urlscan.io logo urlscan.io
SecurityTrails logo

credit.kohls.com Open in urlscan Pro
66.22.20.103  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://activate.kohls.com/
Effective URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Submission: On July 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 32 HTTP transactions. The main IP is 66.22.20.103, located in United States and belongs to RADWARE-CLOUD-SERVICES, US. The main domain is credit.kohls.com. The Cisco Umbrella rank of the primary domain is 181299.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 6th 2024. Valid for: a year.
This is the only time credit.kohls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 10 66.22.20.103 25773 (RADWARE-C...)
13 2600:9000:214... 16509 (AMAZON-02)
1 2600:9000:20a... 16509 (AMAZON-02)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 3 52.17.109.160 16509 (AMAZON-02)
1 104.16.184.241 13335 (CLOUDFLAR...)
2 172.217.18.2 15169 (GOOGLE)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 54.72.248.35 16509 (AMAZON-02)
2 63.140.62.222 16509 (AMAZON-02)
1 1 34.255.95.127 16509 (AMAZON-02)
32 11
10    66.22.20.103 (United States)

ASN25773 (RADWARE-CLOUD-SERVICES, US)
activate.kohls.com
credit.kohls.com
13    2600:9000:214f:a00:0:ed0d:63c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3ksttzjeov72n.cloudfront.net
1    2600:9000:20ae:3800:1b:64b0:3080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.firstdata.com
3    2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    2a02:26f0:480:d8f::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
02179914.akstat.io
3    52.17.109.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-109-160.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    104.16.184.241 (None, )

ASN13335 (CLOUDFLARENET, US)
ipv4.icanhazip.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    54.72.248.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-248-35.eu-west-1.compute.amazonaws.com
kohls.demdex.net
2    63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net
ww8.kohls.com
1    34.255.95.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-95-127.eu-west-1.compute.amazonaws.com
cm.everesttech.net
Apex Domain
Subdomains		 Transfer
13 cloudfront.net
d3ksttzjeov72n.cloudfront.net
765 KB
12 kohls.com
activate.kohls.com
credit.kohls.com — Cisco Umbrella Rank: 181299
ww8.kohls.com — Cisco Umbrella Rank: 47124
54 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
kohls.demdex.net — Cisco Umbrella Rank: 21819
4 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 428
65 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
432 B
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1522
c.go-mpulse.net — Cisco Umbrella Rank: 663
54 KB
1 akstat.io
02179914.akstat.io — Cisco Umbrella Rank: 87298
226 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1336
517 B
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 12339
362 B
1 firstdata.com
cdn.firstdata.com — Cisco Umbrella Rank: 125225
49 KB
32 10
Domain Requested by
13 d3ksttzjeov72n.cloudfront.net credit.kohls.com
d3ksttzjeov72n.cloudfront.net
9 credit.kohls.com 5 redirects d3ksttzjeov72n.cloudfront.net
3 dpm.demdex.net 1 redirects credit.kohls.com
3 assets.adobedtm.com credit.kohls.com
assets.adobedtm.com
2 ww8.kohls.com assets.adobedtm.com
2 securepubads.g.doubleclick.net d3ksttzjeov72n.cloudfront.net
1 02179914.akstat.io s.go-mpulse.net
1 cm.everesttech.net 1 redirects
1 kohls.demdex.net assets.adobedtm.com
1 c.go-mpulse.net s.go-mpulse.net
1 ipv4.icanhazip.com d3ksttzjeov72n.cloudfront.net
1 s.go-mpulse.net credit.kohls.com
1 cdn.firstdata.com credit.kohls.com
1 activate.kohls.com 1 redirects
32 14

This site contains links to these domains. Also see Links.

Domain
www.kohls.com
apply.kohls.com
Subject Issuer Validity Valid
credit.kohls.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-06 -
2025-07-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cdn.firstdata.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-15 -
2025-06-26		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-06 -
2025-03-06		 a year crt.sh
icanhazip.com
E1		 2024-05-05 -
2024-08-03		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
ww8.kohls.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2025-01-26		 a year crt.sh

This page contains 3 frames:

Primary Page: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Frame ID: 5984C2A18B8A67EF7E5A220BBC766118
Requests: 29 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Frame ID: 4F8C7590832AB991CF8F474240585473
Requests: 2 HTTP requests in this frame

Frame: https://kohls.demdex.net/dest5.html?d_nsid=0
Frame ID: C13720CC24B54EE208B785BC50E02D44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

eCustomer Service

Page URL History Show full URLs

  1. https://activate.kohls.com/ HTTP 303
    https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
    https://credit.kohls.com/ecs/auth/?cid=AAAA4151001 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

32
Requests

88 %
HTTPS

42 %
IPv6

10
Domains

14
Subdomains

11
IPs

4
Countries

982 kB
Transfer

2976 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://activate.kohls.com/ HTTP 303
    https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
    https://credit.kohls.com/ecs/auth/?cid=AAAA4151001 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1719833556696 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1719833556696
Request Chain 19
  • https://credit.kohls.com/eCustService/onlineopinionV5/oo_tab_icon_retina.gif HTTP 301
  • https://credit.kohls.com/ HTTP 303
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Request Chain 22
  • https://cm.everesttech.net/cm/dd?d_uuid=45398771329812574211382526404063049137 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZoKT1QAAAKMPTANe
Request Chain 23
  • https://credit.kohls.com/favicon.ico HTTP 303
  • https://credit.kohls.com/404.html

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
credit.kohls.com/ecs/auth/
Redirect Chain
  • https://activate.kohls.com/
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
be3a7ee217350e5a1b40ba39016a2409fc35a286d1035f862c61236bb0cdf9a7
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MTE3ZWQxNGEtN2U5Ny00MTRhLWFjOTQtNjIzNWZlNmViMDFl'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MTE3ZWQxNGEtN2U5Ny00MTRhLWFjOTQtNjIzNWZlNmViMDFl'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Mon, 01 Jul 2024 11:32:36 GMT
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block
expires
-1d

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Security-Policy
default-src 'none'
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 Jul 2024 11:32:36 GMT
Location
/ecs/auth/?cid=AAAA4151001
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block
expires
-1d
bootstrap.min_4.6.0.css
d3ksttzjeov72n.cloudfront.net/assets/stylesheets/global/ 		156 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/stylesheets/global/bootstrap.min_4.6.0.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33bbfcb62d416e997c644430385e28227830e164193697c05cb8292f637ef3d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
qKHsUnnKFMZgAt9pGqwlddnt6MlR1sEr
content-encoding
br
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Mon, 01 Jul 2024 06:43:36 GMT
last-modified
Thu, 08 Jun 2023 04:23:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
17341
x-amz-server-side-encryption
AES256
etag
W/"258faa3208373250ffe729418435d270"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
qcWDkh--zMQlI5oxVuTjQ4RPyw2aS2J7iohEAT90OZKjc5xcLqPgug==
fontawesome-all.min.css
cdn.firstdata.com/global/stylesheets/vendor/fontawesome-pro-5.0.12/css/ 		49 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.firstdata.com/global/stylesheets/vendor/fontawesome-pro-5.0.12/css/fontawesome-all.min.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:3800:1b:64b0:3080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
170f6f3bf935abdfb170ce0f871755db1fd5e473317c659b551fb542d02b2844

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
z0BouNAw_Ue0nfki3a47GipUh4LG9Ovr
date
Sun, 30 Jun 2024 13:21:09 GMT
via
1.1 7d775f7e444ed74169f0db8decde7d20.cloudfront.net (CloudFront)
last-modified
Thu, 30 Apr 2020 21:40:09 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P5
age
79888
x-amz-server-side-encryption
AES256
etag
"fa458861897529425cdf08dffe6146a4"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
49945
x-amz-cf-id
ZRipmoFPBtxMw4zAuD4zxSZjsjy47CS0mRT4HovV_y4XRHljDeCVfA==
launch-368ee32ad013.min.js
assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/ 		134 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f9e5db2d0dd841b403c591b80839f11fce95b7a395d8f17ff60fe8c7a9a1e3e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 11:32:36 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 19:31:19 GMT
server
AkamaiNetStorage
etag
"e1d1caa4e6875af89d97c9e38c650be6:1588620679.97007"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://credit.kohls.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43291
expires
Mon, 01 Jul 2024 12:32:36 GMT
published_main_13.css
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/templates/cfi/ 		1 KB
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/templates/cfi/published_main_13.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eef93a7ff6f4d0afdf9ad3bc39ee60a915732171d405e90032bf5ee8fe4a19aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
qBmca3nvlJBew.nyV4JoTL4LZHwO7Bp_
content-encoding
gzip
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Mon, 01 Jul 2024 09:13:04 GMT
last-modified
Fri, 30 Jul 2021 14:03:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
8401
x-amz-server-side-encryption
AES256
x-amz-meta-x-amz-meta-title
/ecs/banks/AAAA4151001/templates/cfi/saved_main.css
vary
Accept-Encoding
etag
W/"3427d8d110efae5852b0b0560554321e"
content-type
text/css
x-cache
Hit from cloudfront
x-amz-cf-id
1IgKHaVSAN04j3sGFwfoQrHdTfFO5Gmm38PM_OkK-44oau_nw6TC0g==
auth_styles.min.css
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/ 		741 KB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a5b17b74cd096238de6258647f657d617e70b47de248d17c30d5a5e2506e9b2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5SpuzghcFbjYOTXKrahJiNgeFrEJ7.tY
content-encoding
br
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Mon, 01 Jul 2024 08:53:56 GMT
last-modified
Thu, 06 Jun 2024 04:40:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
12194
x-amz-server-side-encryption
AES256
etag
W/"3409f176cc52c33e4932747df37404d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
LzkeRX8r2zV3xluQwEJ4aMrSNj7ctnSm5yRATBj7ZQYTwAoz2_uF1g==
gpt.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/gpt.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79ee555e21c245f869ad87378cfa18fa3899717bd824fa6d7ac94782bb986cd6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
O5EXxPNcFzi8QclwQ8BK2ng30c2ktO1.
content-encoding
br
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Mon, 01 Jul 2024 09:48:30 GMT
last-modified
Thu, 21 Mar 2024 02:18:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
7598
x-amz-server-side-encryption
AES256
etag
W/"71390372a2d74a968e48dd4d0d65557c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
32D7HCGulmyms6jfiLfD6MnSD-HJD4WjT0km38wF71bop6932Ufqvw==
auth-bundle.min.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/ 		1007 KB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfe4fc6f88c5c732ddee9b7269dd0f4b4c799971dcd32597dda2daae3334fb25

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
095avZQxQrZRPzwYxc1PCQY7QVsDQlh5
content-encoding
br
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Mon, 01 Jul 2024 01:19:13 GMT
last-modified
Thu, 06 Jun 2024 04:40:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
45980
x-amz-server-side-encryption
AES256
etag
W/"7854acb679f9204af47824ef290a842e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
5zQBmXTe8_0kwuhBHMLAFrdngSz8Nu-u5tyLrxFTMtp23WDPfAtzhA==
3H6HN-HCW87-4HZF3-YWYL6-C7HHH
s.go-mpulse.net/boomerang/ Frame 4F8C 		214 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8f::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
aaa3677440f44dc9c11249cf6291644c13c1b0eeb7ba01325ed493178f7a10a6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 11:32:36 GMT
content-encoding
br
last-modified
Sun, 05 May 2024 01:59:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
53410
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1719833556696
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1719833556696
8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1719833556696
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Server
52.17.109.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-109-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d2d022ed24f6e3b13e9999fb3cdfbc714190a40817dc95a5412b19cf0c0b2f12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v061-027e83d5a.edge-irl1.demdex.com 15 ms
pragma
no-cache
date
Mon, 01 Jul 2024 11:32:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
C+Doon7MQ3w=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://credit.kohls.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
2372
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v061-05e7336b1.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Mon, 01 Jul 2024 11:32:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
26SUgatmRhs=
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1719833556696
access-control-allow-origin
https://credit.kohls.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
adfcb165c69213b0aba3c64bc549f7ff156ec82110fb8ef144b1d16ebc13b04a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 11:32:36 GMT
content-encoding
gzip
last-modified
Tue, 10 Mar 2020 22:29:22 GMT
server
AkamaiNetStorage
etag
"42fa244f36955eedb3cd8ade6f492bf6:1583879362.816163"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://credit.kohls.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
13342
expires
Mon, 01 Jul 2024 12:32:36 GMT
/
ipv4.icanhazip.com/ 		14 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.184.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc2ad622dd7ddd9c6624d07eea8d940f697f759907e4b4c889fdc54c0f171ce4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 11:32:36 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
89c613921f1e65d4-FRA
alt-svc
h3=":443"; ma=86400
content-length
14
OpenSans-Regular.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-Regular.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Origin
https://credit.kohls.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
bhMbwpUWcqLtDOgd1mfKPZUQKvETAjyX
date
Sun, 30 Jun 2024 16:30:57 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
68500
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
96428
last-modified
Thu, 11 Aug 2022 04:32:04 GMT
server
AmazonS3
etag
"5a798cdadc7cd321e3f72425b70bface"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
uTlft6TA3HRycEEfdHXDC9WQudjgrOZodTbJ82bsSpfzy1yJBlMqAw==
OL_ENGINE.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/OL_ENGINE.js
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26591f0e9074e03b9b45a60e9ad21b3ef6e9c182901903949a18e21b26759ff0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BEmKnWNl75lQFiNSVWXt0ioKe672fz.P
content-encoding
br
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Mon, 01 Jul 2024 06:02:28 GMT
last-modified
Wed, 09 Jun 2021 19:39:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
20533
x-amz-server-side-encryption
AES256
etag
W/"baabad5b06edc9b1df65a8f29d3ffe5d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
jG4ik3_bE_5aaf8Qb4haqtsDiipzYofFtKCtgrGsJdvprclM7Wq-qg==
OL_CONF_INLINE.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/OL_CONF_INLINE.js
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3739aaade6ba466c207142443cd08fb5c19481be06180bcf7da87291689cbfe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5XI841_4pGVoFQ63A8UbHoqoM5f334jC
content-encoding
gzip
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Mon, 01 Jul 2024 06:02:28 GMT
last-modified
Wed, 09 Jun 2021 19:39:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
20533
x-amz-server-side-encryption
AES256
etag
W/"530d4cdedab8e19176884727de612674"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TsN9GT76hotmfDjq9grd62_ip-0uiFXEhDQ6pVJ_MAnR4diz41eDSg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/ 		485 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
cb8fac376f394b4154f901255a03e6d49fe4f094fb8959081209f600a932efe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 11:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
x-xss-protection
0
pragma
no-cache
server
cafe
etag
2983297436258324226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		262 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=credit.kohls.com
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
0ca6e3d341ef6d37f58c5458074552419259485305c0c97053ff2c0722c679a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 11:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
x-xss-protection
0
expires
Mon, 01 Jul 2024 11:32:36 GMT
AAAA4151001
credit.kohls.com/ecs/auth/api/config/ 		93 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/api/config/AAAA4151001?language=de_DE
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
b5f90551de93a24614ef0e4cb72303624cf4527433cc7816751a7f3a8568c104
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZmZhNjBmNTItMTFlMC00Y2IyLTk3NzQtMmVkNmU5MDc4MjVi'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
activityDateTime
2024-07-01T13:32:36+02:00
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
ipAddress
80.255.10.199
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
preferredLanguage
EN
Accept
application/json, text/plain, */*
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZmZhNjBmNTItMTFlMC00Y2IyLTk3NzQtMmVkNmU5MDc4MjVi'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Date
Mon, 01 Jul 2024 11:32:37 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"17464-ESoBXScRbnotLTxyxjZ9BHiUDdo"
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, no-store, must-revalidate
expires
-1d
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7037e102057d591d9adf205fef096b6bc5f05927a92abfba941bf501fb206500

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 11:32:36 GMT
content-encoding
gzip
last-modified
Tue, 10 Mar 2020 22:29:23 GMT
server
AkamaiNetStorage
etag
"ded8555987db3b546f5ba6ed52f81b8d:1583879363.172979"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://credit.kohls.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Mon, 01 Jul 2024 12:32:36 GMT
config.json
c.go-mpulse.net/api/ Frame 4F8C 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=3H6HN-HCW87-4HZF3-YWYL6-C7HHH&d=credit.kohls.com&t=5732779&v=1.792.0&if=&sl=0&si=00382b53-b500-45ff-bf14-224ce07b37f5-sfy02b&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,BFCache,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6f16d474eb50dd5a40f81a66427bf8325712975480fa238aa36a733dcebc60a0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 11:32:37 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
1049
/
credit.kohls.com/ecs/auth/
Redirect Chain
  • https://credit.kohls.com/eCustService/onlineopinionV5/oo_tab_icon_retina.gif
  • https://credit.kohls.com/
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-Zjc2N2ZmZjAtYWZhYS00N2E1LWJjOTctMGU4MjIwYTc4NTU4'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-Zjc2N2ZmZjAtYWZhYS00N2E1LWJjOTctMGU4MjIwYTc4NTU4'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Date
Mon, 01 Jul 2024 11:32:37 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
expires
-1d

Redirect headers

Content-Security-Policy
default-src 'none'
Date
Mon, 01 Jul 2024 11:32:37 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
/ecs/auth/?cid=AAAA4151001
Cache-Control
no-cache, no-store, must-revalidate
expires
-1d
dest5.html
kohls.demdex.net/ Frame C137 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://kohls.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.248.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-248-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://credit.kohls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 01 Jul 2024 11:32:37 GMT
dcs
dcs-prod-irl1-1-v061-00fbad4e3.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 9 May 2024 11:56:09 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
DVaUAKe/Qgw=
id
ww8.kohls.com/ 		48 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww8.kohls.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&mid=39024930291318000371875515021683080345&ts=1719833556970
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
e6ca757f18b44d573abd0c42de76469f9825b78fbd4b441c0277b889bd213f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 01 Jul 2024 11:32:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://credit.kohls.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZoKT1QAAAKMPTANe
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=45398771329812574211382526404063049137
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZoKT1QAAAKMPTANe
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZoKT1QAAAKMPTANe
Protocol
H2
Server
52.17.109.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-109-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v061-00df4207c.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 01 Jul 2024 11:32:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
gDF4Yhn4QG0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZoKT1QAAAKMPTANe
Date
Mon, 01 Jul 2024 11:32:37 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
404.html
credit.kohls.com/
Redirect Chain
  • https://credit.kohls.com/favicon.ico
  • https://credit.kohls.com/404.html
4 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/404.html
Protocol
HTTP/1.1
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
abd20c9bbf212d3a5a749574787358d7465d2616532bde8fa61fbd3e87da2d26
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; base-uri 'self'; script-src 'nonce-OXuAUhmbmLekGiVuYAE/Ig==' 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://cdn.firstdata.com https://d1kjcdrfrq03t3.cloudfront.net http://d3ksttzjeov72n.cloudfront.net/ https://js-cdn.dynatrace.com https://cs.kohls.com https://kohlsecommerce.com https://s.go-mpulse.net https://tags.tiqcdn.com https://assets.adobedtm.com https://www.googletagservices.com https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com kohls.ada.support static.ada.support previews.ada.support ws-mt1.pusher.com https://maps.googleapis.com https://maps.gstatic.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'; base-uri 'self'; script-src 'nonce-OXuAUhmbmLekGiVuYAE/Ig==' 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://cdn.firstdata.com https://d1kjcdrfrq03t3.cloudfront.net http://d3ksttzjeov72n.cloudfront.net/ https://js-cdn.dynatrace.com https://cs.kohls.com https://kohlsecommerce.com https://s.go-mpulse.net https://tags.tiqcdn.com https://assets.adobedtm.com https://www.googletagservices.com https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com kohls.ada.support static.ada.support previews.ada.support ws-mt1.pusher.com https://maps.googleapis.com https://maps.gstatic.com; object-src 'none'
Date
Mon, 01 Jul 2024 11:32:37 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-REQUEST-ID
5eb0a1ef-da90-46e0-a29f-61454a9d49c8
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Accept-Encoding,Origin
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
expires
-1d

Redirect headers

Pragma
no-cache
Content-Security-Policy
frame-ancestors 'self'; base-uri 'self'; script-src 'nonce-qBRFJ/Ha4HT7dYARGd8wkA==' 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://cdn.firstdata.com https://d1kjcdrfrq03t3.cloudfront.net http://d3ksttzjeov72n.cloudfront.net/ https://js-cdn.dynatrace.com https://cs.kohls.com https://kohlsecommerce.com https://s.go-mpulse.net https://tags.tiqcdn.com https://assets.adobedtm.com https://www.googletagservices.com https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com kohls.ada.support static.ada.support previews.ada.support ws-mt1.pusher.com https://maps.googleapis.com https://maps.gstatic.com; object-src 'none'
Date
Mon, 01 Jul 2024 11:32:37 GMT
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Vary
Origin
X-Frame-Options
SAMEORIGIN
Location
/404.html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-REQUEST-ID
c8f45a4a-642d-4ef0-a45a-2fd7bc3be035
expires
-1d
s35449259769954
ww8.kohls.com/b/ss/kohlscomprod/10/JS-2.20.0-LAS8/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww8.kohls.com/b/ss/kohlscomprod/10/JS-2.20.0-LAS8/s35449259769954?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=1%2F6%2F2024%2013%3A32%3A37%201%20-120&d.&nsid=0&jsonv=1&.d&mid=39024930291318000371875515021683080345&aamlh=6&ce=UTF-8&cdp=3&fpCookieDomainPeriods=3&pageName=credit%3Alogin&g=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&c.&k.&pageDomain=credit.kohls.com&.k&mcid.&version=4.6.0&icsmcvid=-false&mcidcto=-false&aidcto=-false&.mcid&.c&cc=USD&v0=AAAA4151001&products=%3Bproductmerch1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v3=external&c4=credit&c9=credit%7C&c18=mon%7Cweekday%7C01%3A00%20pm&v18=mon%7Cweekday%7C01%3A00%20pm&c22=2024-07-01&v22=desktop&v40=cloud17&c50=D%3Ds_tempsess&c53=D%3DpageName&c64=VisitorAPI%20Present&v68=D%3DpageName&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
2552e04f77b5e847bfd8c31931d368942395ef4fd1fcc67e07ce7e092809609d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-aam-tid
u9HiqsJKSVY=
date
Mon, 01 Jul 2024 11:32:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
8504
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-1-v061-067025349.edge-irl1.demdex.com 5 ms
pragma
no-cache
last-modified
Tue, 02 Jul 2024 11:32:37 GMT
server
jag
etag
3693314443040456704-4618585081824568169
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 30 Jun 2024 11:32:37 GMT
OpenSans-SemiBold.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-SemiBold.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Origin
https://credit.kohls.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
EVuKfqftIUSq8D4VCw1jTX1jQKm5r5_K
date
Sun, 30 Jun 2024 17:22:31 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
65407
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
100256
last-modified
Thu, 11 Aug 2022 04:32:08 GMT
server
AmazonS3
etag
"096d8c73bb18e4328284f25138b47ac6"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
tmtQGYxT2yBsEjVHDJqhWcYPNs3OI1jSEsevve_YiWdlkQP-ILyD0w==
OpenSans-Bold.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		101 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-Bold.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7a41b04969454dfbe620bfbc7699647b2819d768374b3f0f90a714a0d80b199

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Origin
https://credit.kohls.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
nUKUekj8ArdJHhoBL0vGfyN1uodHat23
date
Sun, 30 Jun 2024 17:22:31 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
65407
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
103616
last-modified
Thu, 11 Aug 2022 04:31:43 GMT
server
AmazonS3
etag
"0062c34665a3fc0f2278cd4e955702ec"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
1YaEtxm8driudUbk3ANkh-zVv8ksJ7OHRz4uYFYvWRP9YhKNVBPIKw==
LandingPage_Marketing_Image_2021-01-27T12:06:50.899Z.png
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/LandingPage_Marketing_Image_2021-01-27T12:06:50.899Z.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eaffa853efb6e9eefd32e06a2f07bd2424fdf8fe23eec828610b8f5d61b2ef49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
OoGFlH5pOQnYl1Y8oka0OwHtpKMYun4T
date
Sun, 30 Jun 2024 15:35:22 GMT
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:57:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
71836
x-amz-server-side-encryption
AES256
etag
"d3ef2a1238f2c7a80fe17f03f277aacb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
54955
x-amz-cf-id
KBsz7e51bbLDx5zFXrH7OZhRLNJodsnTsToBzYbZKHJM8v3-vVwFFw==
not-visible.svg
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/images/ 		992 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/images/not-visible.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcf45c12e41f8d9b2dd5bd5c3088ce0b89f9679fabff8b1f94170b25ca1c2634

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
tQeT04l3xpkhZn0F0CCDj1tkPm_onaXR
date
Sun, 30 Jun 2024 15:35:22 GMT
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified
Thu, 11 Aug 2022 04:37:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
71836
x-amz-server-side-encryption
AES256
etag
"6fce3ff9699a8ccf4c184be7b2ae8e9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
992
x-amz-cf-id
PU0-MG01v8APutv-BhqxPsGpOtKDr-UpLZlqf9gxyFN0DHQBF_hfyg==
LandingPage_Logo_Image_2020-12-01T20:33:03.919Z.jpeg
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/LandingPage_Logo_Image_2020-12-01T20:33:03.919Z.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae893461bc00dc0c85f1e4b60b5059f9cf9fef356cd8c104c9aa8ebf3a1cb66c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
NhqLAlKuOQnJQapzoCD0jNza90AjFrK6
date
Sun, 30 Jun 2024 17:22:31 GMT
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:57:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
65407
x-amz-server-side-encryption
AES256
etag
"05406680debd225230e676efede11868"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
6032
x-amz-cf-id
gnhtW4BDK2-MI4PVBfCW2LiFTtkfWCedhAZ4LLt_xOgG07p97l4PYw==
/
02179914.akstat.io/ 		0
226 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://02179914.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8f::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://credit.kohls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 11:32:38 GMT
content-type
image/gif
access-control-allow-origin
https://credit.kohls.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
x-xss-protection
0
expires
Mon, 01 Jul 2024 11:32:38 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| digitalData string| environment object| GLOBAL_VARIABLES object| googletag number| BOOMR_lstart object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| initializeEnv object| pagesForAbandonment function| shouldMonitorForAbandonment object| $env object| ggeac object| google_tag_data object| google_js_reporting_queue object| BOOMR object| BOOMR_mq function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| OOo function| AppMeasurement_Module_AudienceManagement function| DIL number| BOOMR_onload string| s_tnt object| s_i_kohlscomprod number| BOOMR_configt function| startFeedback

41 Cookies

Domain/Path Name / Value
.kohls.com/ecs/auth Name: productnum
Value: 1
activate.kohls.com/ Name: __uzma
Value: 20d4d034-178c-474f-b4f0-d42b687b005f
activate.kohls.com/ Name: __uzmb
Value: 1719833555
activate.kohls.com/ Name: __uzme
Value: 7252
activate.kohls.com/ Name: __uzmc
Value: 707101093790
activate.kohls.com/ Name: __uzmd
Value: 1719833555
activate.kohls.com/ Name: __uzmf
Value: 7f6000b114202b-7013-40b1-871a-7ea4d3c531f617198335553600-ebdac58a965e83e910
activate.kohls.com/ Name: PLAY_SESSION
Value: d761c09a931d19afda0230e221873b82ea8d8f1b-ecs-csrf-value=6e985b35cbd5d527d81d84978507534d38681d9c-1719833555417-cc5745958e19967cb541d479
credit.kohls.com/ Name: __uzma
Value: 2be68d17-898e-4e4e-a3f3-56c5693aaf3d
credit.kohls.com/ Name: __uzmb
Value: 1719833555
credit.kohls.com/ Name: __uzme
Value: 8615
credit.kohls.com/ Name: clientId
Value: AAAA4151001
.demdex.net/ Name: demdex
Value: 45398771329812574211382526404063049137
.credit.kohls.com/ Name: AMCVS_F0EF5E09512D2CD20A490D4D%40AdobeOrg
Value: 1
.kohls.com/ Name: s_ecid
Value: MCMID%7C39024930291318000371875515021683080345
.credit.kohls.com/ Name: s_cmp
Value: AAAA4151001
.credit.kohls.com/ Name: gpv_v9
Value: credit%3Alogin
.credit.kohls.com/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZoKT1QAAAKMPTANe
.ww8.kohls.com/ Name: s_ecid
Value: MCMID%7C39024930291318000371875515021683080345
.dpm.demdex.net/ Name: dpm
Value: 45398771329812574211382526404063049137
.credit.kohls.com/ Name: AMCV_F0EF5E09512D2CD20A490D4D%40AdobeOrg
Value: -408604571%7CMCIDTS%7C19906%7CMCMID%7C39024930291318000371875515021683080345%7CMCAAMLH-1720438356%7C6%7CMCAAMB-1720438356%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1719840757s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19913%7CvVersion%7C4.6.0
.agkn.com/ Name: ab
Value: 0001%3AW0eVuACZxlc9XOvo6XcD60c%2B2Eq3Y4gN
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
credit.kohls.com/ Name: __uzmd
Value: 1719833557
.doubleclick.net/ Name: IDE
Value: AHWqTUlzpsuKnL5stIMV_BAuQSrahgaHtG1Wg626hckURhzSBd2VZTbRNyIBOcr_CNk
credit.kohls.com/ Name: __uzmc
Value: 297902513740
credit.kohls.com/ Name: __uzmf
Value: 7f6000603cf80a-7c63-4f29-92ef-1e2e985eebdb17198335559901866-54529ce774c84e9d25
.kohls.com/ Name: uzmx
Value: 7f900095d99e4b-ef43-4445-b9ed-80ff145c7b891-17198335553602496-b48a85d4c6b6284428
.twitter.com/ Name: personalization_id
Value: "v1_g3lervwOWlmUXrsMf9wzlg=="
.credit.kohls.com/ Name: RT
Value: "z=1&dm=credit.kohls.com&si=6e8ad59d-33f7-4b3d-943e-596309a28a6a&ss=ly2whs0m&sl=1&tt=1ui&bcn=%2F%2F02179914.akstat.io%2F&ld=2mf"
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=60263F21B9D6F6"
.casalemedia.com/ Name: CMID
Value: ZoKT11VbLVEAADbOAx-ceQAA
.casalemedia.com/ Name: CMPS
Value: 5167
.casalemedia.com/ Name: CMPRO
Value: 5167
.eyeota.net/ Name: SERVERID
Value: 23604~DM
.owneriq.net/ Name: si
Value: Q7731199591022509425
.owneriq.net/ Name: p2
Value: adpq
.mxptint.net/ Name: mxpim
Value: R33645_117FA0BCA_1130AD83.1.00000000000000000000000000000000000000000000000000000000668293D8
.ipredictive.com/ Name: cu
Value: 24e0d314-95b0-4abb-9b45-7042908e9ba2|1719833560369
.demdex.net/ Name: dextp
Value: 21-1-1719833557130|60-1-1719833557230|358-1-1719833557331|477-1-1719833557432|601-1-1719833557533|640-1-1719833557633|771-1-1719833557738|822-1-1719833557839|992-1-1719833557949|1123-1-1719833558050|1083-1-1719833558151|1085-1-1719833558252|1086-1-1719833558353|1087-1-1719833558457|1088-1-1719833558557|903-1-1719833558664|20-1-1719833558766|3047-1-1719833558867|28645-1-1719833558967|23728-1-1719833559069|30064-1-1719833559169|30646-1-1719833559270|575-1-1719833559370|53196-1-1719833559471|49276-1-1719833559573|73426-1-1719833559677|75557-1-1719833559781|79908-1-1719833559884|2340-1-1719833560000|66757-1-1719833560101|121998-1-1719833560202|144230-1-1719833560304|144231-1-1719833560406|144232-1-1719833560507|144233-1-1719833560609|144234-1-1719833560715|144235-1-1719833560818|144236-1-1719833560919|144237-1-1719833561021

2 Console Messages

Source Level URL
Text
security error URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001(Line 55)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MTE3ZWQxNGEtN2U5Ny00MTRhLWFjOTQtNjIzNWZlNmViMDFl'". Either the 'unsafe-inline' keyword, a hash ('sha256-Mt+wcEs3C65XzdkOyCLW0mqv2SvgbfZxTeO1YQC/BGA='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001(Line 55)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MTE3ZWQxNGEtN2U5Ny00MTRhLWFjOTQtNjIzNWZlNmViMDFl'". Either the 'unsafe-inline' keyword, a hash ('sha256-G+7b4GdUrsXJlO9Pce6VdhLp6fmmdQUFuzfS7aELdwo='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MTE3ZWQxNGEtN2U5Ny00MTRhLWFjOTQtNjIzNWZlNmViMDFl'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179914.akstat.io
activate.kohls.com
assets.adobedtm.com
c.go-mpulse.net
cdn.firstdata.com
cm.everesttech.net
credit.kohls.com
d3ksttzjeov72n.cloudfront.net
dpm.demdex.net
ipv4.icanhazip.com
kohls.demdex.net
s.go-mpulse.net
securepubads.g.doubleclick.net
ww8.kohls.com
104.16.184.241
172.217.18.2
2600:9000:20ae:3800:1b:64b0:3080:93a1
2600:9000:214f:a00:0:ed0d:63c0:21
2a02:26f0:3500:587::1e80
2a02:26f0:480:d8f::11a6
2a02:26f0:7100:59a::11a6
34.255.95.127
52.17.109.160
54.72.248.35
63.140.62.222
66.22.20.103
0ca6e3d341ef6d37f58c5458074552419259485305c0c97053ff2c0722c679a5
170f6f3bf935abdfb170ce0f871755db1fd5e473317c659b551fb542d02b2844
1f9e5db2d0dd841b403c591b80839f11fce95b7a395d8f17ff60fe8c7a9a1e3e
2552e04f77b5e847bfd8c31931d368942395ef4fd1fcc67e07ce7e092809609d
26591f0e9074e03b9b45a60e9ad21b3ef6e9c182901903949a18e21b26759ff0
2a5b17b74cd096238de6258647f657d617e70b47de248d17c30d5a5e2506e9b2
33bbfcb62d416e997c644430385e28227830e164193697c05cb8292f637ef3d4
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2
6f16d474eb50dd5a40f81a66427bf8325712975480fa238aa36a733dcebc60a0
7037e102057d591d9adf205fef096b6bc5f05927a92abfba941bf501fb206500
79ee555e21c245f869ad87378cfa18fa3899717bd824fa6d7ac94782bb986cd6
a7a41b04969454dfbe620bfbc7699647b2819d768374b3f0f90a714a0d80b199
aaa3677440f44dc9c11249cf6291644c13c1b0eeb7ba01325ed493178f7a10a6
abd20c9bbf212d3a5a749574787358d7465d2616532bde8fa61fbd3e87da2d26
adfcb165c69213b0aba3c64bc549f7ff156ec82110fb8ef144b1d16ebc13b04a
ae893461bc00dc0c85f1e4b60b5059f9cf9fef356cd8c104c9aa8ebf3a1cb66c
b5f90551de93a24614ef0e4cb72303624cf4527433cc7816751a7f3a8568c104
bcf45c12e41f8d9b2dd5bd5c3088ce0b89f9679fabff8b1f94170b25ca1c2634
be3a7ee217350e5a1b40ba39016a2409fc35a286d1035f862c61236bb0cdf9a7
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104
cb8fac376f394b4154f901255a03e6d49fe4f094fb8959081209f600a932efe0
cc2ad622dd7ddd9c6624d07eea8d940f697f759907e4b4c889fdc54c0f171ce4
d2d022ed24f6e3b13e9999fb3cdfbc714190a40817dc95a5412b19cf0c0b2f12
dfe4fc6f88c5c732ddee9b7269dd0f4b4c799971dcd32597dda2daae3334fb25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ca757f18b44d573abd0c42de76469f9825b78fbd4b441c0277b889bd213f60
eaffa853efb6e9eefd32e06a2f07bd2424fdf8fe23eec828610b8f5d61b2ef49
eef93a7ff6f4d0afdf9ad3bc39ee60a915732171d405e90032bf5ee8fe4a19aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3739aaade6ba466c207142443cd08fb5c19481be06180bcf7da87291689cbfe