www.ethelm.com Open in urlscan Pro
54.83.11.155 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bm5150.com/t/l?ssid=34146&subscriber_id=bicnfiqmkayuebmdpmqjdtqhwtkgben&delivery_id=bcgcdpwjdexwniqzrbqfbwo...
Effective URL:
https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Va...
Submission Tags: falconsandbox
Submission: On February 25 via api (February 25th 2021, 3:01:17 am UTC) from US

Summary HTTP 160 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 74 IPs in 10 countries across 78 domains to perform 160 HTTP transactions. The main IP is 54.83.11.155, located in United States and belongs to AMAZON-AES, US. The main domain is www.ethelm.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 30th 2020. Valid for: a year.

This is the only time www.ethelm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.27.63.18 216.27.63.18	7349 (AS-TIERP-...) (AS-TIERP-7349)
3	54.83.11.155 54.83.11.155	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
17	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::1a43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3031::6815:2430	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.19.209.81 104.19.209.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.18.25.161 104.18.25.161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a02:26f0:710... 2a02:26f0:7100:185::3a7c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	23.79.129.43 23.79.129.43	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 3	35.227.244.1 35.227.244.1	15169 (GOOGLE) (GOOGLE)
4	143.204.90.58 143.204.90.58	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
3 3	216.152.140.212 216.152.140.212	13768 (COGECO-PEER1) (COGECO-PEER1)
3	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2a04:4e42:9::84 2a04:4e42:9::84	54113 (FASTLY) (FASTLY)
2 3	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1 3	99.80.128.92 99.80.128.92	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:4200:10:13ca:c600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:280::3a7c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	35.190.71.216 35.190.71.216	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
5	34.233.235.75 34.233.235.75	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 12	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 3	52.58.57.174 52.58.57.174	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.123.78.164 3.123.78.164	16509 (AMAZON-02) (AMAZON-02)
1	199.187.193.193 199.187.193.193	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	52.28.254.214 52.28.254.214	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.57.47.211 52.57.47.211	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	52.49.114.167 52.49.114.167	16509 (AMAZON-02) (AMAZON-02)
4 4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
2 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2 3	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	104.108.41.56 104.108.41.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	18.202.184.10 18.202.184.10	16509 (AMAZON-02) (AMAZON-02)
1	52.218.89.195 52.218.89.195	16509 (AMAZON-02) (AMAZON-02)
1 2	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
1 1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
6 7	80.82.217.102 80.82.217.102	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	51.77.65.176 51.77.65.176	16276 (OVH) (OVH)
1 1	80.82.217.94 80.82.217.94	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	85.90.245.27 85.90.245.27	63949 (LINODE-AP...) (LINODE-AP Linode)
1	52.48.18.249 52.48.18.249	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.225.78.117 13.225.78.117	16509 (AMAZON-02) (AMAZON-02)
2 2	54.208.188.153 54.208.188.153	14618 (AMAZON-AES) (AMAZON-AES)
2 2	108.128.254.60 108.128.254.60	16509 (AMAZON-02) (AMAZON-02)
1 1	18.133.35.94 18.133.35.94	16509 (AMAZON-02) (AMAZON-02)
4	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
2 2	18.159.182.76 18.159.182.76	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
3 3	54.36.109.155 54.36.109.155	16276 (OVH) (OVH)
3 4	51.77.188.223 51.77.188.223	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1	143.204.90.40 143.204.90.40	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	18.184.39.197 18.184.39.197	16509 (AMAZON-02) (AMAZON-02)
1	35.190.54.17 35.190.54.17	15169 (GOOGLE) (GOOGLE)
1	185.59.220.199 185.59.220.199	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
160	74

1 216.27.63.18 (Raleigh, United States) 1 redirects

ASN7349 (AS-TIERP-7349, US)
PTR: bronto.com

bm5150.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.83.11.155 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-11-155.compute-1.amazonaws.com

www.ethelm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:26f0:6c00:2bf::1a43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn-tp4.mozu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:2430 (United States)

ASN13335 (CLOUDFLARENET, US)

load.fomo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.209.81 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.checkout.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.161 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.secure.checkout.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:7100:185::3a7c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.bronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 23.79.129.43 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-129-43.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.244.1 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.90.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-58.fra50.r.cloudfront.net

d3rr3d0n31t48m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

4498545.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.152.140.212 (Herndon, United States) 3 redirects

ASN13768 (COGECO-PEER1, CA)

centro.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:9::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.80.128.92 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-128-92.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4200:10:13ca:c600:93a1 (United States)

ASN16509 (AMAZON-02, US)

p.linkstorm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdn.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:280::3a7c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snip.bronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.216 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 216.71.190.35.bc.googleusercontent.com

addstrap-ui.addshoppers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.233.235.75 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-235-75.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.4.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.57.174 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-57-174.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.78.164 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-78-164.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.254.214 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.47.211 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.243.60.138 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.114.167 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-114-167.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.207.148 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.41.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-56.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.184.10 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.89.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.236 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3175227.ip-51-210-112.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 80.82.217.102 (Düsseldorf, Germany) 6 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.65.176 (France) 1 redirects

ASN16276 (OVH, FR)

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.217.94 (Düsseldorf, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.90.245.27 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.18.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.14 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-117.fra2.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.208.188.153 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.254.60 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.35.94 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.182.76 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (Englewood, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.36.109.155 (France) 3 redirects

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.77.188.223 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ip223.ip-51-77-188.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.90.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-40.fra50.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.39.197 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)

shopper.shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.materialdesignicons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	adform.net 4 redirects a1.adform.net s2.adform.net c1.adform.net dmp.adform.net	37 KB
18	tiqcdn.com tags.tiqcdn.com	36 KB
17	mozu.com cdn-tp4.mozu.com	1 MB
13	bronto.com cdn.bronto.com snip.bronto.com	197 KB
10	doubleclick.net 7 redirects 4498545.fls.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	5 KB
8	adsafety.net 7 redirects cm.adsafety.net tags.adsafety.net	15 KB
7	cookielaw.org cdn.cookielaw.org	130 KB
5	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	5 KB
5	semasio.net 4 redirects uipglob.semasio.net	3 KB
5	stackadapt.com tags.srv.stackadapt.com	7 KB
4	mediarithmics.com 3 redirects cookie-matching.mediarithmics.com	1 KB
4	exelator.com 3 redirects loadm.exelator.com load77.exelator.com loada.exelator.com	3 KB
4	adsrvr.org 3 redirects js.adsrvr.org match.adsrvr.org	4 KB
4	cloudfront.net d3rr3d0n31t48m.cloudfront.net	63 KB
4	shop.pe 1 redirects shop.pe shopper.shop.pe	25 KB
4	facebook.net connect.facebook.net	172 KB
3	id5-sync.com 3 redirects id5-sync.com	4 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com	1 KB
3	360yield.com 2 redirects ad.360yield.com ice.360yield.com	1 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	google.de www.google.de adservice.google.de	1 KB
3	google.com adservice.google.com analytics.google.com www.google.com	1 KB
3	crwdcntrl.net 1 redirects bcp.crwdcntrl.net sync.crwdcntrl.net	965 B
3	sitescout.com pixel.sitescout.com	573 B
3	pixel.ad 3 redirects centro.pixel.ad	201 B
3	visa.com 2 redirects secure.checkout.visa.com assets.secure.checkout.visa.com	10 KB
3	ethelm.com www.ethelm.com	26 KB
2	3lift.com 1 redirects eb2.3lift.com	718 B
2	tapad.com 2 redirects pixel.tapad.com	926 B
2	1dmp.io 1 redirects sync.1dmp.io	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	579 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	audrte.com 2 redirects a.audrte.com	2 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com	913 B
2	smartstream.tv 2 redirects ads.smartstream.tv cm.smartstream.tv	1 KB
2	onaudience.com 1 redirects pixel.onaudience.com	736 B
2	openx.net 1 redirects eu-u.openx.net	470 B
2	bluekai.com tags.bluekai.com	1 KB
2	eyeota.net ps.eyeota.net	688 B
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	lijit.com 1 redirects ce.lijit.com	973 B
2	bidswitch.net 2 redirects x.bidswitch.net	841 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	679 B
2	adscale.de 2 redirects ih.adscale.de	656 B
2	facebook.com www.facebook.com	398 B
2	pinterest.com ct.pinterest.com	754 B
2	mparticle.com jssdkcdns.mparticle.com jssdkcdn.mparticle.com
2	pinimg.com s.pinimg.com	18 KB
2	googletagmanager.com www.googletagmanager.com	108 KB
1	materialdesignicons.com cdn.materialdesignicons.com	14 KB
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net s.ad.smaato.net	237 B
1	teads.tv sync.teads.tv	172 B
1	ib-ibi.com global.ib-ibi.com	72 B
1	agkn.com 1 redirects aa.agkn.com	343 B
1	userreport.com pdw-adf.userreport.com	432 B
1	pubmatic.com simage2.pubmatic.com	974 B
1	krxd.net beacon.krxd.net	337 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net	407 B
1	stickyadstv.com ads.stickyadstv.com	714 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	yieldlab.net ad.yieldlab.net	522 B
1	crazyegg.com script.crazyegg.com
1	bing.com bat.bing.com	9 KB
1	googleadservices.com www.googleadservices.com	13 KB
1	addshoppers.com addstrap-ui.addshoppers.com	6 KB
1	linkstorm.net p.linkstorm.net	3 KB
1	yimg.com s.yimg.com	6 KB
1	gstatic.com fonts.gstatic.com	26 KB
1	fomo.com load.fomo.com	20 KB
1	googleapis.com fonts.googleapis.com	571 B
1	bm5150.com 1 redirects bm5150.com	2 KB
0	angsrvr.com Failed sy.eu.angsrvr.com Failed
160	78

	Domain	Requested by
18	tags.tiqcdn.com	www.ethelm.com tags.tiqcdn.com
17	cdn-tp4.mozu.com	www.ethelm.com cdn-tp4.mozu.com
12	c1.adform.net	2 redirects a1.adform.net c1.adform.net
12	cdn.bronto.com	www.ethelm.com cdn.bronto.com
7	cm.adsafety.net	6 redirects c1.adform.net
7	cdn.cookielaw.org	www.ethelm.com cdn.cookielaw.org
6	cm.g.doubleclick.net	6 redirects
5	uipglob.semasio.net	4 redirects c1.adform.net
5	tags.srv.stackadapt.com	cdn.cookielaw.org tags.srv.stackadapt.com
4	cookie-matching.mediarithmics.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	d3rr3d0n31t48m.cloudfront.net	www.ethelm.com shop.pe
4	connect.facebook.net	www.ethelm.com cdn.cookielaw.org connect.facebook.net
3	id5-sync.com	3 redirects
3	secure.adnxs.com	2 redirects c1.adform.net
3	idsync.rlcdn.com	2 redirects c1.adform.net
3	match.adsrvr.org	3 redirects
3	www.google-analytics.com	cdn.cookielaw.org www.google-analytics.com
3	a1.adform.net	2 redirects www.ethelm.com
3	pixel.sitescout.com	www.ethelm.com
3	centro.pixel.ad	3 redirects
3	shop.pe	1 redirects d3rr3d0n31t48m.cloudfront.net
3	www.ethelm.com	www.ethelm.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	ib.adnxs.com	2 redirects
2	pixel.onaudience.com	1 redirects c1.adform.net
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	c1.adform.net
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ce.lijit.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	www.facebook.com	www.ethelm.com
2	www.google.de	www.ethelm.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	ct.pinterest.com	s.pinimg.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	4498545.fls.doubleclick.net	1 redirects tags.tiqcdn.com
2	www.googletagmanager.com	www.ethelm.com www.googletagmanager.com
2	assets.secure.checkout.visa.com	1 redirects www.ethelm.com
1	cdn.materialdesignicons.com	cdn.bronto.com
1	shopper.shop.pe	shop.pe
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	ice.360yield.com	1 redirects
1	global.ib-ibi.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.smartstream.tv	1 redirects
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	loada.exelator.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	load77.exelator.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	www.google.com	www.ethelm.com
1	js.adsrvr.org	cdn.cookielaw.org
1	script.crazyegg.com	cdn.cookielaw.org
1	bat.bing.com	cdn.cookielaw.org
1	www.googleadservices.com	cdn.cookielaw.org
1	adservice.google.de	adservice.google.com
1	analytics.google.com	www.googletagmanager.com
1	addstrap-ui.addshoppers.com	shop.pe
1	adservice.google.com	4498545.fls.doubleclick.net
1	snip.bronto.com	tags.tiqcdn.com
1	jssdkcdn.mparticle.com	tags.tiqcdn.com
1	jssdkcdns.mparticle.com	tags.tiqcdn.com
1	p.linkstorm.net	tags.tiqcdn.com
1	bcp.crwdcntrl.net	tags.tiqcdn.com
1	s2.adform.net	www.ethelm.com
1	s.yimg.com	tags.tiqcdn.com
1	fonts.gstatic.com	fonts.googleapis.com
1	secure.checkout.visa.com	1 redirects
1	load.fomo.com	www.ethelm.com
1	fonts.googleapis.com	www.ethelm.com
1	bm5150.com	1 redirects
0	sy.eu.angsrvr.com Failed	c1.adform.net
160	98

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
wbiprod.storedvalue.com
www.mars.com
careers.mars.com
www.mms.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
ethelm.com DigiCert SHA2 Extended Validation Server CA	`2020-09-30` - `2021-10-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
mozu.com DigiCert Secure Site ECC CA-1	`2020-10-12` - `2021-11-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
assets.secure.checkout.visa.com Cloudflare Inc ECC CA-3	`2020-10-22` - `2021-10-21`	a year	crt.sh
bronto.oracle.com DigiCert Secure Site ECC CA-1	`2020-03-09` - `2021-05-08`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-21` - `2021-04-06`	a month	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.linkstorm.net Amazon	`2020-12-31` - `2022-01-29`	a year	crt.sh
jssdkcdns.mparticle.com R3	`2021-01-01` - `2021-04-01`	3 months	crt.sh
jssdkcdn.mparticle.com R3	`2021-01-01` - `2021-04-01`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.addshoppers.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-03` - `2021-09-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2021-05-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-24` - `2021-04-20`	6 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2020-03-09` - `2021-03-27`	a year	crt.sh
*.eyeota.net R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
1605158521.rsc.cdn77.org R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2020-05-28` - `2021-05-28`	a year	crt.sh
*.adsafety.net R3	`2021-02-08` - `2021-05-09`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.mediarithmics.com Gandi Standard SSL CA 2	`2021-02-17` - `2022-03-01`	a year	crt.sh
teads.tv R3	`2021-02-18` - `2021-05-19`	3 months	crt.sh
sync.1dmp.io R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
s.ad.smaato.net Amazon	`2020-04-15` - `2021-05-15`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2020-05-22` - `2021-06-04`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.shop.pe RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-03` - `2021-10-02`	a year	crt.sh
cdn.materialdesignicons.com R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Frame ID: BAE7B2688B045E5FCF08816EAD9CC737
Requests: 112 HTTP requests in this frame

Frame: https://4498545.fls.doubleclick.net/activityi;dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103
Frame ID: C3B1A054837211B5D2D4C4C048ECA17D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103
Frame ID: 51EEED2A89A0031EF00C2FDB0CAF24E0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103
Frame ID: 964DE16E2D94E4657CAE4A17B1233A64
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Frame ID: B65E435522C5FBBB6D9D9A5742369938
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bm5150.com/t/l?ssid=34146&subscriber_id=bicnfiqmkayuebmdpmqjdtqhwtkgben&delivery_id=bcg... HTTP 307
https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

160
Requests

99 %
HTTPS

29 %
IPv6

78
Domains

98
Subdomains

74
IPs

10
Countries

1994 kB
Transfer

5739 kB
Size

0
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/EthelMChocolates
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/EthelMChocolate
Title:

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/echocolates/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ethelmchocolates/
Title:

Search URL Search Domain Scan URL

URL: https://wbiprod.storedvalue.com/WBI/lookupservlet?language=en&host=ethelm.com
Title: Check Gift Card Balance

Search URL Search Domain Scan URL

URL: http://www.mars.com/global/policies/privacy/pp-english.aspx
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.mars.com/global/policies/note-to-parents/np-english.aspx
Title: Note to Parents

Search URL Search Domain Scan URL

URL: http://www.mars.com/global/policies/legal/ld-english.aspx
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EthelMChocolates/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/ethelmchocolate?lang=en
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/echocolates/
Title:

Search URL Search Domain Scan URL

URL: https://careers.mars.com/global/en
Title: Careers

Search URL Search Domain Scan URL

URL: https://wbiprod.storedvalue.com/WBI/lookupservlet?language=en&host=ethelm.com&target=blank
Title: Gift Card Balance

Search URL Search Domain Scan URL

URL: https://www.mms.com/en-us/?utm_source=referral&utm_medium=ethelmwebsite&utm_campaign=footer
Title:

Search URL Search Domain Scan URL

URL: http://www.mars.com/global/index.aspx
Title:

Search URL Search Domain Scan URL

URL: https://www.mars.com/mars-incorporated-adchoices-united-states
Title: AdChoices

Search URL Search Domain Scan URL

URL: http://www.mars.com/global/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.mars.com/modern-slavery-act
Title: Modern Slavery Act

Search URL Search Domain Scan URL

URL: https://www.mars.com/cookies-english
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.mars.com/legal/ca-supply-chain-act
Title: CA Supply Chain Act

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bm5150.com/t/l?ssid=34146&subscriber_id=bicnfiqmkayuebmdpmqjdtqhwtkgben&delivery_id=bcgcdpwjdexwniqzrbqfbwolgpihbbl&td=mdDAZ9f4qFUukjI8IOeHIAKnlhqo9yT3LRc2quaANTlepGCb9e_iLwIS7Du6XyssixjyqHqFCRY24AHLu9M0i3QH_j3ixWX9ccoNHF6nHYmkFQyYRkwfcntdtq6mhMPEYHLyB7yPYU92msltfNglAeLmbxvJxrQMpiqZsqKgx8-4RzYg_AcegoHrDena1kDoj_GoI9i8XIu5m40jqN6eqfZqUR4DX42UNvnMAn9JHp2NoopRo-DwOvh-9kZocOR5ymsCO4Sl8Nb8w&data=04%7C01%7CMartin.Claessens%40trade.gov%7C2e5154f5f5d94e91ccc808d8cc85710f%7Ca1d183f26c7b4d9ab9945f2f31b3f780%7C1%7C0%7C637484220789510607%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=PUNjAM%2FEsk2kkQQfZvU6A2sOh7Ndi%2BjXjoyKDSUfDk8%3D&reserved=0 HTTP 307
https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false HTTP 301
https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false HTTP 302
https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false&country=DE&refererUrl=undefined&appType=web

Request Chain 24

https://shop.pe/widget/widget_async.js HTTP 301
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

Request Chain 42

https://4498545.fls.doubleclick.net/activityi;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103 HTTP 302
https://4498545.fls.doubleclick.net/activityi;dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103

Request Chain 44

https://centro.pixel.ad/iap/66fe897698d864ee HTTP 301
https://pixel.sitescout.com/iap/66fe897698d864ee

Request Chain 45

https://centro.pixel.ad/iap/b3e7a4fb6df72391 HTTP 301
https://pixel.sitescout.com/iap/b3e7a4fb6df72391

Request Chain 46

https://centro.pixel.ad/iap/e14a6cdbc7660810 HTTP 301
https://pixel.sitescout.com/iap/e14a6cdbc7660810

Request Chain 50

https://a1.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 88

https://a1.adform.net/Serving/TrackPoint/?pm=1559144&ADFPageName=Shopping%20Pages%20&ADFdivider=%7C&ord=91157584502&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IiIsImlkIjoiIiwiY250ciI6IiIsImJzeiI6MSwiYWdlIjoiIiwiZ2VuIjoiIiwiY3VyIjoiIn0&loc=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1559144&ADFPageName=Shopping%20Pages%20&ADFdivider=%7C&ord=91157584502&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IiIsImlkIjoiIiwiY250ciI6IiIsImJzeiI6MSwiYWdlIjoiIiwiZ2VuIjoiIiwiY3VyIjoiIn0&loc=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh

Request Chain 96

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6736529882512009979&Expiration=1615431645 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6736529882512009979&Expiration=1615431645

Request Chain 99

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6736529882512009979&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6736529882512009979&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=298a9d46cee84ed9a9112aa1b367ea6a HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=7ca2c9797baccbeecb1abf1de65b565aa2719826350cac925c9f6f1de7328976

Request Chain 101

https://pixel.advertising.com/ups/55944/sync?uid=6736529882512009979&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=6736529882512009979&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6736529882512009979&_origin=1&apid=UPa7a63bc1-7715-11eb-84dc-062cb963ccb8 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6736529882512009979&_origin=1&apid=UPa7a63bc1-7715-11eb-84dc-062cb963ccb8&verify=true

Request Chain 104

https://x.bidswitch.net/sync?dsp_id=70&user_id=6736529882512009979 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6736529882512009979 HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=1d372b80-9f3d-48ac-a327-a3f6abb9d1dc HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=1d372b80-9f3d-48ac-a327-a3f6abb9d1dc&dnr=1

Request Chain 105

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6736529882512009979&expiration=1615431645 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6736529882512009979&expiration=1615431645&C=1

Request Chain 106

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6736529882512009979&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6736529882512009979&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=12fc6037-12dd-4300-adcb-bca91cc0e6d8&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=e99d10be-6cf4-4e4e-aed5-14cb3a9afb08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QzFDMDE1QjIxOTk3MzU0QQ&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEIRH6XSU8KpQ5NrNVSI9hAs&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 108

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6736529882512009979 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6736529882512009979&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 109

https://idsync.rlcdn.com/398366.gif?partner_uid=6736529882512009979 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNjczNjUyOTg4MjUxMjAwOTk3ORAAGg0I3aXcgQYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHrJxwtcOwVTeOsT4EDbKro&google_cver=1

Request Chain 110

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6736529882512009979 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6736529882512009979

Request Chain 112

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6736529882512009979 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6736529882512009979

Request Chain 113

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 114

https://pixel.onaudience.com/?mapped=6736529882512009979&partner=68 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=23309472f16b6cab93a6617f635e96a6

Request Chain 115

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6736529882512009979 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12021022503c4125e640bfc77a0d6e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=19852d53d2c491d3d6871cb7537bf7a6 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12021022503c4125e640bfc77a0d6e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=19852d53d2c491d3d6871cb7537bf7a6&idt_did_status=added&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTAyMjUwM2M0MTI1ZTY0MGJmYzc3YTBkNmU HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEA1JjryX-NF7X-XxmUhfKgA&google_cver=1 HTTP 302
https://ib.adnxs.com/getuid?https://cm.adsafety.net/?_cmsrc=appnexus&idt=100&did=$UID&request=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=appnexus&idt=100&did=5147913936524060103&request=1 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=6933030900349008018 HTTP 302
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=6933030900349008018 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12021022503c4125e640bfc77a0d6e HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6736529882512009979

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjczNjUyOTg4MjUxMjAwOTk3OQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPbeahqvDyzjkuLXePc37bA&google_cver=1&google_ula=1641347,0

Request Chain 119

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=5147913936524060103&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=6736529882512009979

Request Chain 122

https://a.audrte.com/a?adform_uid=6736529882512009979 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&google_gid=CAESEGt2BqS1BAj8wScrUfq6msA&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=29dp1F9iy2iQkq65R3E7JuZjQ&gdpr=0&gdpr_consent=

Request Chain 123

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6736529882512009979&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6736529882512009979&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=80829467782978775892149628752832948972&noredirect=1

Request Chain 124

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6736529882512009979 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164880503708000049928

Request Chain 125

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6933030900349008018

Request Chain 127

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=12fc6037-12dd-4300-adcb-bca91cc0e6d8

Request Chain 128

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=N6OGABFj1Lf6Ts5

Request Chain 129

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e99d10be-6cf4-4e4e-aed5-14cb3a9afb08

Request Chain 131

https://id5-sync.com/s/10/0.gif?puid=6736529882512009979 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=6736529882512009979&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOsVbdmxeXhJFg2p6ROi4WLw5y7_owAkVGrgfDzw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=ead512ea-b37d-4be8-b05f-207bface0231&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOxJ0_3a-64s--tT41JSIaA&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOxJ0_3a-64s--tT41JSIaA&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5147913936524060103&opid=apx&ops=&utidl=tech:goo:CAESEOxJ0_3a-64s--tT41JSIaA&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033

Request Chain 132

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1720981776 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=xNzjNpxS.doGBMp4ZIEbt.

Request Chain 134

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6736529882512009979 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6736529882512009979&cs=1

Request Chain 136

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=6736529882512009979&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=6736529882512009979&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=a875e7d1-7715-11eb-8b15-9e9b130d4f06

Request Chain 138

https://eb2.3lift.com/xuid?mid=7354&xuid=6736529882512009979&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6736529882512009979&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

160 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request 100510 Show response
www.ethelm.com/valentines-day-chocolates/c/
Redirect Chain

http://bm5150.com/t/l?ssid=34146&subscriber_id=bicnfiqmkayuebmdpmqjdtqhwtkgben&delivery_id=bcgcdpwjdexwniqzrbqfbwolgpihbbl&td=mdDAZ9f4qFUukjI8IOeHIAKnlhqo9yT3LRc2quaANTlepGCb9e_iLwIS7Du6XyssixjyqHq...
https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3...

63 KB
18 KB

504ms
191ms

Document
text/html

54.83.11.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.11.155 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-11-155.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

1e256dcad6da5694446db772bf8ce47ea5f990914a7179b0536e58d8ba776953

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains

Request headers

:method: GET
:authority: www.ethelm.com
:scheme: https
:path: /valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-type: text/html
server: Microsoft-IIS/8.5
cache-control: no-cache
pragma: no-cache
content-encoding: br
expires: -1
set-cookie: sb-sf-at-prod-s=pt=&at=xWXuEuNAS21nvMfPfJpKBo8rtTN+pLbcjE46lxEckORec8NNXKktDisdSrRC3iSmUErbgFHNmr6EBOENLxJaCGqvbCbLBi5vc7CLF3pS5ZJ7MOog8Y6GW556BYgE4BVlMWeIGz67FhFmuBC4m6MJt54J7ZFcXM539F+5+pw7YJ1Rwn+iEn4OjgGCWymd2wKfaYcBVeIXPMgAThwnKznhctmkOVFfhnRkNqxAiAMub3zXOm2QY7fW4fs6ZT3H7fvTa95UDY/SaXEU5/x3VeNfA7DxNFl8QNLKz0omUi5YOfRgubSslSxdxze7schzV/4/EiTDkLIZghNql9m2QEr4Iw==&dt=2021-02-25T03:00:44.5014464Z; path=/; HttpOnly sb-sf-at-prod=pt=&at=xWXuEuNAS21nvMfPfJpKBo8rtTN+pLbcjE46lxEckORec8NNXKktDisdSrRC3iSmUErbgFHNmr6EBOENLxJaCGqvbCbLBi5vc7CLF3pS5ZJ7MOog8Y6GW556BYgE4BVlMWeIGz67FhFmuBC4m6MJt54J7ZFcXM539F+5+pw7YJ1Rwn+iEn4OjgGCWymd2wKfaYcBVeIXPMgAThwnKznhctmkOVFfhnRkNqxAiAMub3zXOm2QY7fW4fs6ZT3H7fvTa95UDY/SaXEU5/x3VeNfA7DxNFl8QNLKz0omUi5YOfRgubSslSxdxze7schzV/4/EiTDkLIZghNql9m2QEr4Iw==; expires=Mon, 25-Feb-2041 03:00:44 GMT; path=/; HttpOnly
vary: Accept-Encoding
x-vol-correlation: a71f0549dcf84c53b1b8d379c42109c8
referrer-policy: same-origin
strict-transport-security: max-age=15768000;includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

Redirect headers

Location: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine's+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Set-Cookie: bs_t_7a301096cdc4e74031f2ce200d586411=YTo3OntzOjE6InMiO3M6MzI6IjdhMzAxMDk2Y2RjNGU3NDAzMWYyY2UyMDBkNTg2NDExIjtzOjE6ImMiO3M6MzI6IjlkZTlhMTE4NDIyMDk0ZTA3Y2JiOTEwNGNlZDRlYTU2IjtzOjE6ImQiO3M6MzI6IjgyYzJkZjBjYTI3M2M1YmY1MjVhNDdmNzZmMGZlN2QzIjtzOjM6Im12bCI7czozMjoiMjQ1OWYyMGEwNDA0OWM3ODJmOTY4OGU4MDllNzliYjIiO3M6MzoiY2lkIjtzOjI5OiJpc2dwcTl4ajk4dHE5ZmFyY2VkbDduaXhpN2NuaCI7czozOiJ0aWQiO3M6MTA0OiI0MjI5NzU3MTE3NTQ3NjQyOTI1NjAzODM1NDc3OTQzMzk5OTQwNzczNjA1NDIyMzk5NjMyOTg5MzI0NDQzNTQ4ODUzNDg4NjQ0MDgzMDM2NDQxMjE1NjIwMDk0MTI4NDUzMDM3ODUwMSI7czoxOiJlIjtzOjEwOiIxNjE2NjQxMjQ0Ijt9;Version=1;Comment=;Domain=bm5150.com;Path=/;Max-Age=631139040;SameSite=Lax bs_t_bc_7a301096cdc4e74031f2ce200d586411=1;Version=1;Comment=;Domain=bm5150.com;Path=/;SameSite=Lax tid_cayihqtrkpexizautzkrbrrqdzddbmk=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501;Version=1;Comment=;Domain=bm5150.com;Path=/;Max-Age=2419200;SameSite=Lax cayihqtrkpexizautzkrbrrqdzddbmk=isgpq9xj98tq9farcedl7nixi7cnh;Version=1;Comment=;Domain=bm5150.com;Path=/;Max-Age=2419200;SameSite=Lax
Connection: keep-alive
Date: Thu, 25 Feb 2021 03:00:43 GMT
Content-Length: 0

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
571 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Josefin+Sans:wght@300;400&display=swap

Requested by

Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec2592134f88f66499193631042ddecb8bac27ed4e52f9a0890c4fbfd61eee41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 03:00:44 GMT
server: ESF
date: Thu, 25 Feb 2021 03:00:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Feb 2021 03:00:44 GMT

GET
H2 200 storefront.less
cdn-tp4.mozu.com/25786-39566/stylesheets/ 796 KB
205 KB 53ms
20ms Stylesheet
text/css 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/stylesheets/storefront.less?SBTHEME=%7e37191%7e37749&mzsh=9ff1e8bd9da205a1887155ac6b3069ca&_mzcb=_1599080677717
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 76bd2560fb649514227dcee6e619f5c978005941f6f34130cbf3d465339ffe5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 6c0ddb5e09b04f478398254d38896a6d
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
content-length: 209369
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2 200 modernizr.min.js Show response
cdn-tp4.mozu.com/25786-39566/scripts/vendor/ 9 KB
4 KB 63ms
29ms Script
text/javascript 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/scripts/vendor/modernizr.min.js?_mzcb=_1599080677717
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6852672ccdb551c48baf465fe270f3450c216db43b1761d27ae3f996bab0031e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: defd75276fa84a57a46a480e8fde67f0
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
content-length: 3628
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2 200 object.assign.js Show response
cdn-tp4.mozu.com/25786-39566/scripts/vendor/ 873 B
609 B 63ms
30ms Script
text/javascript 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/scripts/vendor/object.assign.js?cacheKey=9ff1e8bd9da205a1887155ac6b3069ca
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1c3d70f4682f76c677f6814ad45f3154fd545981e794c62dc675ed4213f9842d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 7463f3757baf495db58fb9fc45cb4627
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
content-length: 369
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2 200 load.js Show response
load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/ 76 KB
20 KB 445ms
422ms Script
text/javascript 2606:4700:3031::6815:2430
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:2430 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26538c23fa8a0813abbcc1738cd17fa75e46ff993e7e3eccfd3a3a4ce8cf4cf

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
f-cache: hit
content-encoding: br
cf-request-id: 0878bac6710000062940a9f000000001
x-request-id: cd8699d9-c19a-47f0-8077-2a0515d18d87
x-runtime: 0.002538
server: cloudflare
f-script: load.js
etag: W/"f26538c23fa8a0813abbcc1738cd17fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B%2Fma67Qm5y7PLou97M%2B9TcMGVrW8lz7UZ39yQobStsyfFXCNMRZGR7lkE2vTSr7Wbx%2B6MCakE6kAG8HFTZSiMrSk0V9e2jnVa7C5yv4zCZ62ntbF6QipoiDe"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=5, public, s-maxage=18000
cf-ray: 626e2d83e8a90629-FRA

GET
H2 200 layout.css
cdn-tp4.mozu.com/25786-39566/resources/cms/ 5 KB
1 KB 52ms
19ms Stylesheet
text/css 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/resources/cms/layout.css?1.1971.1,0cafddf5-92a7-7895-b408-c909429f68f2
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: be59390def24db2d317fc2445e80672f05302755d822266ccee79e0c8e23b627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 02881562c95d4c238b23e2ed9ddb6f7e
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 16:51:04 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "08c4fdfb7a0d61:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
accept-ranges: bytes
content-length: 1230
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2 200 logo.png
www.ethelm.com/resources/images/ 7 KB
8 KB 116ms
113ms Image
image/png 54.83.11.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ethelm.com/resources/images/logo.png
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.11.155 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-11-155.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 924335341d51f3834be55bfd44cde93a6dd858fdcd83e9dc6ec4b4555b676b1a

Request headers

Referer: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=1209600
x-vol-correlation: c1c9af58fe2a4c34aa39b25b445bf64c

GET
H2

200

button.png
assets.secure.checkout.visa.com/wallet-services-web/xo/
Redirect Chain

https://secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false
https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false
https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false&country=DE&refererUrl=undefined&appType=web

24 KB
9 KB

957ms
957ms

Image
image/svg+xml

104.18.25.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false&country=DE&refererUrl=undefined&appType=web

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.25.161 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a87e999160e645d1bd074bd988557e26027a487febeca2761b8136d1cb07d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;includeSubdomains, max-age=15768000;includeSubdomains;always
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
x-correlation-id: 2_1614222045_598_311_l55p016_ARM
x-content-security-policy-report-only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
cf-cache-status: EXPIRED
content-security-policy-report-only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
content-encoding: br
vary: Accept-Encoding
cf-request-id: 0878bac72d000033137ab02000000001
x-served-by: l55p016, l55p002m, l55p007
pragma: no-cache
x-app-status: 200
server: cloudflare
x-frame-options: SAMEORIGIN
x-webkit-csp-report-only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000;includeSubdomains, max-age=15768000;includeSubdomains;always
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: public, max-age=14400
cf-ray: 626e2d851b173313-CDG
x-content-type-options: nosniff, nosniff
expires: Thu, 25 Feb 2021 07:00:45 GMT

Redirect headers

date: Thu, 25 Feb 2021 03:00:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false&country=DE&refererUrl=undefined&appType=web
cf-ray: 626e2d84aa9d3313-CDG
content-length: 0
cf-request-id: 0878bac6ea000033136aaca000000001

GET
H/1.1 200
OK delivery.js Show response
cdn.bronto.com/popup/ 12 KB
5 KB 30ms
10ms Script
application/javascript 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bronto.com/popup/delivery.js
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b490544f1db32b7bea1a8e65e851746a5867832c77c82f4bee7da551797dda34

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:00:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
version-id: e12ff327-ec3a-4aea-a889-f4bb0f6e805d
Content-MD5: DCde6oLLd+DdMcYKXVb7oQ==
Connection: keep-alive
storage-tier: Standard
Content-Length: 3922
Last-Modified: Mon, 08 Feb 2021 13:27:52 GMT
opc-request-id: iad-1:mK_zRNA8VXO4gF3fRa6W8SG8LSd8XqCeXIbzIs9EjuP4plA5ixamk8u-jHLgV-o9
x-api-id: native
ETag: 844411b6-b025-4d2a-a775-80f28ffd5fcf
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/9222ee00-329b-400a-a63e-75d4f27095e4/ 84 KB
13 KB 120ms
105ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9222ee00-329b-400a-a63e-75d4f27095e4/OtAutoBlock.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd3c303863cc0ac69f97e37371e2d0726840127b001c63faded19d97240a0913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: bJV7HEF2R+0ewtuRqbfHDQ==
vary: Accept-Encoding
content-length: 13214
cf-request-id: 0878bac66800004db887a45000000001
x-ms-lease-status: unlocked
last-modified: Tue, 08 Dec 2020 13:50:44 GMT
server: cloudflare
etag: 0x8D89B8042807AA7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 91ced9b6-101e-002f-29fd-0559dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 626e2d83d8994db8-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 29ms
14ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DgCf/JQeR4+J+ZEYMfLA9Q==
age: 2217
vary: Accept-Encoding
content-length: 4211
cf-request-id: 0878bac66800004db8bcb06000000001
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:08 GMT
server: cloudflare
etag: 0x8D8D8E828181ED0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c3880db3-801e-0143-0bda-0ab45a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 626e2d83d89a4db8-FRA

GET
H2 200 f45bad55-40c5-4cdd-9ea3-693c232546e5
cdn-tp4.mozu.com/25786-39566/cms/files/ 72 KB
72 KB 24ms
22ms Image
image/jpeg 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-tp4.mozu.com/25786-39566/cms/files/f45bad55-40c5-4cdd-9ea3-693c232546e5?_mzcb=_1599080677717
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c0f0c0fa7c3f3f270e7cf5503b5030fe4de9b75ddf0f7825bc52acb163e23c87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 7f336912bed1402ebcadda09ba1f1fe0
last-modified: Wed, 02 Sep 2020 23:50:01 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
content-length: 73751
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2 200 41332bd1-7198-4e1b-ab11-ee508dbad642
cdn-tp4.mozu.com/25786-m1/cms/files/ 75 KB
75 KB 19ms
18ms Image
image/png 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-tp4.mozu.com/25786-m1/cms/files/41332bd1-7198-4e1b-ab11-ee508dbad642
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Kestrel /
Resource Hash: 65e0198e2d2df443a18f8df1510a7dffbf2b52fcd799a9a57286bafae870f054

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 4c839e9697a549a3bedb011407060dd1
last-modified: Thu, 23 Jan 2020 22:41:49 GMT
server: Kestrel
x-aspnet-version: 4.0.30319
date: Thu, 25 Feb 2021 03:00:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
content-length: 76632
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2 200 03e4505b-5cbd-4aa3-8ad1-2b978c2f6ebc
cdn-tp4.mozu.com/25786-m1/cms/files/ 10 KB
11 KB 18ms
17ms Image
image/png 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-tp4.mozu.com/25786-m1/cms/files/03e4505b-5cbd-4aa3-8ad1-2b978c2f6ebc
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 013b002b7b2bc0d5e5132c136d05a6c301f4d0f8a50575cf8d242d66311b5698

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 766830e87c2a46f68eecbe779d59dca9
last-modified: Thu, 23 Jan 2020 23:00:25 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
content-length: 10688
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2 200 require-min.js Show response
cdn-tp4.mozu.com/25786-39566/js/ 22 KB
9 KB 17ms
14ms Script
text/javascript 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/js/require-min.js?ver=1.3
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 171572d870c12e786855edc42fc6e298060fb7e1b24821ffc0126ea91f713f2d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 466c535ad678462da0a78aa8336205bf
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
content-length: 8661
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2 200 _mzblank.gif
www.ethelm.com/ 42 B
1 KB 111ms
110ms Image
image/gif 54.83.11.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ethelm.com/_mzblank.gif?r=uq65cQ5AnE-oMfLg1515fQ
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.11.155 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-11-155.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:44 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
x-vol-correlation: c1bea0b6aa1b4611896a0069710edd41
expires: -1

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 31 KB
10 KB 68ms
47ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6143e5672339fa881514921c72873f2eebddd1861a1541ce8219f880e6c5a3cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Wed, 23 Dec 2020 14:47:16 GMT
server: AkamaiNetStorage
etag: "0aaf0d99c5cb62721088cbefc33053a3:1608734836.338444"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 9558
expires: Thu, 25 Feb 2021 03:05:44 GMT

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2
fonts.gstatic.com/s/josefinsans/v17/ 26 KB
26 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v17/Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Josefin+Sans:wght@300;400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad8e530eb16a53ebe93503917fa69e2ef37d1385e737045e966740697a3786a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ethelm.com
Referer: https://fonts.googleapis.com/css2?family=Josefin+Sans:wght@300;400&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:24:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 23:14:23 GMT
server: sffe
age: 484580
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26876
x-xss-protection: 0
expires: Sat, 19 Feb 2022 12:24:24 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
cdn-tp4.mozu.com/25786-39566/stylesheets/vendor/bootstrap-3.3.7/fonts/ 18 KB
18 KB 21ms
8ms Font
application/octet-stream 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/stylesheets/vendor/bootstrap-3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: cdn-tp4.mozu.com
URL: https://cdn-tp4.mozu.com/25786-39566/stylesheets/storefront.less?SBTHEME=%7e37191%7e37749&mzsh=9ff1e8bd9da205a1887155ac6b3069ca&_mzcb=_1599080677717
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin: https://www.ethelm.com
Referer: https://cdn-tp4.mozu.com/25786-39566/stylesheets/storefront.less?SBTHEME=%7e37191%7e37749&mzsh=9ff1e8bd9da205a1887155ac6b3069ca&_mzcb=_1599080677717
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 698fdcdd69f64c42a32ceb57b157c218
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/unknown
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
content-length: 18028
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 254 KB
74 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0322965d934a563e58cb4a5ec54b4d265044ef0380fa14955da9922b42ee6cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mti/9wM1FidX7/eIAakcEw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75206
x-fb-rlafr: 0
x-fb-debug: xAeEPoICSexBd+GtboJAuiOtdxq9gWFxgf0CwabtjGrFYZH+P0mpjidK6K7rH1S0ADQJGtKvpc7dy7Bj0I+apQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 86e94de1f9df175f7512fe8d0b475515
x-frame-options: DENY
date: Thu, 25 Feb 2021 03:00:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3831873b9164267ea3436d2caed19ce9"
timing-allow-origin: *
expires: Thu, 25 Feb 2021 03:08:23 GMT

GET
H2 200 9222ee00-329b-400a-a63e-75d4f27095e4.json Show response
cdn.cookielaw.org/consent/9222ee00-329b-400a-a63e-75d4f27095e4/ 2 KB
2 KB 120ms
107ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9222ee00-329b-400a-a63e-75d4f27095e4/9222ee00-329b-400a-a63e-75d4f27095e4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d623e4a53083776b9ddd39e49f9ed10e020c89e7379daf1de4c0d08796a8fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: W0wQ09lEcpXwlnIZjfdetA==
vary: Accept-Encoding
content-length: 1090
cf-request-id: 0878bac6e5000007464c362000000001
x-ms-lease-status: unlocked
last-modified: Tue, 08 Dec 2020 13:50:45 GMT
server: cloudflare
etag: 0x8D89B8042DCB5E9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d7cd4272-001e-0030-3cfd-0582cc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 626e2d84ac630746-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
55 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3C2PJ9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14d6a98bf46480824b8d4e6a76ee11ebe1b8e912459c9cf850b06ccc7e37781e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55925
x-xss-protection: 0
expires: Thu, 25 Feb 2021 03:00:44 GMT

GET
H2 200 footer_background.png
cdn-tp4.mozu.com/25786-39566/resources/images/ 198 KB
199 KB 14ms
13ms Image
image/png 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-tp4.mozu.com/25786-39566/resources/images/footer_background.png
Requested by: Host: cdn-tp4.mozu.com
URL: https://cdn-tp4.mozu.com/25786-39566/stylesheets/storefront.less?SBTHEME=%7e37191%7e37749&mzsh=9ff1e8bd9da205a1887155ac6b3069ca&_mzcb=_1599080677717
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a0b71f35474b96fe7c0741214acbd963246765f87f5cda72c9b7d7de3a334528

Request headers

Referer: https://cdn-tp4.mozu.com/25786-39566/stylesheets/storefront.less?SBTHEME=%7e37191%7e37749&mzsh=9ff1e8bd9da205a1887155ac6b3069ca&_mzcb=_1599080677717
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 0765731da0b345f7987e5638bb2799bc
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
content-length: 202971
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2 200 fontawesome-webfont.woff2
cdn-tp4.mozu.com/25786-39566/stylesheets/vendor/font-awesome/fonts/ 75 KB
76 KB 43ms
43ms Font
application/octet-stream 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/stylesheets/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: cdn-tp4.mozu.com
URL: https://cdn-tp4.mozu.com/25786-39566/stylesheets/storefront.less?SBTHEME=%7e37191%7e37749&mzsh=9ff1e8bd9da205a1887155ac6b3069ca&_mzcb=_1599080677717
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.ethelm.com
Referer: https://cdn-tp4.mozu.com/25786-39566/stylesheets/storefront.less?SBTHEME=%7e37191%7e37749&mzsh=9ff1e8bd9da205a1887155ac6b3069ca&_mzcb=_1599080677717
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 452f6ff20bab47afb2e9bb25b9439a79
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/unknown
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
content-length: 77160
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H2

200

widget_async.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain

https://shop.pe/widget/widget_async.js
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

2 KB
1 KB

53ms
14ms

Script
application/javascript

143.204.90.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5add12e703b09d4f28468fc8f28fd04cf050a38e53de98cec5b6b648416521cf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 02:46:49 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 16:16:43 GMT
server: AmazonS3
age: 837
etag: "c4eec1544e3bffee84a971946439eb2b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 898
x-amz-cf-id: S8UQHfLedv6xU53Ka88_vXWeq89ZbrFQ9_xPafMmpupcQn8Tokwwvw==
x-amz-meta-mtime: 1610986601.28

Redirect headers

content-security-policy: frame-ancestors none;
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
server: nginx
date: Thu, 25 Feb 2021 03:00:44 GMT
x-frame-options: deny
content-type: text/html
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 178

GET
H2 200 utag.40.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 2 KB
1 KB 17ms
15ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.40.js?utv=201901221947
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f3e4ff76f16b7e0d98a93eba5d15316f7bac1d5d2a91457082bba1b3b910e23e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Tue, 22 Jan 2019 19:47:13 GMT
server: AkamaiNetStorage
etag: "ac5d58fd5b3c341fb04ac4b59060e753:1548186433"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1223
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.49.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 4 KB
2 KB 18ms
17ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.49.js?utv=201602042138
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c27ebe2d2edcf50e6b104effe3e18883b2cf0cfa18cfc9af35f67170a8caa8d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2016 21:38:46 GMT
server: AkamaiNetStorage
etag: "095c66a8a1d0a64aff04df60bb296fc3:1454621926"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1546
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.60.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 4 KB
2 KB 19ms
19ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.60.js?utv=201612232135
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 281093e49105c8fd0c79a0c99129dd106a3f3abc9f18f4c1ea15affd4362aa29

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Fri, 23 Dec 2016 21:35:27 GMT
server: AkamaiNetStorage
etag: "980bca4a4f6c4419e530205870caf9d1:1482528927"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1712
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.66.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 606 B
811 B 13ms
13ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.66.js?utv=201702172244
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bd6dca96b2eb7e15e62244b61330f0930949f65771c85e4f501527646d4b3140

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
last-modified: Fri, 17 Feb 2017 22:44:28 GMT
server: AkamaiNetStorage
etag: "b316c237c7f6a78c99b01572dc08b689:1487371468"
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 606
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.69.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 3 KB
2 KB 19ms
18ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.69.js?utv=201704141352
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c59503a89a2631de8b5aa2285172b28a162c2dc634d880c415f44dd55ead84cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2017 13:52:28 GMT
server: AkamaiNetStorage
etag: "59fe463cf5ee221ebc7391690aa6e2ae:1492177948"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1344
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.74.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 2 KB
1 KB 20ms
19ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.74.js?utv=201711151849
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 79a9b4910601d5e427725131967a9047e21e1e7c8972b7542d7e2c7c2ce91b4d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Wed, 15 Nov 2017 18:49:21 GMT
server: AkamaiNetStorage
etag: "44eeac1e45fe4953244ea47264439f2f:1510771761"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1015
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.75.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 2 KB
1 KB 21ms
20ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.75.js?utv=201711151849
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c7cabf6ba65fecc026f1ab87ad17bb849dc891355faf688afb98d39780b112c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Wed, 15 Nov 2017 18:49:20 GMT
server: AkamaiNetStorage
etag: "3951a81d2de1d3afb2182308bc55eb9e:1510771760"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1016
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.79.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 2 KB
1 KB 21ms
21ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.79.js?utv=201711151849
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35ae909bb0d19b6cfee5e7c494635f41b2dce060fedd961b556334d01654bea6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Wed, 15 Nov 2017 18:49:21 GMT
server: AkamaiNetStorage
etag: "933718266b3e51734f3f47b8cff38778:1510771761"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1004
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.80.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 2 KB
1 KB 23ms
22ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.80.js?utv=201711210012
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 602dd0fa04cbd2f8d58316e5da3201485727569b77e7f2b17035970ef2344a57

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2017 00:12:56 GMT
server: AkamaiNetStorage
etag: "7d5863c87c123ce740783f605ceb027d:1511223176"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1013
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.87.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 5 KB
2 KB 24ms
24ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.87.js?utv=201804261915
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 46d51d43c6371ee5b59a191c8f9ab00f006489d9e9a1dc7d9ce6042dc2aed8b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Thu, 26 Apr 2018 19:15:40 GMT
server: AkamaiNetStorage
etag: "09be2bbd75632dfb6f07f68a678ce64d:1524770140"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1739
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.94.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 3 KB
1 KB 25ms
24ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.94.js?utv=201812131807
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5a73b2cf5e82c5ed80f04c67471802c408af1d25daac24bf429746e32a312d0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 18:07:59 GMT
server: AkamaiNetStorage
etag: "d3bc4b8168843f6cba8911465e50842a:1544724479"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1293
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.98.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 6 KB
2 KB 26ms
26ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.98.js?utv=201911042110
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3ecefc031b113de38c459113bce0a72d19e599b78d47072482cdee0589db6730

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Mon, 04 Nov 2019 21:10:59 GMT
server: AkamaiNetStorage
etag: "3e92ed47fe8c6a2ee56d06b627a2a59a:1572901859.222998"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2076
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.103.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 2 KB
1 KB 27ms
26ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.103.js?utv=201904261654
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1739068947a0d7fda805cc8d518210a6add21fdc7ac7f3fc2d9b30809483cfea

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2019 16:54:44 GMT
server: AkamaiNetStorage
etag: "82b55bee55ebcfea8dea1b5f8b79b341:1556297684"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1051
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.105.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 4 KB
2 KB 27ms
26ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.105.js?utv=201908270406
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 72f9dd6d7c06d61df4a06dfbc564961053ac25ff27a8afbee250ce4299faacf7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 04:06:21 GMT
server: AkamaiNetStorage
etag: "261e89610ea2103e8f1379feba6b8698:1566878781.49019"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1617
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.107.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 10 KB
3 KB 27ms
26ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.107.js?utv=202005132033
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3f820560cb03adddb6d6d172282327049b828288a55da24cfe1f684d76f22d93

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Wed, 13 May 2020 20:33:46 GMT
server: AkamaiNetStorage
etag: "fd093be417de9e847502501aa8da5c8f:1589402026.584843"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2939
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 utag.108.js Show response
tags.tiqcdn.com/utag/mars/mlethelm/prod/ 6 KB
2 KB 27ms
27ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.108.js?utv=201912022102
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9782e0ffac80bc4d708ad4cc86a9c94fdd3776003ef57591dad580f5c0f73bd5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Mon, 02 Dec 2019 21:02:05 GMT
server: AkamaiNetStorage
etag: "87993be7915968715f6261e15ec9cd78:1575320525.556303"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2283
expires: Fri, 12 Mar 2021 03:00:44 GMT

GET
H2 200 jquery.js Show response
cdn-tp4.mozu.com/25786-39566/compiled/scripts/vendor/jquery/ 94 KB
33 KB 18ms
18ms Script
text/javascript 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/compiled/scripts/vendor/jquery/jquery.js?theme=~37191~37749&cacheKey=9ff1e8bd9da205a1887155ac6b3069ca
Requested by: Host: cdn-tp4.mozu.com
URL: https://cdn-tp4.mozu.com/25786-39566/js/require-min.js?ver=1.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 0834453c026549c0a9b8eb389330c047
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:44 GMT
content-length: 33315
expires: Sat, 27 Mar 2021 03:00:44 GMT

GET
H3-Q050

200

activityi;dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103 Show response
4498545.fls.doubleclick.net/ Frame C3B1
Redirect Chain

https://4498545.fls.doubleclick.net/activityi;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103?
https://4498545.fls.doubleclick.net/activityi;dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103?

410 B
931 B

39ms
25ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4498545.fls.doubleclick.net/activityi;dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

cab6fe23e3bf3dd83f96c46c651af5b3524ddb7c0b0cae04090a12c7301ec351

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4498545.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Feb 2021 03:00:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 329
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 25-Feb-2021 03:15:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Feb 2021 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4498545.fls.doubleclick.net/activityi;dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 19ms
6ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 25 Feb 2021 02:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1930
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5581
x-amz-id-2: 7VfYzsUYpnG+GF1RUEa8Ilyaq5TOO6FxcwzaK1MmcgBxYtg7q06yg17Arq0+Yq6B9fDQU2dP63Y=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 121392B29212D5E3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges: bytes
content-type: application/javascript

GET
H2

204

66fe897698d864ee Show response
pixel.sitescout.com/iap/
Redirect Chain

https://centro.pixel.ad/iap/66fe897698d864ee
https://pixel.sitescout.com/iap/66fe897698d864ee

0
191 B

72ms
23ms

Script
text/plain

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/iap/66fe897698d864ee
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:44 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/66fe897698d864ee
content-length: 0

GET
H2

204

b3e7a4fb6df72391 Show response
pixel.sitescout.com/iap/
Redirect Chain

https://centro.pixel.ad/iap/b3e7a4fb6df72391
https://pixel.sitescout.com/iap/b3e7a4fb6df72391

0
191 B

72ms
23ms

Script
text/plain

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/iap/b3e7a4fb6df72391
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:44 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/b3e7a4fb6df72391
content-length: 0

GET
H2

204

e14a6cdbc7660810 Show response
pixel.sitescout.com/iap/
Redirect Chain

https://centro.pixel.ad/iap/e14a6cdbc7660810
https://pixel.sitescout.com/iap/e14a6cdbc7660810

0
191 B

72ms
22ms

Script
text/plain

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/iap/e14a6cdbc7660810
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:44 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/e14a6cdbc7660810
content-length: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.10.0/ 356 KB
78 KB 11ms
10ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Bh9exWOPGIwRshWljrtlEw==
age: 8093811
vary: Accept-Encoding
content-length: 79698
cf-request-id: 0878bac76500004db8941cb000000001
x-ms-lease-status: unlocked
last-modified: Mon, 23 Nov 2020 02:33:28 GMT
server: cloudflare
etag: 0x8D88F582961DDDE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1f098869-501e-00cd-4b85-c1bdae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 626e2d8569d34db8-FRA
expires: Fri, 05 Mar 2021 03:00:45 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
53 KB 82ms
67ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0X5KD0Q5SR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3C2PJ9

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2cb83999c91e4dc6f68f81a80f15c9d3d34657d48af8dad6474b9ede9ad7ae62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53732
x-xss-protection: 0
expires: Thu, 25 Feb 2021 03:00:45 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 39ms
13ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3C2PJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:9::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "7dfd742fa9951f09da578c3e4cfc7d96"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a1.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

87ms
28ms

Script
application/x-javascript

37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.ethelm.com
URL: https://www.ethelm.com/valentines-day-chocolates/c/100510?utm_source=bm23&utm_medium=email&utm_term=Image+-+Shop+Our+Valentine%27s+Day+Gifts!&utm_content=%3F%3F+Still+Need+a+Last+Minute+Gift?+%3F%3F&utm_campaign=V-Day+Late+-+WO+2-8-2021&_bta_tid=42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501&_bta_c=isgpq9xj98tq9farcedl7nixi7cnh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 11:55:29 GMT
server: nginx
etag: W/"60057731-13dce"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Thu, 25 Feb 2021 03:00:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 404 cc_af.js
bcp.crwdcntrl.net/c/5117/ 0
0 92ms
32ms Script
text/html 99.80.128.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/c/5117/cc_af.js?ns=_cc5117
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.128.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-128-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 p.js Show response
p.linkstorm.net/ETHE/ 9 KB
3 KB 53ms
10ms Script
application/javascript 2600:9000:211e:4200:10:13ca:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.linkstorm.net/ETHE/p.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4200:10:13ca:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66385274194e3aa5027c8240b46cbdd00873cdf879bf0c7d9b84024e1f08c3d4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:55:19 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 18:50:45 GMT
server: AmazonS3
age: 43527
etag: W/"cb0be98445fe3f42cf72766ce95a0428"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d8670b0c6b76371fb58f730881dfe505.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 6JO9WqBdvfjAHLPReuK3GuceM3RvfwcZPUZGoHnleKphVe_7t-VJZw==

GET
H2 404 mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-145cee2def823d4590dcb65a9e8c5b48/ 0
0 150ms
117ms Script
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-145cee2def823d4590dcb65a9e8c5b48/mparticle.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.107.js?utv=202005132033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 mparticle.js
jssdkcdn.mparticle.com/js/v2/us1-145cee2def823d4590dcb65a9e8c5b48/ 0
0 140ms
99ms Script
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdn.mparticle.com/js/v2/us1-145cee2def823d4590dcb65a9e8c5b48/mparticle.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 bundle.js Show response
snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImM1ZjFjNTFjYzIyZmNmNmY5MjQ4NzViNDdiN2M5OTAwM2YyMzMzZWU3OTMwMzJjYzRhMmZiY2U0MTQ4YmUxYWIifQ==/assets/ 52 KB
20 KB 193ms
173ms Script
application/javascript 2a02:26f0:6c00:280::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImM1ZjFjNTFjYzIyZmNmNmY5MjQ4NzViNDdiN2M5OTAwM2YyMzMzZWU3OTMwMzJjYzRhMmZiY2U0MTQ4YmUxYWIifQ==/assets/bundle.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:280::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 043c2afa7e325672beb1c381004e5f5b374884430035a478d86a1633fda234e9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 5
date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
x-trace: 63e42278-19d3-459e-af97-7988b7f35723
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300, s-maxage=900
content-length: 20561

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 8ms
8ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mars/mlethelm/202012231447&cb=1614222045057
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 25 Feb 2021 03:10:45 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/9222ee00-329b-400a-a63e-75d4f27095e4/b48f2ae6-dd34-48f8-acd1-d8e58897d8ad/ 79 KB
14 KB 110ms
109ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9222ee00-329b-400a-a63e-75d4f27095e4/b48f2ae6-dd34-48f8-acd1-d8e58897d8ad/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dce3034b9ca3117cb496ad37959cae75a724459d13a38e0b5984c935de9b67f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: hx7mMjxU/k5tiJYhZmbi+g==
vary: Accept-Encoding
content-length: 13940
cf-request-id: 0878bac790000007463702d000000001
x-ms-lease-status: unlocked
last-modified: Tue, 08 Dec 2020 13:50:46 GMT
server: cloudflare
etag: 0x8D89B804372A9C8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7cf56a41-101e-00e8-4322-0b251d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 626e2d85bd350746-FRA

GET
H2 200 common.js Show response
cdn-tp4.mozu.com/25786-39566/compiled/scripts/modules/ 731 KB
164 KB 29ms
29ms Script
text/javascript 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/compiled/scripts/modules/common.js?theme=~37191~37749&cacheKey=9ff1e8bd9da205a1887155ac6b3069ca
Requested by: Host: cdn-tp4.mozu.com
URL: https://cdn-tp4.mozu.com/25786-39566/js/require-min.js?ver=1.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 56b796c2b0c4fc63cff2c619aec1e3107e9d0895c89fb813c01bef6ffc10ddc8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 0e8771d93f8147cfb5b06f116d3e1801
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:45 GMT
expires: Sat, 27 Mar 2021 03:00:45 GMT

GET
H2 200 main.2a04f3ee.js Show response
s.pinimg.com/ct/lib/ 48 KB
17 KB 12ms
12ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:9::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "248210fef24a364a0e167a9a4db13563"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 17102
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
ct.pinterest.com/user/ 38 B
512 B 95ms
51ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612355692153&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1614222045096

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
access-control-allow-origin: https://www.ethelm.com
x-envoy-upstream-service-time: 3
x-pinterest-rid: 9445872432893562
pin-unauth: dWlkPVpUQTFaRGszTWpndE5HWTJOaTAwWkdKakxUbG1PVGd0WTJJeFpUUmxZelZoTkRVeQ
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 64
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103 Show response
adservice.google.com/ddm/fls/i/ Frame 51EE 409 B
1 KB 62ms
42ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103

Requested by

Host: 4498545.fls.doubleclick.net
URL: https://4498545.fls.doubleclick.net/activityi;dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8665066d8837c9c4e576ebf5471d2ec61eadd22e720805680623b34996a858d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4498545.fls.doubleclick.net/activityi;dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103?
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://4498545.fls.doubleclick.net/activityi;dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103?

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Feb 2021 03:00:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 327
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 triggerRunner.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 10 KB
4 KB 17ms
16ms Script
application/javascript 143.204.90.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=2c21c89
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 863508154ae4349d2ccb858d377f0605671ee570ce028cb7095f5351cf68946c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:02:31 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 16:16:44 GMT
server: AmazonS3
age: 2339895
etag: "1cadcf35976c25e8ee2078cdb8fd8ade"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3680
x-amz-cf-id: SDgl4_DubfJToiiA9Tjy7J0LA_EgLKVnRPIT7OEkRJz-pq97tzzNWg==
x-amz-meta-mtime: 1610986601.25

GET
H2 200 widget.css
d3rr3d0n31t48m.cloudfront.net/widget/ 81 KB
14 KB 17ms
16ms Stylesheet
text/css 143.204.90.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.css?v=99cf079
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fb3536e720a4c55e2621100e31fc1bf29fdc91161ad54e2cb00bc6c9752e146

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 01:07:50 GMT
content-encoding: gzip
age: 6776
x-cache: Hit from cloudfront
x-amz-meta-mode: 33188
content-length: 13404
last-modified: Mon, 18 Jan 2021 16:16:44 GMT
server: AmazonS3
etag: "015187c287819e76b0f2c839f6c171f0"
x-amz-meta-uid: 0
x-amz-meta-gid: 0
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css; charset=UTF-8
x-amz-cf-id: ukLpyfqCWa0qapnTBy4z4nIhyYhAM7KkoJoOXIAH65tcfu7ZELZdug==
x-amz-meta-mtime: 1610986599.4

GET
H2 200 cs_addstrap.css
addstrap-ui.addshoppers.com/1.3.2/ 38 KB
6 KB 31ms
7ms Stylesheet
text/css 35.190.71.216
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://addstrap-ui.addshoppers.com/1.3.2/cs_addstrap.css
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.71.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.71.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4ef166ef724f3bb6525eb62db7091f170d9d3aa8440a9807548d84425781baf4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:53:06 GMT
content-encoding: gzip
age: 1148859
x-guploader-uploadid: ABg5-UyWyS5-t0m_uNC-wmfpHyy1AnC-r5d-Q_Bi1odCUUX1jCDxyxdDdQxqqM2d58f-_RQJYCvq1pg3GJl_6P1ZRWY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 6068
last-modified: Wed, 09 Oct 2019 21:42:16 GMT
server: UploadServer
etag: "7919d6d1bd3eb03ccaae05db87f7d86e"
x-goog-hash: crc32c=TsoVzw==, md5=eRnW0b0+sDzKrgXbh/fYbg==
x-goog-generation: 1570657336112150
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: no-transform
x-goog-stored-content-length: 6068
accept-ranges: bytes
content-type: text/css
expires: Fri, 11 Feb 2022 19:53:06 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
350 B 33ms
13ms Other
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0X5KD0Q5SR&gtm=2oe2h0&_p=1683626931&sr=1600x1200&_gaz=1&ul=en-us&cid=458113391.1614222045&_s=1&dl=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh&dt=Ethel%20M%20Chocolates%3A%20Premium%20Specialty%20Chocolate%20Candy%20Gifts&sid=1614222045&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0X5KD0Q5SR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ethelm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
73 B 15ms
15ms Other
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0X5KD0Q5SR&cid=458113391.1614222045&gtm=2oe2h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0X5KD0Q5SR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ethelm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0X5KD0Q5SR&cid=458113391.1614222045&gtm=2oe2h0&aip=1&z=1266334057

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 172 KB
45 KB 16ms
16ms Script
application/javascript 143.204.90.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=cd10f97
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6eb5299c637f91f42fa5bc1b3f26dc661e10666ab5e3e145a385eaf91d8330ee

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 01:26:16 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 16:16:43 GMT
server: AmazonS3
age: 1820070
etag: "5a80834850a95894e87faa9194a0b716"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 45204
x-amz-cf-id: jM-IyPyB81Ip0d8AGhc5dH1SYdIdsDgPm6WOFCZIUFmtS8pvlNczwQ==
x-amz-meta-mtime: 1610986598.69

GET
H2 200 global-header-include.js Show response
cdn-tp4.mozu.com/25786-39566/compiled/scripts/modules/ 682 B
901 B 17ms
16ms Script
text/javascript 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/compiled/scripts/modules/global-header-include.js?theme=~37191~37749&cacheKey=9ff1e8bd9da205a1887155ac6b3069ca
Requested by: Host: cdn-tp4.mozu.com
URL: https://cdn-tp4.mozu.com/25786-39566/js/require-min.js?ver=1.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 420c9b11e40dcd6cf25246d1bc95deda6434ab59a0d744a31f6c40c0ab79c8bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 9d1d382aca6c4a52be1e5c3046e9ba99
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:45 GMT
content-length: 682
expires: Sat, 27 Mar 2021 03:00:45 GMT

GET
H2 200 hyprlive-min.js Show response
cdn-tp4.mozu.com/25786-39566/js/ 64 KB
21 KB 22ms
22ms Script
text/javascript 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/js/hyprlive-min.js?cacheKey=9ff1e8bd9da205a1887155ac6b3069ca
Requested by: Host: cdn-tp4.mozu.com
URL: https://cdn-tp4.mozu.com/25786-39566/js/require-min.js?ver=1.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e93193ef60dfbe57b41ad5a56f94f177ecaf7d484e0f5b7672184527a414bea4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 777a4da750924a38bbc2958c54b60552
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=2592000
date: Thu, 25 Feb 2021 03:00:45 GMT
content-length: 20849
expires: Sat, 27 Mar 2021 03:00:45 GMT

GET
H2 200 sdk-min.js Show response
cdn-tp4.mozu.com/25786-39566/js/ 94 KB
25 KB 23ms
23ms Script
text/javascript 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/js/sdk-min.js?cacheKey=9ff1e8bd9da205a1887155ac6b3069ca
Requested by: Host: cdn-tp4.mozu.com
URL: https://cdn-tp4.mozu.com/25786-39566/js/require-min.js?ver=1.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9e1340437a29d8af960429df172ea9a21c3ab3372853112b097650245bf6d5a8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 3b178c63df79458fb1f2c9364974d786
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=2592000
date: Thu, 25 Feb 2021 03:00:45 GMT
content-length: 24959
expires: Sat, 27 Mar 2021 03:00:45 GMT

GET
H2 200 hyprlivecontext Show response
cdn-tp4.mozu.com/25786-39566/ 692 KB
113 KB 33ms
33ms Script
text/javascript 2a02:26f0:6c00:2bf::1a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tp4.mozu.com/25786-39566/hyprlivecontext?callback=define&dv=L&cacheKey=9ff1e8bd9da205a1887155ac6b3069ca
Requested by: Host: cdn-tp4.mozu.com
URL: https://cdn-tp4.mozu.com/25786-39566/js/require-min.js?ver=1.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::1a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 587cefe3704817677250ee21e9ceec2c8a4724843f9e4c76e77adc885b82776e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vol-correlation: 04ca96ce4f3e4c1cae595260600f3638
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Thu, 25 Feb 2021 03:00:45 GMT
expires: Sat, 27 Mar 2021 03:00:45 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
242 B 91ms
48ms XHR
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 6791765431349833
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 13 KB
4 KB 11ms
11ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W9e0YobmEbvdB0V9OmpQkw==
age: 489527
vary: Accept-Encoding
content-length: 3329
cf-request-id: 0878bac81200000746af828000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:50 GMT
server: cloudflare
etag: 0x8D89735209A34D6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 825c8305-901e-0157-53ae-06773e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 626e2d868deb0746-FRA
expires: Fri, 05 Mar 2021 03:00:45 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 58 KB
14 KB 13ms
12ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6b798730d0cf82733e6ed9d9c805b58d35f8f4bab9457553279987846737c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0cG91ilSXqqMK+mWnFPsTw==
age: 3208609
vary: Accept-Encoding
content-length: 14255
cf-request-id: 0878bac8120000074657863000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:52 GMT
server: cloudflare
etag: 0x8D8973521B17F2F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a54fabae-601e-00c5-37f3-eda6dd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 626e2d868ded0746-FRA
expires: Fri, 05 Mar 2021 03:00:45 GMT

GET
H2 200 dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103 Show response
adservice.google.de/ddm/fls/i/ Frame 964D 194 B
877 B 62ms
42ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/ddm/fls/i/dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://adservice.google.com/ddm/fls/i/dc_pre=CO-p1dyFhO8CFRiAhQod6FMGJQ;src=4498545;type=invmedia;cat=lpoqrvpy;ord=2085034221183.8103

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Feb 2021 03:00:45 GMT
expires: Thu, 25 Feb 2021 03:00:45 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4408
date: Thu, 25 Feb 2021 01:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 25 Feb 2021 03:47:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: /PNvQMpGHdE09GKhoUEH32J1FnnbBYaMm5ZDjWXRrigUn/UNlirOYLKVxLUI4z8JkT0daocbaeSwsw9JsKeltw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Feb 2021 03:00:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 31 KB
13 KB 41ms
20ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12348
x-xss-protection: 0
server: cafe
etag: 7672817363517198860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 03:00:45 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 13 KB
5 KB 416ms
103ms Script
text/javascript 34.233.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.235.75 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-235-75.compute-1.amazonaws.com
Software: /
Resource Hash: cd7ac76cbc4b3b99ce10fd5a8d26025ec1c1f46121c558bd9fe1dfd5467da3e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Feb 2021 03:00:45 GMT
Content-Encoding: gzip
Cache-Control: max-age=30
Content-Length: 4297
Connection: keep-alive
Content-Type: text/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 40ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:44 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 20:48:20 GMT
x-msedge-ref: Ref A: 0670ABF1B2CB4F6D8781E66EFCD16DC7 Ref B: FRAEDGE1307 Ref C: 2021-02-25T03:00:45Z
etag: "042b8e76dfad61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 410 1102.js
script.crazyegg.com/pages/scripts/0019/ 0
0 145ms
130ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0019/1102.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
cf-cache-status: EXPIRED
last-modified: Thu, 25 Feb 2021 03:00:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 626e2d86e8004a5c-FRA
content-length: 0
cf-request-id: 0878bac85100004a5c5fb06000000001

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 44ms
13ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 18:31:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 30566
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: K02q61CNcC5k4XNvPO9ZYNQEdCz67etpsuoRhw-s7GlBtC9YV7v8mQ==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 02:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3484
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Thu, 25 Feb 2021 03:02:41 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: jX/t8eIzF3gk/4ZlMla+LRaxGWazaOOcEkx9yIn1VM22pUkmHQOJD5DV27LMrGD+AdK26rPI0eSYilpo1MKlfw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Feb 2021 03:00:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 713231239508209 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/713231239508209?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

111cd17aaacdfe804e3611a078fc21c792361734ae6f17b9d105e922c7d924c6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: VouaYPhYuMMtNq95rJxTpvs4P6ueNLp1z+u4BMftcBdPYx2eBBelznQOYqkLmfGSqnaKA4OTZTCXfMAeyzE/7Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Feb 2021 03:00:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 106516976
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=1559144&ADFPageName=Shopping%20Pages%20&ADFdivider=%7C&ord=91157584502&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IiIsImlkIjoiIiwiY250c...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1559144&ADFPageName=Shopping%20Pages%20&ADFdivider=%7C&ord=91157584502&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IiIsImlkIjoiIiwi...

717 B
1 KB

36ms
35ms

Script
text/javascript

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1559144&ADFPageName=Shopping%20Pages%20&ADFdivider=%7C&ord=91157584502&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IiIsImlkIjoiIiwiY250ciI6IiIsImJzeiI6MSwiYWdlIjoiIiwiZ2VuIjoiIiwiY3VyIjoiIn0&loc=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3499f7bb904d28be1e285f4c1977ccf937b71afee79539180e2d780613bcc47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 598
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
server: nginx
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1559144&ADFPageName=Shopping%20Pages%20&ADFdivider=%7C&ord=91157584502&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IiIsImlkIjoiIiwiY250ciI6IiIsImJzeiI6MSwiYWdlIjoiIiwiZ2VuIjoiIiwiY3VyIjoiIn0&loc=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1683626931&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh&ul=en-us&de=UTF-8&dt=Ethel%20M%20Chocolates%3A%20Premium%20Specialty%20Chocolate%20Candy%20Gifts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEALAAAAAC~&jid=1134219148&gjid=68721048&cid=458113391.1614222045&tid=UA-39633673-4&_gid=1132240115.1614222045&_r=1&gtm=2wg2h0K3C2PJ9&cd4=category&z=389454108

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ethelm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
423 B 55ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-39633673-4&cid=458113391.1614222045&jid=1134219148&gjid=68721048&_gid=1132240115.1614222045&_u=aCDAAEAKAAAAAC~&z=1133879048

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Feb 2021 03:00:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.ethelm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=713231239508209&ev=PageView&dl=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh&rl=&if=false&ts=1614222045403&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1614222045402.252876245&it=1614222045310&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 25 Feb 2021 03:00:45 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame B65E 5 KB
2 KB 87ms
28ms Document
text/html 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?pm=1559144&ADFPageName=Shopping%20Pages%20&ADFdivider=%7C&ord=91157584502&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IiIsImlkIjoiIiwiY250ciI6IiIsImJzeiI6MSwiYWdlIjoiIiwiZ2VuIjoiIiwiY3VyIjoiIn0&loc=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e77d1b1272364167fe748fd36456771f894ded3ae8550ea4475516412bee0a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=6736529882512009979; CM=1|0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Thu, 25 Feb 2021 03:00:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: CM14=1614308445_1614222045_1_Hu7u7u4e4e7u7u4REREeERERERHhEQ; expires=Thu, 11 Mar 2021 03:00:45 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-39633673-4&cid=458113391.1614222045&jid=1134219148&_u=aCDAAEAKAAAAAC~&z=710529755

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 38ms
24ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-39633673-4&cid=458113391.1614222045&jid=1134219148&_u=aCDAAEAKAAAAAC~&z=710529755

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame B65E 0
118 B 28ms
27ms Image
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 03:00:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame B65E
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6736529882512009979&Expiration=1615431645
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6736529882512009979&Expiration=1615431645

43 B
423 B

17ms
17ms

Image
image/gif

52.58.57.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6736529882512009979&Expiration=1615431645
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.57.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-57-174.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 03:00:45 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6736529882512009979&Expiration=1615431645
date: Thu, 25 Feb 2021 03:00:45 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame B65E 0
522 B 69ms
26ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=6736529882512009979

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:45 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 24 Feb 2021 03:00:45 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame B65E 0
214 B 89ms
22ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B65E
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6736529882512009979&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6736529882512009979&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=298a9d46cee84ed9a...
https://c1.adform.net/serving/cookie/match?party=9&uid=7ca2c9797baccbeecb1abf1de65b565aa2719826350cac925c9f6f1de7328976

35 B
325 B

28ms
27ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=7ca2c9797baccbeecb1abf1de65b565aa2719826350cac925c9f6f1de7328976

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=7ca2c9797baccbeecb1abf1de65b565aa2719826350cac925c9f6f1de7328976
date: Thu, 25 Feb 2021 03:00:45 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame B65E 43 B
163 B 373ms
122ms Image
image/gif 199.187.193.193
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6736529882512009979&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55944/ Frame B65E
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=6736529882512009979&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=6736529882512009979&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6736529882512009979&_origin=1&apid=UPa7a63bc1-7715-11eb-84dc-062cb963ccb8
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6736529882512009979&_origin=1&apid=UPa7a63bc1-7715-11eb-84dc-062cb963ccb8&verify=true

0
964 B

17ms
17ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=6736529882512009979&_origin=1&apid=UPa7a63bc1-7715-11eb-84dc-062cb963ccb8&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:00:45 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Thu, 25 Feb 2021 03:00:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=6736529882512009979&_origin=1&apid=UPa7a63bc1-7715-11eb-84dc-062cb963ccb8&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame B65E 43 B
714 B 95ms
49ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:45 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1614222045567008-95
Expires: Thu, 25 Feb 2021 03:00:45 GMT

GET sync
sy.eu.angsrvr.com/ Frame B65E 0
0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame B65E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=6736529882512009979
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6736529882512009979
https://ce.lijit.com/merge?pid=26&3pid=1d372b80-9f3d-48ac-a327-a3f6abb9d1dc
https://ce.lijit.com/merge?pid=26&3pid=1d372b80-9f3d-48ac-a327-a3f6abb9d1dc&dnr=1

0
433 B

15ms
15ms

Image
text/plain

216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=1d372b80-9f3d-48ac-a327-a3f6abb9d1dc&dnr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:46 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:45 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=26&3pid=1d372b80-9f3d-48ac-a327-a3f6abb9d1dc&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B65E
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6736529882512009979&expiration=1615431645
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6736529882512009979&expiration=1615431645&C=1

43 B
1006 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6736529882512009979&expiration=1615431645&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Feb 2021 03:00:45 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6736529882512009979&expiration=1615431645&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Thu, 25 Feb 2021 03:00:45 GMT

GET
H/1.1

200
OK

info
uipglob.semasio.net/dbm/1/ Frame B65E
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6736529882512009979&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6736529882512009979&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=12fc6037-12dd-4300-adcb-bca91cc0e6d8&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=e99d10be-6cf4-4e4e-aed5-14cb3a9afb08
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QzFDMDE1QjIxOTk3MzU0QQ&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEIRH6XSU8KpQ5NrNVSI9hAs&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1

42 B
604 B

31ms
31ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEIRH6XSU8KpQ5NrNVSI9hAs&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
frontend-id: 12
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEIRH6XSU8KpQ5NrNVSI9hAs&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame B65E 0
344 B 58ms
14ms Image
text/plain 3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=6736529882512009979&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:00:45 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame B65E
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6736529882512009979
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6736529882512009979&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
342 B

93ms
30ms

Image
image/gif

2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1ry+PSYbvYtAEAA==
date: Thu, 25 Feb 2021 03:00:45 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: sFAJemJdjSw=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 315490
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43
expires: Fri, 05 Mar 2021 11:22:35 GMT

Redirect headers

date: Thu, 25 Feb 2021 03:00:45 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame B65E
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=6736529882512009979
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNjczNjUyOTg4MjUxMjAwOTk3ORAAGg0I3aXcgQYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHrJxwtcOwVTeOsT4EDbKro&google_cver=1

42 B
317 B

15ms
15ms

Image
image/gif

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHrJxwtcOwVTeOsT4EDbKro&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 03:00:45 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHrJxwtcOwVTeOsT4EDbKro&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tpid=6736529882512009979
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame B65E
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6736529882512009979
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6736529882512009979

49 B
711 B

43ms
43ms

Image
image/gif

99.80.128.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.128.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-128-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.112
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6736529882512009979
cache-control: no-cache
x-server: 10.45.30.157
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame B65E 62 B
329 B 208ms
167ms Image
image/gif 104.108.41.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.41.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-41-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:00:45 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: b27e
Content-Type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B65E
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6736529882512009979
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6736529882512009979

43 B
180 B

23ms
22ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6736529882512009979
date: Thu, 25 Feb 2021 03:00:45 GMT
via: 1.1 google
server: OXGW/16.202.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame B65E
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

1140ms
37ms

Image
image/gif

52.218.89.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.89.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:00:47 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: 6C33F57E41F15FBC
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: TQ7/amc06POfyu13BkSLIDydhklZ4FfcGutqGHEPWn7QrkM4nSujDHNP9JrpbjpapIIap/6w6og=

Redirect headers

X-Error-Reason: Missing UserId
Date: Thu, 25 Feb 2021 03:00:45 GMT
Server: akka-http/10.1.13
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame B65E
Redirect Chain

https://pixel.onaudience.com/?mapped=6736529882512009979&partner=68
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=23309472f16b6cab93a6617f635e96a6

35 B
248 B

17ms
17ms

Image
image/gif

51.210.112.236
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=23309472f16b6cab93a6617f635e96a6
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3175227.ip-51-210-112.eu
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Thu, 25 Feb 2021 03:00:45 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=23309472f16b6cab93a6617f635e96a6
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame B65E
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6736529882512009979
https://tags.adsafety.net/v1/cm?cm_uid=CM12021022503c4125e640bfc77a0d6e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=19852d53d2c491d3d6871cb7537bf7a6
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12021022503c4125e640bfc77a0d6e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=19852d53d2c491d3d6871cb7537bf7a6&idt_did_status=added&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTAyMjUwM2M0MTI1ZTY0MGJmYzc3YTBkNmU
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEA1JjryX-NF7X-XxmUhfKgA&google_cver=1
https://ib.adnxs.com/getuid?https://cm.adsafety.net/?_cmsrc=appnexus&idt=100&did=$UID&request=1
https://cm.adsafety.net/?_cmsrc=appnexus&idt=100&did=5147913936524060103&request=1
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=6933030900349008018
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=6933030900349008018
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12021022503c4125e640bfc77a0d6e
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6736529882512009979

43 B
3 KB

16ms
16ms

Image
image/gif

80.82.217.102
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.82.217.102 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:48 GMT
Last-Modified: Thu, 25 Feb 2021 03:00:48 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:48 GMT
server: nginx
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6736529882512009979
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame B65E 0
337 B 3127ms
36ms Image
text/plain 52.48.18.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.18.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=50 t=1614222048
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame B65E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjczNjUyOTg4MjUxMjAwOTk3OQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPbeahqvDyzjkuLXePc37bA&google_cver=1&google_ula=1641347,0

35 B
325 B

28ms
28ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPbeahqvDyzjkuLXePc37bA&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPbeahqvDyzjkuLXePc37bA&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame B65E 0
118 B 31ms
27ms Image
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 03:00:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame B65E
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=5147913936524060103&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=6736529882512009979

43 B
1013 B

14ms
14ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=6736529882512009979

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:46 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid: 0107f9f6-0fb5-4ce6-bca9-77f68ce9edaf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:46 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=6736529882512009979
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame B65E 42 B
974 B 355ms
44ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:46 GMT
X-lat: Pug23021:0:264
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame B65E 43 B
432 B 3077ms
19ms Image
image/gif 13.225.78.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-117.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:00:48 GMT
Via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.16.1
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: SrYiepYwDgBmcW5XO0VUEaQA2_t_Oh6V9dtlmMiWsGwuixFgDxCRBw==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame B65E
Redirect Chain

https://a.audrte.com/a?adform_uid=6736529882512009979
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&google_gid=CAESEGt2BqS1BAj8wScrUfq6msA&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=29dp1F9iy2iQkq65R3E7JuZjQ&gdpr=0&gdpr_consent=

0
344 B

14ms
14ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=29dp1F9iy2iQkq65R3E7JuZjQ&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:00:46 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Thu, 25 Feb 2021 03:00:46 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=29dp1F9iy2iQkq65R3E7JuZjQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B65E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6736529882512009979&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6736529882512009979&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=80829467782978775892149628752832948972&noredirect=1

35 B
325 B

28ms
27ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=80829467782978775892149628752832948972&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: cLATjqcOTzE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=80829467782978775892149628752832948972&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame B65E
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6736529882512009979
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164880503708000049928

35 B
325 B

30ms
29ms

Image
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164880503708000049928

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:47 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:47 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164880503708000049928
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame B65E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6933030900349008018

35 B
325 B

29ms
29ms

Image
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6933030900349008018

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:47 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6933030900349008018
Date: Thu, 25 Feb 2021 03:00:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame B65E 62 B
725 B 471ms
470ms Image
image/gif 104.108.41.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.41.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-41-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:00:46 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 8fe5
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B65E
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=12fc6037-12dd-4300-adcb-bca91cc0e6d8

35 B
325 B

28ms
27ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=12fc6037-12dd-4300-adcb-bca91cc0e6d8

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

Date: Thu, 25 Feb 2021 03:00:46 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=12fc6037-12dd-4300-adcb-bca91cc0e6d8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 25 Feb 2021 03:00:44 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B65E
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=N6OGABFj1Lf6Ts5

35 B
325 B

28ms
27ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=N6OGABFj1Lf6Ts5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:45 GMT
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0047f8acf6307f30d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=N6OGABFj1Lf6Ts5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame B65E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e99d10be-6cf4-4e4e-aed5-14cb3a9afb08

35 B
326 B

341ms
29ms

Image
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e99d10be-6cf4-4e4e-aed5-14cb3a9afb08

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e99d10be-6cf4-4e4e-aed5-14cb3a9afb08
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame B65E 0
72 B 532ms
132ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Englewood, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1

500
Internal Server Error

input
cookie-matching.mediarithmics.com/ Frame B65E
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=6736529882512009979
https://id5-sync.com/c/10/10/2/1.gif?puid=6736529882512009979&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOsVbdmxeXhJFg2p6ROi4WLw5y7_owAkVGrgfDzw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/1/2.gif?puid=ead512ea-b37d-4be8-b05f-207bface0231&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOxJ0_3a-64s--tT41JSIaA&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5147913936524060103&opid=apx&ops=&utidl=tech:goo:CAESEOxJ0_3a-64s--tT41JSIaA&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0a...

0
0

12118ms
12118ms

Image
application/json

51.77.188.223
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5147913936524060103&opid=apx&ops=&utidl=tech:goo:CAESEOxJ0_3a-64s--tT41JSIaA&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.77.188.223 , France, ASN16276 (OVH, FR),
Reverse DNS: ip223.ip-51-77-188.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Origin, Authorization, X-Requested-With, X-Requested-By
access-control-max-age: 600
access-control-allow-methods: POST, GET, PUT, DELETE

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 03:00:47 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid: ccb9587e-1718-4314-90b6-43ba8525a31e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5147913936524060103&opid=apx&ops=&utidl=tech:goo:CAESEOxJ0_3a-64s--tT41JSIaA&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame B65E
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1720981776
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=xNzjNpxS.doGBMp4ZIEbt.

35 B
325 B

29ms
29ms

Image
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=xNzjNpxS.doGBMp4ZIEbt.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:46 GMT
via: 1.1 google
last-modified: Thu, 25 Feb 2021 03:00:46 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=xNzjNpxS.doGBMp4ZIEbt.
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame B65E 23 B
172 B 335ms
45ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:47 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 25 Feb 2021 03:00:47 GMT
server: akka-http/10.1.9
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame B65E
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6736529882512009979
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6736529882512009979&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6736529882512009979&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:47 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6736529882512009979&cs=1
date: Thu, 25 Feb 2021 03:00:47 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame B65E 0
237 B 1078ms
29ms Image
text/plain 143.204.90.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6736529882512009979
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-40.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:47 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JzDkMMnycpG1EJ4Td5eBTdpWcQ1IzySp8QB6SxjT2oSGmxCQFAxv_A==
x-cache: Miss from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B65E
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=6736529882512009979&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=6736529882512009979&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=a875e7d1-7715-11eb-8b15-9e9b130d4f06

35 B
325 B

28ms
27ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=a875e7d1-7715-11eb-8b15-9e9b130d4f06

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 03:00:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

date: Thu, 25 Feb 2021 03:00:46 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=a875e7d1-7715-11eb-8b15-9e9b130d4f06
alt-svc: clear
content-length: 0

GET
H2 200 6736529882512009979
match.contentexchange.me/adform/ Frame B65E 0
49 B 1137ms
43ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/6736529882512009979?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:48 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame B65E
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=6736529882512009979&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6736529882512009979&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

16ms
16ms

Image
image/gif

18.184.39.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6736529882512009979&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.39.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=6736529882512009979&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Thu, 25 Feb 2021 03:00:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame B65E 0
118 B 29ms
28ms Image
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=6736529882512009979&agencyId=6424&advertiserId=2024734&src=tp&rnd=982553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 03:00:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 82 B
309 B 103ms
102ms Stylesheet
text/css 34.233.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.235.75 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-235-75.compute-1.amazonaws.com
Software: /
Resource Hash: ee912e43152f8ee7705f258a85bdbeb9c1d62c388fde4969feee3ffd00a6ae84

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Feb 2021 03:00:45 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 82
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 662ms
103ms Fetch
image/jpeg 34.233.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.235.75 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-235-75.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Feb 2021 03:00:46 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=713231239508209&ev=Microdata&dl=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh&rl=&if=false&ts=1614222045906&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ethel%20M%20Chocolates%3A%20Premium%20Specialty%20Chocolate%20Candy%20Gifts%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%2Fresources%2Fimages%2FdefaultStoreImage.jpg%22%2C%22og%3Asite_name%22%3A%22Ethel%20M%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1614222045402.252876245&it=1614222045310&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:00:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 25 Feb 2021 03:00:45 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
419 B 104ms
103ms XHR
text/plain 34.233.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=86qMCG9FkCE8B14XOIdpRQ&is_js=true&landing_url=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh&host=https://www.ethelm.com
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.235.75 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-235-75.compute-1.amazonaws.com
Software: /
Resource Hash: ec720982dda033c342f03cee7a9a7d08968faa5436708f656f6091e6f29d283c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:00:46 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.ethelm.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 116

GET
H/1.1 204
No Content js_tracking Show response
tags.srv.stackadapt.com/ 0
249 B 206ms
102ms XHR
text/plain 34.233.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510&uid=86qMCG9FkCE8B14XOIdpRQ&host=https://www.ethelm.com
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.235.75 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-235-75.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ethelm.com
Date: Thu, 25 Feb 2021 03:00:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET

GET
H/1.1 200
OK polyfills.js Show response
cdn.bronto.com/popup/ 8 KB
4 KB 10ms
10ms Script
application/javascript 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bronto.com/popup/polyfills.js
Requested by: Host: cdn.bronto.com
URL: https://cdn.bronto.com/popup/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ddf96f89cbd83438b54feaa5109c0b4fffb2e5de9e8c608f967896c3a102230d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:00:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
version-id: 114940e3-7ce5-4748-843a-dd47b3f6f2e6
Content-MD5: B+CotH6nJClo0UbINMhDGw==
Connection: keep-alive
storage-tier: Standard
Content-Length: 2938
Last-Modified: Mon, 08 Feb 2021 13:27:52 GMT
opc-request-id: iad-1:csdM2-aToPS_NRR0s6QDcbrqgEJ7VyFvBzRdkDnA_OJgdYMQhvNzkoU8-MdR6w5O
x-api-id: native
ETag: b6f71908-3542-4303-8419-43086d24ef13
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 params Show response
shop.pe/widget/main/init/ 239 B
739 B 118ms
118ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=5ed5d4d0d5593058b1df916a&product=Ethel%20M%20Chocolates%3A%20Premium%20Specialty%20Chocolate%20Candy%20Gifts&product_url=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510&image=https%3A%2F%2Fwww.ethelm.com%2Fresources%2Fimages%2FdefaultStoreImage.jpg&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=63917&cookie=&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=cd10f97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

a1b60f1a67a4fc1319058395b1d2e8ea0a57cdc685311da8e0d1fc45fd4baa57

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:01:00 GMT
content-encoding: gzip
access-control-allow-origin: https://my.addshoppers.com
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: clear
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: W/"a7601334d63032c67c2c33a58eca56e88fa28eaa"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
via: 1.1 google
access-control-allow-credentials: true
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H/1.1 200
OK config.js Show response
cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/ 2 KB
2 KB 22ms
22ms Script
application/javascript 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/config.js
Requested by: Host: cdn.bronto.com
URL: https://cdn.bronto.com/popup/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d7bb0c9971bcb144a6b7dae3938bb56b4c36565fe3c123401f0b27f06788af3a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:01:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
version-id: a38fd999-4ad6-450d-95be-767762f7ea43
Content-MD5: d2TXS6pccs4y2lnQ8WIKHA==
Connection: keep-alive
storage-tier: Standard
Content-Length: 628
opc-meta-mtime: 1593722345
Last-Modified: Thu, 02 Jul 2020 20:39:32 GMT
opc-request-id: iad-1:m72wbGjdmgqcpK2R6ekBPxYa42anz0uNsWcKx1P8eerSxWYArkqGAMNFIaiJ9k4U
x-api-id: native
ETag: 9c5733a2-e892-45dd-8672-4874f9f3fbec
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-mtime,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK popup.js Show response
cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/ 44 KB
11 KB 28ms
28ms Script
application/javascript 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/popup.js
Requested by: Host: cdn.bronto.com
URL: https://cdn.bronto.com/popup/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c5dda7e7debe204e2df6e53689301c930ba43c8fb42b2a746fd41625b61ea9fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:01:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
version-id: fefc3ec6-ca96-4f87-82aa-8db8ebf51c88
Content-MD5: UVsI4JlM2xXj6gdjaTb2bQ==
Connection: keep-alive
storage-tier: Standard
Content-Length: 10656
opc-meta-mtime: 1593722343
Last-Modified: Thu, 02 Jul 2020 20:39:32 GMT
opc-request-id: iad-1:qOEmoMRQucvHIaemjtNFzAA98sGJmeCDAMMEGEvAB4PutNNonMsZ-58t5vMvehsR
x-api-id: native
ETag: 4cc28fc5-c93e-451a-9567-640e1cff5305
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-mtime,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK popup.js Show response
cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/fc90a438-865c-4376-a668-af94b9e8f4bb/ 43 KB
11 KB 55ms
43ms Script
application/javascript 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/fc90a438-865c-4376-a668-af94b9e8f4bb/popup.js
Requested by: Host: cdn.bronto.com
URL: https://cdn.bronto.com/popup/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4eabe109dc51cd887174ebb8c6a8520b79addf0abe591d79a1cdd6e8e73f9f71

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:01:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
version-id: 7d839a71-24db-40f7-b4d6-4cab5987d12d
Content-MD5: PrgS5z3V+DTvlT+MebMv7w==
Connection: keep-alive
storage-tier: Standard
Content-Length: 10576
opc-meta-mtime: 1593722344
Last-Modified: Thu, 02 Jul 2020 20:39:32 GMT
opc-request-id: iad-1:-DH6zFXOgsncgTFR5XRnL7ztU0wc3zhYCmnJ2NnyGZ3E7IdW6gGbydepQJg1pNxo
x-api-id: native
ETag: 49fd6def-9cf3-4617-b404-574ce82f3b38
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-mtime,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 3b8f69d4-d69d-4f06-8b6e-e535260bcfb3.jfif
cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/ 9 KB
10 KB 401ms
389ms Image
image/jpeg 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/3b8f69d4-d69d-4f06-8b6e-e535260bcfb3.jfif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9ebc4965cbc986464ffbe88f674f315aad59ffc8bc49f6de60c27d5dbc9e71d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:01:00 GMT
version-id: 6d59f3d0-ebde-4e46-8cf7-8be3263ed4bb
Content-MD5: f6L2AByFNJUmTVH7CimeGg==
Connection: keep-alive
storage-tier: Standard
Content-Length: 8990
opc-meta-mtime: 1593722343
Last-Modified: Thu, 02 Jul 2020 20:39:32 GMT
opc-request-id: iad-1:QOxvEPpfruPY7XbdOjMaZyoQ7AGRcwCVGa4KIDG6lr7ffm77x1nNNdZp8QlGlqI0
x-api-id: native
ETag: e3615947-a01d-42ee-845d-e42ee10e2b08
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-mtime,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK close_noborder_new.png
cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/ 1 KB
2 KB 40ms
28ms Image
image/png 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/close_noborder_new.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 66b30e6b97266ccd17543c86892e605ec702a93f5038887b365a2581e27f71cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:01:00 GMT
version-id: 957d3fe1-74b1-481f-bb6c-a436e22dfc23
Content-MD5: VK4I0ztnClB9z79r3TlylA==
Connection: keep-alive
storage-tier: Standard
Content-Length: 1093
opc-meta-mtime: 1593722343
Last-Modified: Thu, 02 Jul 2020 20:39:32 GMT
opc-request-id: iad-1:eRpBI1glCIGL7KUoH4XgDyKOpUMSDODcrNUUmTOT9DbpRR8w_JNeDiQirUrgBWhQ
x-api-id: native
ETag: 45333aa2-f3d7-495f-a874-be618c913e3c
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-mtime,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK pu5.png
cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/fc90a438-865c-4376-a668-af94b9e8f4bb/ 108 KB
109 KB 43ms
30ms Image
image/png 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/fc90a438-865c-4376-a668-af94b9e8f4bb/pu5.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: dbf9d1b9a68c8bf06c1c08a47e4ba6c79dffe785769af12263de31f7085f9d71

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:01:00 GMT
version-id: 9dd51a56-06c9-4779-9930-35d8f41bb5aa
Content-MD5: 533iprW6tFRIuvgR3ly9LA==
Connection: keep-alive
storage-tier: Standard
Content-Length: 110813
opc-meta-mtime: 1593722344
Last-Modified: Thu, 02 Jul 2020 20:39:32 GMT
opc-request-id: iad-1:X1KnzMUcrrgqOHxXg8LYmSOZHWwUHHe7vbm559_E3E94ljE-F7iywFl7L-fK0WFN
x-api-id: native
ETag: 3e7f3be8-d704-478e-a9bf-fe8f0a929cf9
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-mtime,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK close_noborder_new.png
cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/fc90a438-865c-4376-a668-af94b9e8f4bb/ 1 KB
2 KB 64ms
52ms Image
image/png 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/fc90a438-865c-4376-a668-af94b9e8f4bb/close_noborder_new.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 66b30e6b97266ccd17543c86892e605ec702a93f5038887b365a2581e27f71cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:01:00 GMT
version-id: d93844f2-a72f-45f8-9357-d37e28dc4d18
Content-MD5: VK4I0ztnClB9z79r3TlylA==
Connection: keep-alive
storage-tier: Standard
Content-Length: 1093
opc-meta-mtime: 1593722344
Last-Modified: Thu, 02 Jul 2020 20:39:32 GMT
opc-request-id: iad-1:V3wwnhP1nEfz6gl6Ai8EDfntZI_QVyzGIhQd5jkPNzw-MZaC15mHtYV7sjN_yQlF
x-api-id: native
ETag: 5428a64a-e696-486f-a4b6-c652dbc7a4b9
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-mtime,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 3b8f69d4-d69d-4f06-8b6e-e535260bcfb3.jfif
cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/fc90a438-865c-4376-a668-af94b9e8f4bb/ 9 KB
10 KB 396ms
396ms Image
image/jpeg 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/fc90a438-865c-4376-a668-af94b9e8f4bb/3b8f69d4-d69d-4f06-8b6e-e535260bcfb3.jfif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9ebc4965cbc986464ffbe88f674f315aad59ffc8bc49f6de60c27d5dbc9e71d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:01:00 GMT
version-id: 6d3bb5c7-a162-47f7-84d5-e1ea7039530f
Content-MD5: f6L2AByFNJUmTVH7CimeGg==
Connection: keep-alive
storage-tier: Standard
Content-Length: 8990
opc-meta-mtime: 1593722344
Last-Modified: Thu, 02 Jul 2020 20:39:32 GMT
opc-request-id: iad-1:Q1fAbQdhZGz29fuu0-I1G7qMc8NO0NqAWhSrntC3AktwF_XvA0H5KCF54NDl_H3p
x-api-id: native
ETag: 39fed27c-a8d8-41be-8079-9e90e3b6ef0e
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-mtime,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 params Show response
shop.pe/widget/main/init/ 888 B
776 B 123ms
122ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=5ed5d4d0d5593058b1df916a&product=Ethel%20M%20Chocolates%3A%20Premium%20Specialty%20Chocolate%20Candy%20Gifts&product_url=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510&image=https%3A%2F%2Fwww.ethelm.com%2Fresources%2Fimages%2FdefaultStoreImage.jpg&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.ethelm.com%2Fvalentines-day-chocolates%2Fc%2F100510%3Futm_source%3Dbm23%26utm_medium%3Demail%26utm_term%3DImage%2B-%2BShop%2BOur%2BValentine%2527s%2BDay%2BGifts!%26utm_content%3D%253F%253F%2BStill%2BNeed%2Ba%2BLast%2BMinute%2BGift%3F%2B%253F%253F%26utm_campaign%3DV-Day%2BLate%2B-%2BWO%2B2-8-2021%26_bta_tid%3D42297571175476429256038354779433999407736054223996329893244435488534886440830364412156200941284530378501%26_bta_c%3Disgpq9xj98tq9farcedl7nixi7cnh&callback=AddShoppersWidget.load_widget&rand=68295&cookie=2%7C1%3A0%7C10%3A1614222060%7C15%3Aaddshoppers.com%7C44%3ANWMwZWU2NWY2NjliNDgzNGIzYmJlZDM5ZjgzODhlZjE%3D%7Cfc6c0b2321649ae8e5d5a0d3b8887802eda58c9f8691a05f5cf6fc6eee611c2d&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=cd10f97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

5438f2a9118077c8dcabf2104ab696b249dfd07a0ae58646f23f66522de43c30

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:01:00 GMT
content-encoding: gzip
access-control-allow-origin: https://my.addshoppers.com
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: clear
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: W/"5f87d303e8be483b79725fec795df232676dd39d"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
via: 1.1 google
access-control-allow-credentials: true
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H2 200 input.js Show response
shopper.shop.pe/ 23 KB
24 KB 28ms
8ms Script
text/javascript 35.190.54.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.shop.pe/input.js
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0a91f7cf777ed986216313f29f443456315f50bf1428eb17ba275df87c468280

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 02:08:03 GMT
age: 3177
x-guploader-uploadid: ABg5-UyIgIejL-LURAOme6vBHmr7NWlcVu9ekV7oWgE2YMAK0gtrNMO5wvjMP3biV_hOSYonpB24JOJ6jESx1lxD714
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 23672
last-modified: Wed, 27 Nov 2019 19:23:40 GMT
server: UploadServer
etag: "f960052c25dea0d4308c30fe905fc391"
x-goog-hash: crc32c=xBt02w==, md5=+WAFLCXeoNQwjDD+kF/DkQ==
x-goog-generation: 1574882620474968
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=3600
x-goog-stored-content-length: 23672
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 25 Feb 2021 03:08:03 GMT

GET
H/1.1 200
OK 3b8f69d4-d69d-4f06-8b6e-e535260bcfb3.jfif
cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/ 9 KB
10 KB 120ms
118ms Image
image/jpeg 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/3b8f69d4-d69d-4f06-8b6e-e535260bcfb3.jfif
Requested by: Host: cdn.bronto.com
URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9ebc4965cbc986464ffbe88f674f315aad59ffc8bc49f6de60c27d5dbc9e71d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:01:03 GMT
version-id: 6d59f3d0-ebde-4e46-8cf7-8be3263ed4bb
Content-MD5: f6L2AByFNJUmTVH7CimeGg==
Connection: keep-alive
storage-tier: Standard
Content-Length: 8990
opc-meta-mtime: 1593722343
Last-Modified: Thu, 02 Jul 2020 20:39:32 GMT
opc-request-id: iad-1:jgIlZfI9Mg_R0Qn9dMYZE1dDPwph1wtldarZwMm6tTjVbTtM-Mk5Se7IsTwi1LeK
x-api-id: native
ETag: e3615947-a01d-42ee-845d-e42ee10e2b08
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-mtime,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK close_noborder_new.png
cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/ 1 KB
2 KB 15ms
13ms Image
image/png 2a02:26f0:7100:185::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/close_noborder_new.png
Requested by: Host: cdn.bronto.com
URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:185::3a7c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 66b30e6b97266ccd17543c86892e605ec702a93f5038887b365a2581e27f71cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 03:01:03 GMT
version-id: 957d3fe1-74b1-481f-bb6c-a436e22dfc23
Content-MD5: VK4I0ztnClB9z79r3TlylA==
Connection: keep-alive
storage-tier: Standard
Content-Length: 1093
opc-meta-mtime: 1593722343
Last-Modified: Thu, 02 Jul 2020 20:39:32 GMT
opc-request-id: iad-1:eRpBI1glCIGL7KUoH4XgDyKOpUMSDODcrNUUmTOT9DbpRR8w_JNeDiQirUrgBWhQ
x-api-id: native
ETag: 45333aa2-f3d7-495f-a874-be618c913e3c
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-mtime,opc-request-id,storage-tier,version-id,x-api-id
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 materialdesignicons.min.css
cdn.materialdesignicons.com/1.7.22/css/ 71 KB
14 KB 94ms
28ms Stylesheet
text/css 185.59.220.199
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.materialdesignicons.com/1.7.22/css/materialdesignicons.min.css
Requested by: Host: cdn.bronto.com
URL: https://cdn.bronto.com/popup/fac7ae79-ff11-4dd4-a041-f493be512b8c/1e30f513-b552-444c-9643-8232305239d4/popup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: BunnyCDN-DE1-722 /
Resource Hash: 41ab457ae3c836437d26dfebf904c060b5b45c5efa85c7ebfb0966b4c8a9273a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:01:03 GMT
content-encoding: br
cdn-edgestorageid: 601, 617
access-control-allow-origin: *
cdn-cachedat: 2021-01-03 21:59:21
cdn-pullzone: 190968
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Sun, 28 Aug 2016 02:22:42 GMT
server: BunnyCDN-DE1-722
vary: Accept-Encoding
content-type: text/css
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=7776000
cdn-requestid: 6db834893b90e50f995eb098b242aa36
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sy.eu.angsrvr.com
URL: https://sy.eu.angsrvr.com/sync?type=host&dsp=13&dspuuid=6736529882512009979

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdn-tp4.mozu.com/25786-39566/js/require-min.js?ver=1.3(Line 8) Message: Error: Mismatched anonymous define() module: [object Object] http://requirejs.org/docs/errors.html#mismatch
console-api	log	URL: https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js(Line 1) Message: isFomoEnabled(): Cannot read property 'getItem' of null
console-api	log	URL: https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null at Object.isFomoEnabled (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:20555) at Object.isFomoEnabled (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:34596) at Object.reinitiate (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:13773) at Object.reinitiate (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:34596) at Object.initiate (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:15545) at Object.initiate (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:34596) at https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:12:8
console-api	log	URL: https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js(Line 1) Message: isFomoEnabled(): Cannot read property 'getItem' of null
console-api	log	URL: https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null at Object.isFomoEnabled (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:20555) at Object.isFomoEnabled (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:34596) at Object.reinitiate (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:13773) at Object.reinitiate (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:34596) at Object.initiate (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:15545) at Object.initiate (https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:1:34596) at https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js:12:8
console-api	log	URL: https://load.fomo.com/api/v1/VBDSf9KncqG4X-oQLSiZOw/load.js(Line 1) Message: Want to show off recent customer activity in real-time? Get started at https://fomo.com/developers.
console-api	log	URL: https://tags.tiqcdn.com/utag/mars/mlethelm/prod/utag.94.js?utv=201812131807(Line 4) Message: TypeError: Cannot read property 'textContent' of undefined
console-api	log	URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=cd10f97(Line 17) Message: TypeError: Cannot read property 'removeItem' of null
console-api	log	URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=cd10f97(Line 16) Message: TypeError: Cannot read property 'addshoppers_last_fallback' of null
console-api	log	URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=cd10f97(Line 319) Message: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4498545.fls.doubleclick.net
a.audrte.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
addstrap-ui.addshoppers.com
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
adservice.google.de
analytics.google.com
api.adrtx.net
assets.secure.checkout.visa.com
bat.bing.com
bcp.crwdcntrl.net
beacon.krxd.net
bm5150.com
c1.adform.net
cdn-tp4.mozu.com
cdn.bronto.com
cdn.cookielaw.org
cdn.materialdesignicons.com
ce.lijit.com
centro.pixel.ad
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
connect.facebook.net
cookie-matching.mediarithmics.com
ct.pinterest.com
d3rr3d0n31t48m.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js.adsrvr.org
jssdkcdn.mparticle.com
jssdkcdns.mparticle.com
load.fomo.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
p.linkstorm.net
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s.pinimg.com
s.yimg.com
s2.adform.net
s3-eu-west-1.amazonaws.com
script.crazyegg.com
secure.adnxs.com
secure.checkout.visa.com
shop.pe
shopper.shop.pe
simage2.pubmatic.com
snip.bronto.com
stats.g.doubleclick.net
sy.eu.angsrvr.com
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
tags.srv.stackadapt.com
tags.tiqcdn.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
www.ethelm.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
sy.eu.angsrvr.com
104.108.41.56
104.111.218.85
104.111.242.245
104.18.25.161
104.19.209.81
104.75.88.209
108.128.254.60
13.225.78.117
142.250.185.166
142.250.185.226
143.204.90.40
143.204.90.58
172.217.18.98
18.133.35.94
18.156.0.31
18.159.182.76
18.184.39.197
18.198.69.109
18.202.184.10
185.33.221.11
185.33.221.14
185.59.220.199
185.64.190.80
199.187.193.193
2.18.233.201
2.18.234.21
2.18.234.233
216.152.140.212
216.27.63.18
216.46.185.182
216.52.2.48
23.79.129.43
2600:9000:211e:4200:10:13ca:c600:93a1
2606:4700:3031::6815:2430
2606:4700::6810:9540
2606:4700::6813:9308
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c00::9c
2a00:1450:400c:c07::9b
2a02:26f0:6c00:280::3a7c
2a02:26f0:6c00:2bf::1a43
2a02:26f0:7100:185::3a7c
2a02:6ea0:c700::2
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::645
2a04:4e42:9::84
3.121.27.153
3.123.78.164
34.120.207.148
34.233.235.75
35.190.16.14
35.190.54.17
35.190.71.216
35.227.244.1
35.227.248.159
35.244.159.8
37.157.4.23
37.157.4.29
37.157.5.73
37.157.6.251
46.19.11.36
51.210.112.236
51.77.188.223
51.77.65.176
52.218.89.195
52.28.254.214
52.48.18.249
52.49.114.167
52.57.47.211
52.58.57.174
54.208.188.153
54.36.109.155
54.78.254.47
54.83.11.155
65.9.65.116
66.155.71.149
69.173.144.165
77.243.60.138
78.46.100.125
80.82.217.102
80.82.217.94
85.114.159.118
85.90.245.27
99.80.128.92
013b002b7b2bc0d5e5132c136d05a6c301f4d0f8a50575cf8d242d66311b5698
0322965d934a563e58cb4a5ec54b4d265044ef0380fa14955da9922b42ee6cc1
043c2afa7e325672beb1c381004e5f5b374884430035a478d86a1633fda234e9
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0a91f7cf777ed986216313f29f443456315f50bf1428eb17ba275df87c468280
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111cd17aaacdfe804e3611a078fc21c792361734ae6f17b9d105e922c7d924c6
14d6a98bf46480824b8d4e6a76ee11ebe1b8e912459c9cf850b06ccc7e37781e
171572d870c12e786855edc42fc6e298060fb7e1b24821ffc0126ea91f713f2d
1739068947a0d7fda805cc8d518210a6add21fdc7ac7f3fc2d9b30809483cfea
1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664
1c3d70f4682f76c677f6814ad45f3154fd545981e794c62dc675ed4213f9842d
1e256dcad6da5694446db772bf8ce47ea5f990914a7179b0536e58d8ba776953
281093e49105c8fd0c79a0c99129dd106a3f3abc9f18f4c1ea15affd4362aa29
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb83999c91e4dc6f68f81a80f15c9d3d34657d48af8dad6474b9ede9ad7ae62
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
3499f7bb904d28be1e285f4c1977ccf937b71afee79539180e2d780613bcc47f
35ae909bb0d19b6cfee5e7c494635f41b2dce060fedd961b556334d01654bea6
36a87e999160e645d1bd074bd988557e26027a487febeca2761b8136d1cb07d7
3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3ecefc031b113de38c459113bce0a72d19e599b78d47072482cdee0589db6730
3f820560cb03adddb6d6d172282327049b828288a55da24cfe1f684d76f22d93
41ab457ae3c836437d26dfebf904c060b5b45c5efa85c7ebfb0966b4c8a9273a
420c9b11e40dcd6cf25246d1bc95deda6434ab59a0d744a31f6c40c0ab79c8bb
46d51d43c6371ee5b59a191c8f9ab00f006489d9e9a1dc7d9ce6042dc2aed8b4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eabe109dc51cd887174ebb8c6a8520b79addf0abe591d79a1cdd6e8e73f9f71
4ef166ef724f3bb6525eb62db7091f170d9d3aa8440a9807548d84425781baf4
4fb3536e720a4c55e2621100e31fc1bf29fdc91161ad54e2cb00bc6c9752e146
5438f2a9118077c8dcabf2104ab696b249dfd07a0ae58646f23f66522de43c30
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56b796c2b0c4fc63cff2c619aec1e3107e9d0895c89fb813c01bef6ffc10ddc8
587cefe3704817677250ee21e9ceec2c8a4724843f9e4c76e77adc885b82776e
5a73b2cf5e82c5ed80f04c67471802c408af1d25daac24bf429746e32a312d0b
5add12e703b09d4f28468fc8f28fd04cf050a38e53de98cec5b6b648416521cf
5c27ebe2d2edcf50e6b104effe3e18883b2cf0cfa18cfc9af35f67170a8caa8d
5d623e4a53083776b9ddd39e49f9ed10e020c89e7379daf1de4c0d08796a8fd0
5dce3034b9ca3117cb496ad37959cae75a724459d13a38e0b5984c935de9b67f
602dd0fa04cbd2f8d58316e5da3201485727569b77e7f2b17035970ef2344a57
6143e5672339fa881514921c72873f2eebddd1861a1541ce8219f880e6c5a3cb
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
65e0198e2d2df443a18f8df1510a7dffbf2b52fcd799a9a57286bafae870f054
66385274194e3aa5027c8240b46cbdd00873cdf879bf0c7d9b84024e1f08c3d4
66b30e6b97266ccd17543c86892e605ec702a93f5038887b365a2581e27f71cc
6852672ccdb551c48baf465fe270f3450c216db43b1761d27ae3f996bab0031e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6eb5299c637f91f42fa5bc1b3f26dc661e10666ab5e3e145a385eaf91d8330ee
72f9dd6d7c06d61df4a06dfbc564961053ac25ff27a8afbee250ce4299faacf7
76bd2560fb649514227dcee6e619f5c978005941f6f34130cbf3d465339ffe5f
79a9b4910601d5e427725131967a9047e21e1e7c8972b7542d7e2c7c2ce91b4d
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863508154ae4349d2ccb858d377f0605671ee570ce028cb7095f5351cf68946c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
924335341d51f3834be55bfd44cde93a6dd858fdcd83e9dc6ec4b4555b676b1a
9782e0ffac80bc4d708ad4cc86a9c94fdd3776003ef57591dad580f5c0f73bd5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e1340437a29d8af960429df172ea9a21c3ab3372853112b097650245bf6d5a8
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9ebc4965cbc986464ffbe88f674f315aad59ffc8bc49f6de60c27d5dbc9e71d7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7
a0b71f35474b96fe7c0741214acbd963246765f87f5cda72c9b7d7de3a334528
a1b60f1a67a4fc1319058395b1d2e8ea0a57cdc685311da8e0d1fc45fd4baa57
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ad8e530eb16a53ebe93503917fa69e2ef37d1385e737045e966740697a3786a0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b490544f1db32b7bea1a8e65e851746a5867832c77c82f4bee7da551797dda34
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd6dca96b2eb7e15e62244b61330f0930949f65771c85e4f501527646d4b3140
be59390def24db2d317fc2445e80672f05302755d822266ccee79e0c8e23b627
c0f0c0fa7c3f3f270e7cf5503b5030fe4de9b75ddf0f7825bc52acb163e23c87
c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2
c59503a89a2631de8b5aa2285172b28a162c2dc634d880c415f44dd55ead84cd
c5dda7e7debe204e2df6e53689301c930ba43c8fb42b2a746fd41625b61ea9fb
c7cabf6ba65fecc026f1ab87ad17bb849dc891355faf688afb98d39780b112c3
cab6fe23e3bf3dd83f96c46c651af5b3524ddb7c0b0cae04090a12c7301ec351
cd7ac76cbc4b3b99ce10fd5a8d26025ec1c1f46121c558bd9fe1dfd5467da3e5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7bb0c9971bcb144a6b7dae3938bb56b4c36565fe3c123401f0b27f06788af3a
d8665066d8837c9c4e576ebf5471d2ec61eadd22e720805680623b34996a858d
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dbf9d1b9a68c8bf06c1c08a47e4ba6c79dffe785769af12263de31f7085f9d71
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
ddf96f89cbd83438b54feaa5109c0b4fffb2e5de9e8c608f967896c3a102230d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b798730d0cf82733e6ed9d9c805b58d35f8f4bab9457553279987846737c77
e77d1b1272364167fe748fd36456771f894ded3ae8550ea4475516412bee0a8d
e93193ef60dfbe57b41ad5a56f94f177ecaf7d484e0f5b7672184527a414bea4
ec2592134f88f66499193631042ddecb8bac27ed4e52f9a0890c4fbfd61eee41
ec720982dda033c342f03cee7a9a7d08968faa5436708f656f6091e6f29d283c
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee912e43152f8ee7705f258a85bdbeb9c1d62c388fde4969feee3ffd00a6ae84
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26538c23fa8a0813abbcc1738cd17fa75e46ff993e7e3eccfd3a3a4ce8cf4cf
f3e4ff76f16b7e0d98a93eba5d15316f7bac1d5d2a91457082bba1b3b910e23e
fd3c303863cc0ac69f97e37371e2d0726840127b001c63faded19d97240a0913
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.ethelm.com Open in urlscan Pro 54.83.11.155 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

99 %HTTPS

29 %IPv6

78 Domains

98 Subdomains

74 IPs

10 Countries

1994 kBTransfer

5739 kBSize

0 Cookies

22 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.ethelm.com Open in urlscan Pro
54.83.11.155 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

99 %
HTTPS

29 %
IPv6

78
Domains

98
Subdomains

74
IPs

10
Countries

1994 kB
Transfer

5739 kB
Size

0
Cookies

160 HTTP transactions
1 data transactions