEDXDCrwdhz7tAEc3L_k-Io5ZRFrr2LJVWU_
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
server: UploadServer
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 26
accept-ranges: bytes
expires: Wed, 28 Sep 2022 22:09:00 GMT

GET
H2 200 track.gif
monitoring.getelevar.com/ 26 B
180 B 93ms
60ms Image
image/gif 34.102.157.158
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-WJBPQHG&idx=1&event_name=gtm.js&variable_name=dlv%20-%20Thank%20You%20Page%20-%20Order%20Revenue&channels=&tag_names=&dlKey=ecommerce.purchase.actionField.revenue&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F
Requested by: Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.157.158 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 158.157.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:09:00 GMT
x-guploader-uploadid: ADPycdtckwuMNUYGGA33PT8_dFCBhoDbZBhMEXoLyLxFPEKju8XEiD8-pA8TKuU-68-I6esvb3nXNFCNL3PTzaBQDsC1XAd17EHY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
server: UploadServer
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 26
accept-ranges: bytes
expires: Wed, 28 Sep 2022 22:09:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9D39 0
15 B 19ms
18ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www2.webbernaturals.com
Referer: https://www2.webbernaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www2.webbernaturals.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:09:00 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2B4F 0
15 B 19ms
18ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www2.webbernaturals.com
URL: https://www2.webbernaturals.com/en-us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www2.webbernaturals.com
Referer: https://www2.webbernaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www2.webbernaturals.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:09:00 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/conv123/ 2 KB
1 KB 131ms
88ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/conv123/?random=1664399341285&cv=9&fst=1664399341285&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&tiba=Home%20%7C%20Webber%20Naturals%20US&auid=844551895.1664399339&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ccdd3b7f6321bfa7dfd02618f1f7101ed33b2970a0a93be72ec75bb3d45bd61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1023
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 302ms
84ms Script
application/javascript 2600:141b:9000:59c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJBPQHG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:59c::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: dbcef3b5ce770e8a3e8350473f04fbe627a78fa93a4441a24afec965643733e8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "cd5f811dc7c19de8566479150bc37ef8"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&aip=1&a=1805909400&t=timing&_s=2&dl=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Webber%20Naturals%20US&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3400&pdt=25&dns=182&rrt=304&srt=56&tcp=119&dit=1231&clt=1232&_gst=1392&_gbt=1529&_cst=911&_cbt=1285&_u=YCDACEABBAAAAC~&jid=&gjid=&cid=599313823.1664399339&tid=UA-513731-2&_gid=684554756.1664399339&gtm=2wg9q0WJBPQHG&z=1523204276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 18:54:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8045
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/conv123/ 42 B
64 B 40ms
40ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/conv123/?random=1664399341285&cv=9&fst=1664398800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&tiba=Home%20%7C%20Webber%20Naturals%20US&async=1&fmt=3&is_vtc=1&random=3445515280&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/conv123/ 42 B
64 B 39ms
39ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/conv123/?random=1664399341285&cv=9&fst=1664398800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F&tiba=Home%20%7C%20Webber%20Naturals%20US&async=1&fmt=3&is_vtc=1&random=3445515280&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.8f82d377.js Show response
s.pinimg.com/ct/lib/ 53 KB
18 KB 606ms
606ms Script
application/javascript 2600:141b:9000:59c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.8f82d377.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:59c::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4f25f48fb8f5b3c62c284b36c633d0b6575511eb96bb76f690493a86a30523c0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "f44d3b470ecae32816c8b1ddda910a57"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18620

GET
H2 200 / Show response
ct.pinterest.com/user/ 534 B
491 B 81ms
27ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614101675242&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%7D&cb=1664399342217
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8f82d377.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pin-unauth: dWlkPVl6STNaalEyWmpBdFl6TTNaaTAwWmpoa0xUazBORE10TW1RME56UXhaRFpoT0dWaA
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Wed, 28 Sep 2022 21:09:02 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.webbernaturals.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1386055237086732
content-length: 377
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 534 B
763 B 79ms
26ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614101675242&cb=1664399342218
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8f82d377.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pin-unauth: dWlkPU5qZzJaVEJtWXpRdE5URmhaUzAwTmpjNExUa3dNR1F0WVdJeVl6WTROR000T1RZMQ
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Wed, 28 Sep 2022 21:09:02 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.webbernaturals.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
x-pinterest-rid: 2465079794234051
content-length: 377
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
95 B 79ms
29ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614101675242&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%228f82d377%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1664399342220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:02 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 9603260070120940
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame D042 565 B
400 B 27ms
27ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8f82d377.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www2.webbernaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 21:09:02 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1204642558749152

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
324 B 28ms
28ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614101675242&cb=1664399342218&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22aem_st%22%3A%22b221f0712b89851ac50d95b125b60f8ec585ad885334727240af150edaf79702%22%2C%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww2.webbernaturals.com%2Fen-us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%228f82d377%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1664399342309
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www2.webbernaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:09:02 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 6062219590290951
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

307 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

103 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.webbernaturals.com/	1970-01-20 08:29:35	Name: _gcl_au Value: 1.1.844551895.1664399339
.webbernaturals.com/	1970-01-20 15:55:59	Name: _ga_WWY5ELT4Y7 Value: GS1.1.1664399339.1.0.1664399339.60.0.0
.webbernaturals.com/	1970-01-20 15:55:59	Name: _ga Value: GA1.2.599313823.1664399339
.webbernaturals.com/	1970-01-20 06:21:25	Name: _gid Value: GA1.2.684554756.1664399339
.webbernaturals.com/	1970-01-20 06:19:59	Name: _gat_UA-513731-2 Value: 1
.www2.webbernaturals.com/	1969-12-31 23:59:59	Name: soundestID Value: 20220928210859-8XjSNHO2NNwgM9Z9H0iiOlnsTojZ1arhtaqne9xo1YLutLADf
.www2.webbernaturals.com/	1970-01-20 15:05:35	Name: omnisendAnonymousID Value: nwqFxO7PB7oJMW-20220928210859
.www2.webbernaturals.com/	1970-01-20 06:20:01	Name: omnisendSessionID Value: ACnnFNuMKwINmP-20220928210859
.adform.net/	1970-01-20 07:03:11	Name: C Value: 1
.adform.net/	1970-01-20 07:46:23	Name: uid Value: 7440553897814294387
.adform.net/	1970-01-20 06:21:25	Name: CM Value: 1\|1
.adform.net/	1970-01-20 06:40:08	Name: CM14 Value: 1664485739_1664399339_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.seadform.net/	1970-01-20 07:46:26	Name: uid Value: 7440553897814294387
.webbernaturals.com/	1970-01-20 08:29:35	Name: _fbp Value: fb.1.1664399339800.2017689863
.www2.webbernaturals.com/	1969-12-31 23:59:59	Name: soundest-views Value: 1
.360yield.com/	1970-01-20 08:29:35	Name: tuuid Value: 32cd7984-df7e-4744-b23f-7abe8ca37b07
.360yield.com/	1970-01-20 08:29:35	Name: tuuid_lu Value: 1664399339
.rubiconproject.com/	1970-01-20 15:05:35	Name: khaos Value: L8M4E5Y9-14-CP4C
.rubiconproject.com/	1970-01-20 15:05:35	Name: audit Value: 1\|BJIif3QGiERTS0wHl2JqT0RMOrIUudWv8t+770H0lWEeECEUBMheiqjxto1uKNo8EWyuGlgiGwxBK03vAHceEG4bn2cxl7tJUQJC++g2F5UoZoEx0q9fzfmR4y0KCnimX5rIA/EljOjyU9QaoXNThNzpQ7vzkXQ/
.casalemedia.com/	1970-01-20 15:05:35	Name: CMID Value: YzS364yGUMTrZGEX-oozxAAA
.casalemedia.com/	1970-01-20 08:29:35	Name: CMPS Value: 032
.casalemedia.com/	1970-01-20 08:29:35	Name: CMPRO Value: 032
.360yield.com/	1970-01-20 08:29:35	Name: um Value: !42,rS9NyKU.-OSJUeMfS6yaE-LpQzB8sOZRaZm4XbHJpJyq,1665608939
.360yield.com/	1970-01-20 08:29:35	Name: umeh Value: !42,0,1726607339,-1
.semasio.net/	1970-01-20 15:05:35	Name: SEUNCY Value: E7BF6EEB76D3F308
.casalemedia.com/	1970-01-20 08:29:35	Name: CMTS Value: 145
.yahoo.com/	1970-01-20 15:05:56	Name: A3 Value: d=AQABBOy3NGMCEAIDd48JDzO4f49CW1ef92cFEgEBAQEJNmM-YwAAAAAA_eMAAA&S=AQAAAs4M89PofxXox1MnvvnMrko
.bidswitch.net/	1970-01-20 15:05:35	Name: tuuid Value: 42ecce68-56d7-4b50-8c63-1160209ad7b8
.bidswitch.net/	1970-01-20 15:05:35	Name: c Value: 1664399340
.bidswitch.net/	1970-01-20 15:05:35	Name: tuuid_lu Value: 1664399340
.analytics.yahoo.com/	1970-01-20 15:05:35	Name: IDSYNC Value: 1760~27f9
.eyeota.net/	1970-01-20 15:05:35	Name: mako_uid Value: 18385ee7233-a40000010a5e11
.eyeota.net/	1970-01-20 06:19:59	Name: SERVERID Value: 24081~DM
.rlcdn.com/	1970-01-20 15:05:35	Name: rlas3 Value: 7LYhTXoICwB8bIy5D1ihlv4Z18gpvi3w10oYw78cZvk=
.smartadserver.com/	1970-01-20 15:48:47	Name: pid Value: 5182014013067990277
.smartadserver.com/	1970-01-20 15:48:47	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 15:05:35	Name: csync Value: 22:7440553897814294387
.quantserve.com/	1970-01-20 15:50:13	Name: mc Value: 6334b7ec-212c8-45d8d-86af6
.adscale.de/	1970-01-20 15:02:15	Name: uu Value: 39e3925fb3b745eab66518b7d128d206
.adscale.de/	1970-01-20 15:02:15	Name: cct Value: 1664399340104
.rlcdn.com/	1970-01-20 07:46:23	Name: pxrc Value: COzv0pkGEgUI6AcQABIFCOhHEAA=
.ads.stickyadstv.com/	1970-01-20 07:46:23	Name: uid-bp-617 Value: 7440553897814294387
.ads.stickyadstv.com/	1970-01-20 07:03:11	Name: UID Value: 0c385e83bc8bef627101bfd3bd86b74
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 9f43f5f9449f1483616ccb8d7cebf9a
.crwdcntrl.net/	1970-01-20 12:48:47	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 12:48:47	Name: _cc_id Value: 501930c75165aa98d31a4737a29e7934
.contextweb.com/	1970-01-20 14:58:23	Name: V Value: WPBFhYh2r62q
.contextweb.com/	1970-01-20 15:05:35	Name: pb_rtb_ev Value: 3-1gd4\|6zB.0.42ecce68-56d7-4b50-8c63-1160209ad7b8
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 0390a766ee014ce2
.openx.net/	1970-01-20 15:05:35	Name: i Value: 16059491-421b-4318-bba1-5a17b4d7e0f4\|1664399340
.ih.adscale.de/	1970-01-20 15:02:15	Name: tu Value: 4#4001927176#42~7440553897814294387~462333~0~0
.yieldlab.net/	1970-01-20 15:05:35	Name: id Value: 03058c7b-247e-473c-8f5f-04c85251769f
.adnxs.com/	1970-01-20 08:29:35	Name: uuid2 Value: 5435012317982400214
.krxd.net/	1970-01-20 10:39:11	Name: _kuid_ Value: PG1AqqV7
.doubleclick.net/	1970-01-20 15:41:35	Name: IDE Value: AHWqTUkO_KjyiEHNQCldrbe3rww1mwYSc_mF23VgRuXZE2VDtVlu_pieihVIFzEd9-Q
.pippio.com/	1970-01-20 15:05:35	Name: did Value: lIEZCMxgM0EiEDup
.pippio.com/	1970-01-20 15:05:35	Name: didts Value: 1664399340
.pippio.com/	1970-01-20 07:46:23	Name: nnls Value:
.pubmatic.com/	1970-01-20 07:03:11	Name: KRTBCOOKIE_391 Value: 22924-7440553897814294387&KRTB&23263-7440553897814294387
.pubmatic.com/	1970-01-20 07:03:11	Name: PugT Value: 1664399338
.adnxs.com/	1970-01-20 08:29:35	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2E?`wrO'V!]tbPl1M66+q([OUf#$[Q4Q^-_'b%gOv]ChZ5?M5aaSc2U^-Ru3If)y3KL9D3I?+fA>xIo
.pippio.com/	1970-01-20 07:46:23	Name: pxrc Value: COzv0pkGEgQIAhAAEgYI7OsBEAA=
.demdex.net/	1970-01-20 10:39:11	Name: demdex Value: 33554381566737319980389135008899173895
.dpm.demdex.net/	1970-01-20 10:39:11	Name: dpm Value: 33554381566737319980389135008899173895
.adsrvr.org/	1970-01-20 15:05:35	Name: TDID Value: 27a2657c-4fd7-4c9d-959e-0d0458e2d5dc
.audrte.com/	1970-01-20 06:41:35	Name: arcki2 Value: h5cLSM9C9jXRoCXEwm4tCN3xQ!20220908!1664399340388
.audrte.com/	1970-01-20 06:41:35	Name: arcki2_adform Value: 7440553897814294387!20220908!1664399340389
.agkn.com/	1970-01-20 15:05:35	Name: ab Value: 0001%3A2jYyReqQhZVKLJOvWyseKFiN8W0hS4Ec
.linksynergy.com/	1970-01-20 15:05:35	Name: rmuid Value: e179733d-4d89-48a8-bc14-32991113d655
.linksynergy.com/	1970-01-20 15:05:35	Name: icts Value: 2022-09-28T21:09:00Z
.w55c.net/	1970-01-20 15:48:47	Name: wfivefivec Value: rc1YMWeM1ODEiE5
.onaudience.com/	1970-01-20 15:05:35	Name: cookie Value: be25c53d9fee0e78
.onaudience.com/	1970-01-20 06:21:25	Name: done_redirects104 Value: 1
.w55c.net/	1970-01-20 07:03:11	Name: matchadform Value: 5
.mathtag.com/	1970-01-20 15:45:54	Name: uuid Value: a0426334-b7ec-4300-890a-6285dcff5b42
.audrte.com/	1970-01-20 06:41:35	Name: arcki2_ddp Value: CAESEEVVobtU-ZSW3qpdwAQoxy4!20220908!1664399340576
.audrte.com/	1970-01-20 06:30:04	Name: arcki2_TTT Value: 1664399340577!h5cLSM9C9jXRoCXEwm4tCN3xQ!50#863#866#190#372#799#312#441#1498#1231#149#1626#1168#310#1748#1712#880#1464#1281#874#1686#738#1667#918#1205#629#1573#805#969#1455#1663#1787#146#271#1222#262#1230#722#1133#685#-1#1010#1761#1526#963#505#73#1427#15#546#532#-1#-1#1558#506#757#-1#1341#1031#1665#1654#626#1473#-1#1353#1702#1206#1073#1283#1717#-1#1236#1487#8#1005#1714#231#1585#933#1689#1012#306#1324#1393#1264#662#1788#1244#294
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vkrxoiiw0eziwloevgxpwikm
.smaato.net/	1970-01-20 06:50:13	Name: SCM Value: 4d0ada22
.onaudience.com/	1970-01-20 06:21:25	Name: done_redirects109 Value: 1
.adfarm1.adition.com/	1970-01-20 08:29:35	Name: UserID1 Value: 7148540732801218704
.smaato.net/	1970-01-20 06:35:06	Name: SCMop Value: 4d0ada22
.smaato.net/	1970-01-20 06:35:06	Name: SCM1001213 Value: 4d0ada22
.weborama.fr/	1970-01-20 15:45:54	Name: AFFICHE_W Value: f@p@1wXOASN-29
.tapad.com/	1970-01-20 07:46:23	Name: TapAd_TS Value: 1664399340693
.tapad.com/	1970-01-20 07:46:23	Name: TapAd_DID Value: 6ea68e6d-bae0-4805-84da-18945c571c07
.adsrvr.org/	1970-01-20 15:05:35	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiWqe-r9ueQOxAFGAEgASgCMgsIlqHy2IzokDsQBTgBWgV0YXBhZGAC
.teads.tv/	1970-01-20 15:04:08	Name: tt_viewer Value: 1c31af41-cb73-49de-91d3-4e8ed6731653
.tapad.com/	1970-01-20 07:46:23	Name: TapAd_3WAY_SYNCS Value: 1!6525
.id5-sync.com/	1970-01-20 06:19:59	Name: cf Value:
.id5-sync.com/	1970-01-20 06:19:59	Name: cip Value:
.id5-sync.com/	1970-01-20 06:19:59	Name: cnac Value:
.id5-sync.com/	1970-01-20 06:19:59	Name: car Value:
.id5-sync.com/	1970-01-20 06:19:59	Name: gdpr Value:
.id5-sync.com/	1970-01-20 06:19:59	Name: callback Value:
.1dmp.io/	1970-01-20 15:05:35	Name: uid Value: c64246c0-3f71-11ed-8677-901b0e934d81
.3lift.com/	1970-01-20 08:29:35	Name: tluid Value: 3622690317824379948681
.id5-sync.com/	1970-01-20 08:29:35	Name: id5 Value: ee561884-0ef9-4623-b609-6d36afa29d4c#1664399340822#2
.adx.opera.com/	1970-01-20 07:03:11	Name: UID Value: 0b31215407b947778c134da50b9f2757
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: cbsmt4ek3tflr3xx3nhmwhmm
.id5-sync.com/	1970-01-20 08:29:35	Name: 3pi Value: 112#1664399341217#1357742853#E7BF6EEB76D3F308\|2#1664399341082#-503338293#5435012317982400214\|10#1664399340924#1719455204#7440553897814294387
.www2.webbernaturals.com/	1970-01-20 15:05:35	Name: _pin_unauth Value: dWlkPVl6STNaalEyWmpBdFl6TTNaaTAwWmpoa0xUazBORE10TW1RME56UXhaRFpoT0dWaA
.ct.pinterest.com/	1970-01-20 15:05:35	Name: _pinterest_ct_ua Value: "TWc9PSZ4ZXJoOGhlSnRlWi9RRTQ3aU91SzRsUUpoSDkzd1NmUzZ5aGVmbDd1YkhBUDdWS01pamNuMFhWWkh0cTBCb3VFeWtsamt0NEVQeVJvalNEK1hzSVF0NmM4RGlqS0ZXWHluVHZGTjZodlZ3TT0mNlYxajhmanJZMFdpV0h0Uzd1Ny82MXFaMnJVPQ=="

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
analytics.google.com
api.adrtx.net
beacon.krxd.net
bh.contextweb.com
bpi.rtactivate.com
c1.adform.net
cc.swiftype.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.gstatic.com
forms.soundestlink.com
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
ib.mookie1.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
monitoring.getelevar.com
netdna.bootstrapcdn.com
omnisnippet1.com
pdw-adf.userreport.com
pippio.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
pxl.qccerttest.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s.pinimg.com
s.swiftypecdn.com
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
t.adx.opera.com
tags.bluekai.com
tags.rd.linksynergy.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
webbernaturals.com
wt.soundestlink.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.webbernaturals.com
www2.webbernaturals.com
x.bidswitch.net
104.18.18.126
104.198.49.12
104.76.100.229
104.76.105.133
107.178.246.49
107.178.254.65
141.94.171.212
141.95.33.111
142.250.65.162
142.251.40.194
151.101.128.84
151.101.192.143
169.63.31.200
174.129.2.117
18.161.34.7
18.210.31.151
185.167.164.37
185.167.164.43
185.167.164.47
185.167.164.49
198.148.27.139
199.187.193.193
2001:4860:4802:38::181
23.52.161.201
23.78.208.213
2600:141b:9000:59c::1931
2600:9000:210b:4a00:d:9072:7e80:93a1
2600:9000:2209:1200:1b:5138:8a40:93a1
2600:9000:24eb:2600:6:44e3:f8c0:93a1
2600:9000:24eb:f200:11:615:7240:93a1
2606:4700::6812:148a
2606:4700::6812:1a30
2606:4700::6812:1b30
2606:4700::6812:acf
2607:f8b0:4004:c09::9c
2607:f8b0:4006:80b::2004
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2003
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2008
2607:f8b0:4006:821::200e
2607:f8b0:4006:824::2003
2620:116:800b:21:c1e8:5385:5098:6bf0
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.220.73.72
3.248.26.101
3.33.220.150
34.102.157.158
34.200.191.187
34.229.3.43
34.98.64.218
34.98.67.3
35.190.24.218
35.190.60.146
35.211.178.172
35.71.139.29
44.208.243.83
46.19.11.36
50.57.31.206
52.1.222.188
52.20.31.118
52.218.90.19
52.29.117.164
52.3.138.212
54.175.87.114
54.85.212.104
63.251.28.234
64.58.232.177
68.67.179.166
69.169.86.38
78.46.100.125
8.28.7.83
8.43.72.98
82.145.213.8
85.114.159.93
99.84.37.5
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
01029da61e6d0f7fb937fbd3a680a43fde5fd7b8d63c33f75d8d9d3502adf996
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
046ebed195f3cf6307fac7f7424add330105fb27efdd4f7bae86f671bb29c25f
079ed31d13d5fe823fefb4856ea1bd5c2a478cf54a0327d6f0efa74c80dfa644
085ba87f031e5e0f214f0639664d7ab891fd214c4c55d4b4a33949cd0586ab10
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d17fc85d22eb1f6c056ea79c018062eda0f312350c68c836364dc082b9a06bc
0d5d31daf049b4444184f5a7dab253c49bf1ba86b1ce5e182c0ca99dae382804
0e2e32cbc27b7b02542e1e4c61dbbf84076b4bc9af5c1bb75769801318097159
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
1791c919c7fa56c1612c0a092d2a172deb241e373562eda9991936a4f35d04e5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c587032520027584f9abe7845afe1e9242516dbe1d13a524cd11745409fcf13
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
25f4e79a4fa0b14b5c8f0f6420a993414b66bbae0f3b5294dc87ec329fb47810
25fb9eeb871aca7cbbfd071c2516ffd6cdb4342afc0020e0c7fd0f63fe9bb208
27503ddaec84374dc5ad660408f920cd53396e409b2d270cf756be84d4a9fdce
28a7fd8107e3934841f79c68e307eecf378da37d970824b5f4de8d374505f4c2
29b9445dfd0bb95165e76f2542435847ff61d8cef44bca8fd9c2752844c837eb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33cf0cc839d21a448ef2afe8c19407bb2877f84d8e4cc2b7081f3404a5ae94d7
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
3718626b95a3a7a17eafc80c592985d5e53e1fcd971579d3e45a96daca348bf0
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39eadd1cbab3247462a6e2c98e375d19e3e6e9b7a52bcf5996f396b83e82fc85
3a1072fc5e60a404c249f32eef7ebbeec0722a2fc6ecce393926a39ba8075293
3b70551fc9dd20fce8a615d7556323cd52bacd97b0cb24c726feafe5f061504a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4a89beaadf9953c65c58f08575835047e9584d851dc35ecfe9ec93cb1c70dbe6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f25f48fb8f5b3c62c284b36c633d0b6575511eb96bb76f690493a86a30523c0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53454f2bedb1ccee7f36a8eb8cd6eda905501be5b440bf3d2798f4c7b197155a
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689
62488f1098fb97125b6361d8762d99e94fdc1b2f815bafb33b6a6dc826331ddf
63b310a212c33f5b3fd16995f222985537f93a4ca57b96f96860ffe009a4f05e
679fbb530d75150701e044c22e3f32684815e8e8401b032bbc0f7dbadc35b5fd
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6d1beb976b79fed135b444a99d9f60c4d116ad5357ff1a72510405eb98cc8f52
6d8b66b8bca26493903664c91cc3cdb87cd4dfef1631d0fc6180c9e0e980febd
6dc7acc25d1001832826e95e47619f07872ed995f5fe1fe073327a3ff0940f5b
6eca378f40199e69150e1b5f8ee4130aa718b99b6c4a6b2617bb865ed986d11d
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
708f4dfa4f2359d4b025a53ba593a1042c47d52d4d995537d447ebc144a26537
7524d490c61134e066b3cb0c7ee65a5d791c0f2ad7bfe20f64cae9025eb88c95
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b42ebd5cebe4a9c36cb82524df2d32247f94ee8a1dacf7a1d643ad6577f670b
7ccdd3b7f6321bfa7dfd02618f1f7101ed33b2970a0a93be72ec75bb3d45bd61
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46
82b4bfdd561cfb7f196f08a0b327ce23e2684359daa3e2d98a751c021138e844
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a19cc610ec4ba44c257648d9e37dd586ed575283840f4db56a562ac136b3c8
841c97435eec7298609db62fd941f42706405fc24954dbb48757641a8f6e16f3
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8ae7cfe91c550c742d9344f024208c2afa88c869036c76625ace1e7b3aa062a1
8b285af29d1fc1c13a29d7aa7e907d48eb3f82b396410874f8bec890c535718c
8c45853cd167dccc8122777bb25f955cf20db14e97c32db902934958466e7210
8d122f2b973f0ce48ab56ef2fdbb48f63332de427dfc58414490a435919b874d
8fc646c9ba5a91dded24716aec18659da956f775f3342854241fad3a53340f70
91517c1e71e10890e4017d4c45b2dcd307c1d94998b851abdeefd8780de40d90
91b729f00e7b893e0b8158d9d786315ed01b763e6b1053d72e2d6abbb906f70e
93e7341b5998f2934033620754d7310914a0c651e0d068877068260b7c3bbc42
969b2cd43674326bed5abfe780bb7604f30cbb7cac699b1fffe7360ce163c9c1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a26faad0e000fc66242f75aff308c79232abb99cc2e6dab878c539de3ef8ae94
a9d9b6ad855e3519a6e1855e246f96ed682cac5ef46de032038c949615d1f5c0
adcfd0d5c7462b8c043324efcb5da5c80e468b235f6218fa23cd9f9cbe1ac6cd
af144d801e8f268d5be2cd3c58c288615d3bc91d62d0ce8c77a24c69262d529a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332
c2fcb192d0b85ddff74aa60a001e7b3360bafe23b627ee02320e3fe7ad73cda2
c36d2f7636918082dc65828cbbbe55bbfe009aa4f057754f09a887ba38592e34
c698a536c0c176d91ae63d64f02939e0ed00922e77608a5db1636e7887372514
c99cc7ac752fd697b55c78d150709776abad54fb1ff7fff422e71522fb99b8dd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc8340169b69046bedd04fa39e9209257a5bf2307fa869edc7b25aadac16d29
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d24e751bb90d41ba88ce38ce55a38a038d5a67b765ef3224af9fdc3fde096e47
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
dbcef3b5ce770e8a3e8350473f04fbe627a78fa93a4441a24afec965643733e8
dd48137224e044b6ab3c88ab9913a94ef68b18192c2c78b06f0cb1532add1e76
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e373889e048fa90cffa96d1332c52db160d24ce7a45fbce87327a1b62789bfb7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60fbf0bdc14cbc9e44557e622bdd1864f5556b72b7d9f46e0f039aed2f4840a
ebfeb891f4e96bbf2adf9436124bf49376afa5403c5c702fb2afa7f3b1d4c910
ecd8da02fc2e8156d9403ee0c2b6fa9101bb70ed5ace1a1e682ae41c5e5e8069
ed5a67b0a0df92331381cdd07b439e4a30e2e6c76ee4733bda85476fb501c68c
ee28e03b8f607089d34f9b9eb571966a5469cb952e421e28fbe5468df228453a
ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d43391b58fc3d272ccb086f29ad4d3ccf234b62ef03b365138749d72955468
f222be1098019a63fe0ef35f324f7e5e1e447b4d05dcc4db0d7218df1e6efae2
f2b9decde54503efb62eafe0417f7a632658a767b1bf3ca6dedd418bffce2ab7
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f55af0638f9533b4d3da6e334482541fba872a11f072748c661e3ab476e85b8f
f5664ebe85adb158bfee2a03e94443ed0ceb23ac870b2ee917a4dd750429ddd3
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
faa7c5a62d21d645024e4385c3dfaf01614dffb80b2f51e9aa07b3a35a2c5090
fef6d1fd3fe4b01f07b669cbd32fbf0eeb611bbd8df226e0ea303ad4aa1fa961
ff4ec77d5712e2cd9e3d0ee8402d0396915d1c1e449bb90e6fd17cd4be5a616c

www2.webbernaturals.com Open in urlscan Pro 104.198.49.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

188 Requests

84 %HTTPS

27 %IPv6

69 Domains

81 Subdomains

59 IPs

9 Countries

6248 kBTransfer

10475 kBSize

103 Cookies

2 Outgoing links

Page URL History

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www2.webbernaturals.com Open in urlscan Pro
104.198.49.12 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

84 %
HTTPS

27 %
IPv6

69
Domains

81
Subdomains

59
IPs

9
Countries

6248 kB
Transfer

10475 kB
Size

103
Cookies

188 HTTP transactions
4 data transactions