www.gemafina.com Open in urlscan Pro
104.17.32.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.e.ykso.co/c2/1126:5fd904d22b74597c3c65b39b:rm202103161630:5f847dd233cce51c4a2cca13:1/6334ebca?jwtH=eyJ0eXA...
Effective URL:
https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal...
Submission: On March 22 via manual (March 22nd 2021, 6:40:30 pm UTC) from US

Summary HTTP 117 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 26 domains to perform 117 HTTP transactions. The main IP is 104.17.32.74, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gemafina.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 7th 2020. Valid for: a year.

This is the only time www.gemafina.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:497f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.32.74 104.17.32.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	104.17.77.75 104.17.77.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.162.144.38 35.162.144.38	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c01::9c	15169 (GOOGLE) (GOOGLE)
2	176.34.134.163 176.34.134.163	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.67.86 65.9.67.86	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:1200:1c:eade:2240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	52.33.65.38 52.33.65.38	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	63.33.127.66 63.33.127.66	16509 (AMAZON-02) (AMAZON-02)
5	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 1	52.28.108.245 52.28.108.245	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.20 217.182.200.20	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
117	37

1 2606:4700::6812:497f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

e.e.ykso.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.32.74 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gemafina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.17.77.75 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn1.ykso.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.162.144.38 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-144-38.us-west-2.compute.amazonaws.com

widget.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.34.134.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-134-163.eu-west-1.compute.amazonaws.com

js.logentries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.67.86 (United States)

ASN16509 (AMAZON-02, US)

d22xmn10vbouk4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:1200:1c:eade:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)

tracking.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.65.38 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-65-38.us-west-2.compute.amazonaws.com

geoip.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.127.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-127-66.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.108.245 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-108-245.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.20 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	ykso.co 1 redirects e.e.ykso.co cdn1.ykso.co	435 KB
23	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	289 KB
17	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	57 KB
6	gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com	136 KB
5	google.com 2 redirects www.google.com adservice.google.com	1020 B
5	google-analytics.com www.google-analytics.com	40 KB
5	sezzle.com widget.sezzle.com tracking.sezzle.com geoip.sezzle.com	37 KB
3	googletagservices.com www.googletagservices.com	99 KB
3	facebook.com www.facebook.com	729 B
3	facebook.net connect.facebook.net	98 KB
3	google.de www.google.de adservice.google.de	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com	887 B
2	nr-data.net bam-cell.nr-data.net	1 KB
2	googleadservices.com www.googleadservices.com partner.googleadservices.com	14 KB
2	bing.com bat.bing.com	9 KB
2	logentries.com js.logentries.com	404 B
2	gemafina.com www.gemafina.com	27 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	303 B
1	innovid.com ag.innovid.com	296 B
1	mookie1.com odr.mookie1.com	324 B
1	agkn.com 1 redirects d.agkn.com	663 B
1	everesttech.net 1 redirects pixel.everesttech.net	374 B
1	quantserve.com cms.quantserve.com	463 B
1	cloudfront.net d22xmn10vbouk4.cloudfront.net	22 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	googletagmanager.com www.googletagmanager.com	44 KB
117	26

	Domain	Requested by
28	cdn1.ykso.co	www.gemafina.com cdn1.ykso.co
12	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.gemafina.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.gemafina.com googleads.g.doubleclick.net
4	www.google.com	2 redirects www.gemafina.com
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.facebook.com	connect.facebook.net
3	connect.facebook.net	www.gemafina.com connect.facebook.net
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	bam-cell.nr-data.net	js-agent.newrelic.com www.gemafina.com
2	tracking.sezzle.com	widget.sezzle.com tracking.sezzle.com
2	bat.bing.com	www.googletagmanager.com
2	www.google.de	www.gemafina.com
2	js.logentries.com	www.gemafina.com
2	widget.sezzle.com	www.gemafina.com widget.sezzle.com
2	www.gemafina.com	www.gemafina.com
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	geoip.sezzle.com	www.gemafina.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googleadservices.com	www.googletagmanager.com
1	d22xmn10vbouk4.cloudfront.net	www.googletagmanager.com
1	js-agent.newrelic.com	www.gemafina.com
1	stats.g.doubleclick.net	www.gemafina.com
1	www.googletagmanager.com	www.gemafina.com
1	e.e.ykso.co	1 redirects
117	37

This site contains links to these domains. Also see Links.

Domain
www.morecommerce.com
support.opensky.com
gemafina-support.zendesk.com
twitter.com
facebook.com
pinterest.com
www.opensky.com
www.dotandbo.com
www.storenvy.com
www.11main.com

Subject Issuer	Validity	Valid
gemafina.com Cloudflare Inc ECC CA-3	`2020-10-07` - `2021-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-11` - `2021-08-11`	a year	crt.sh
widget.sezzle.com R3	`2021-02-14` - `2021-05-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
eu.logentries.com Amazon	`2021-03-18` - `2022-04-16`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-11` - `2021-05-07`	2 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tracking.sezzle.com Amazon	`2020-10-18` - `2021-11-17`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
geoip.sezzle.com R3	`2021-02-14` - `2021-05-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Frame ID: 2C02981C74447E86E2B379770500461C
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 62B782933833B718DD43E2E24A21CA7C
Requests: 1 HTTP requests in this frame

Frame: https://tracking.sezzle.com/
Frame ID: 48ADA482738C69FD53D2B0EC8045ED30
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&adk=1812271804&adf=3025194257&lmt=1616438412&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&ea=0&flash=0&pra=5&wgl=1&dt=1616438412441&bpp=15&bdt=1201&idt=101&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4103805947432&frm=20&pv=2&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=119
Frame ID: D7722D9F948EB69ACAF125D7CE232D3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=800&slotname=3360408353&adk=4069893624&adf=4284122038&pi=t.ma~as.3360408353&w=300&lmt=1616438412&rafmt=12&psa=0&format=300x800&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&wgl=1&dt=1616438412457&bpp=13&bdt=1218&idt=111&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1276&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8448&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FioEP6y8J1&p=https%3A//www.gemafina.com&dtd=116
Frame ID: C6B336C61EE5416D1D7C10D682E5133E
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=250&slotname=5181073717&adk=2840091421&adf=2126487628&pi=t.ma~as.5181073717&w=300&fwrn=4&fwrnh=100&lmt=1616438412&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&dt=1616438412470&bpp=1&bdt=1231&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x800&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IX08eep8bY&p=https%3A//www.gemafina.com&dtd=126
Frame ID: 5D634EC5D782D4AC08AAB0CF122429F8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: CB20726C7E114DBA604C7C471CA4CC71
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 86F63126F3B9F37668ED8417C25822BF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2F19C8672F8934B9C60C8161F261BC63
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 183382AC6641AC166A5B8F2BB6655212
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F9443CEC09F850C29FBDF8ECC308C6D3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: A5F382FED43E5A4138BF174283339084
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://e.e.ykso.co/c2/1126:5fd904d22b74597c3c65b39b:rm202103161630:5f847dd233cce51c4a2cca13:1/6... HTTP 302
https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarov... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

117
Requests

98 %
HTTPS

61 %
IPv6

26
Domains

37
Subdomains

37
IPs

6
Countries

1323 kB
Transfer

3666 kB
Size

8
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.morecommerce.com/sites/gemafina?osky_source=gemafina&osky_medium=referral&osky_campaign=mmn_ooreferral_gemafina
Title: Become a Seller on Gemafina - Today! ›

Search URL Search Domain Scan URL

URL: https://support.opensky.com/hc/en-us/articles/360039905651
Title: Return Policy

Search URL Search Domain Scan URL

URL: https://www.morecommerce.com/sites/gemafina?osky_source=opensky&osky_medium=referral&osky_campaign=mmn_ooreferral_opensky
Title: Become a Seller on Gemafina

Search URL Search Domain Scan URL

URL: https://gemafina-support.zendesk.com/
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://gemafina-support.zendesk.com/hc/en-us/articles/360043251052-Shipping-Policy-
Title: Shipping Policy

Search URL Search Domain Scan URL

URL: https://gemafina-support.zendesk.com/hc/en-us/articles/360043251252-What-is-the-return-and-refund-policy-
Title: Returns & Refunds

Search URL Search Domain Scan URL

URL: http://twitter.com/gemafina
Title:

Search URL Search Domain Scan URL

URL: http://facebook.com/gemafina
Title:

Search URL Search Domain Scan URL

URL: http://pinterest.com/gemafina
Title:

Search URL Search Domain Scan URL

URL: https://www.opensky.com/
Title: Shop new discoveries and deals everyday

Search URL Search Domain Scan URL

URL: https://www.dotandbo.com/
Title: Inspired design for the modern lifestyle

Search URL Search Domain Scan URL

URL: https://www.storenvy.com/
Title: Inspired goods from authentic brands

Search URL Search Domain Scan URL

URL: https://www.11main.com/
Title: Daily deals on fashion and accessories

Search URL Search Domain Scan URL

URL: https://www.morecommerce.com/?utm_source=opensky&utm_medium=marketplaces&utm_campaign=poweredby_footerlink&utm_content=cordialpromotional

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.e.ykso.co/c2/1126:5fd904d22b74597c3c65b39b:rm202103161630:5f847dd233cce51c4a2cca13:1/6334ebca?jwtH=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9&jwtP=eyJpYXQiOjE2MTU5MTI0NzksImNkIjoiLmUueWtzby5jbyIsImNlIjo4NjQwMCwidGsiOiJtb3JlY29tbWVyY2UiLCJtdGxJRCI6IjYwNTBkZGI0NzI5MTcxMTk4MTA2YmRlOCIsImxpbmtVcmwiOiJodHRwczpcL1wvd3d3LmdlbWFmaW5hLmNvbVwveWVpZGlkLWludGVybmF0aW9uYWxcL3Byb2R1Y3RcL2JyYXNlNTktMThrdC13aGl0ZS1nb2xkLXBsYXRlZC1ncmFkdWF0ZWQtc3dhcm92c2tpLWVsZW1lbnRzLWNyeXN0YWwtbGV2ZXJiYWNrLWVhcnJpbmdzP3V0bV9zb3VyY2U9Y29yZGlhbCZsb2dpblVzZXJJZEtleT1jRkZsWVZaUFYzaFBkekYxYzFaSGQyZG5kVGg2YWs4ME1EZEZXbWRhWkUxdFJubFliazlZZWs4d05EMD0mbWF4X2Rpc2NvdW50PTEmZ2VtZl9jYW1wYWlnbj1HZW1hZmluYV9fRE9URF9fRGFpbHkmdXRtX2NhbXBhaWduPUdlbWFmaW5hX19ET1REX19EYWlseSZ1dG1fbWVkaXVtPXByb21vdGlvbmFsIn0&jwtS=mRgGGVmAdQj444KR-M9MFD6v1SZba9NH9lZM-FhhfLc HTTP 302
https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJ95kvONfdRmmofViay2v5xRnmi93rC94HgB6dt5ApJ1AR4CXaUCROhQtE2VT1R02yGhEu73I_O4kDLeh1TZDk2WKm-bw&google_gid=CAESEJqpxGPNfEicHbcdthvKDOo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUZqa2pRQUFBSWR0ZmlIWg&google_push=AQvitUJ95kvONfdRmmofViay2v5xRnmi93rC94HgB6dt5ApJ1AR4CXaUCROhQtE2VT1R02yGhEu73I_O4kDLeh1TZDk2WKm-bw

Request Chain 87

https://d.agkn.com/pixel/2175/?google_gid=CAESECsgwMRMAvgCySeCClpStmg&google_cver=1&google_push=AQvitUIpV847VEW_hTmU63GhSmWSOfLO_o2QWERc-mPHuv6U1PbLERvBiDwInFmHhieXWo2yyvdZ-a7_R5a_Dc-D_L3TGi8qkw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VDc2d3TVJNQXZnQ3lTZUNDbHBTdG1n

Request Chain 88

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKfGMmc8G_mbgeV1xfiwsydOoNYZkIx1FK8JJvJDzKdKNC15IikF1Vce_9fbt7nLa7DlfBjejWTAMjtIiTK2bCr5N-wjg&google_gid=CAESEAiAKixfrOxYs7gzeYsPzxo&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCI3J44IGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BUXZpdFVLZkdNbWM4R19tYmdlVjF4Zml3c3lkT29OWVprSXgxRks4Skp2SkR6S2RLTkMxNUlpa0YxVmNlXzlmYnQ3bkxhN0RsZkJqZWpXVEFNanRJaVRLMmJDcjVOLXdqZw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVGVWNHRodTBqeUw1QzRpYXYxTTNUQVFRSmNhVF94YkcxQWlHWUxmaU5kWQ==&google_push

Request Chain 91

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELaT6q-NLfW2zhTIOwjEU_A&google_cver=1&google_push=AQvitUJ7OhJAM1GHdhTl87ndLBpt6Ce-Xm-FG-OEYdpFPOFgMsAMPNC8ugUJrSz22R74tg_N5yqpKaF2X6SebeCu56trB9F23Bk HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ7OhJAM1GHdhTl87ndLBpt6Ce-Xm-FG-OEYdpFPOFgMsAMPNC8ugUJrSz22R74tg_N5yqpKaF2X6SebeCu56trB9F23Bk&google_hm=

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

117 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings Show response
www.gemafina.com/yeidid-international/product/
Redirect Chain

https://e.e.ykso.co/c2/1126:5fd904d22b74597c3c65b39b:rm202103161630:5f847dd233cce51c4a2cca13:1/6334ebca?jwtH=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9&jwtP=eyJpYXQiOjE2MTU5MTI0NzksImNkIjoiLmUueWtzby5jby...
https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2...

100 KB
26 KB

684ms
623ms

Document
text/html

104.17.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: a9909a7c4dd4438756e4b4be26995edb66c619cce1735121d658a388e765e56d

Request headers

:method: GET
:authority: www.gemafina.com
:scheme: https
:path: /yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d80d98e4086c40ea7865e22f4dcbe685f1616438410; expires=Wed, 21-Apr-21 18:40:10 GMT; path=/; domain=.gemafina.com; HttpOnly; SameSite=Lax; Secure session=5iki99hb5u443vipdipknddham; path=/; HttpOnly attrSessId=6058e48b9218c60ac136e6e9; path=/; httponly
cf-ray: 63418c026e72c863-AMS
age: 0
cache-control: max-age=0, must-revalidate, private
vary: User-Agent, Accept-Encoding
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: DYNAMIC
cf-request-id: 08fcd5d57d0000c8630d026000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-mc-log-action: sellable_view
x-mc-log-context: 569e83f44c3d6fd17d8b4b92
x-mc-log-session: eff8fdb82b6a7ba1840bec0c62ea9d7c
x-mc-log-user: 5863fa4f485e6b10cf62fd8d
x-opensky-requestid: 6058e48b9218c60ac136e6e8
x-opensky-site-slug: gemafina
x-osky-p-node: devo-prod-web15.ali-a.osky.io
x-osky-w-node: devo-prod-web15.ali-a.osky.io
x-powered-by: PHP/7.3.11
x-varnish: 520258094
server: cloudflare
content-encoding: gzip

Redirect headers

date: Mon, 22 Mar 2021 18:40:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2fecedbac1d13f57c36f59812648b55a1616438410; expires=Wed, 21-Apr-21 18:40:10 GMT; path=/; domain=.e.e.ykso.co; HttpOnly; SameSite=Lax; Secure 1126_contactID=5f847dd233cce51c4a2cca13; expires=Tue, 23-Mar-2021 18:40:10 GMT; Max-Age=86400; path=/; domain=.e.ykso.co; secure; samesite=none 1126_msID=1126%3A5fd904d22b74597c3c65b39b%3Arm202103161630; expires=Tue, 23-Mar-2021 18:40:10 GMT; Max-Age=86400; path=/; domain=.e.ykso.co; secure; samesite=none 1126_mcID=1126%3A5fd904d22b74597c3c65b39b%3Arm202103161630%3A5f847dd233cce51c4a2cca13%3A1; expires=Tue, 23-Mar-2021 18:40:10 GMT; Max-Age=86400; path=/; domain=.e.ykso.co; secure; samesite=none 1126_linkID=6050ddb4729171198106bde8; expires=Tue, 23-Mar-2021 18:40:10 GMT; Max-Age=86400; path=/; domain=.e.ykso.co; secure; samesite=none v2_morecommerce=%7B%22linkID%22%3A%226050ddb4729171198106bde8%22%2C%22mcID%22%3A%221126%3A5fd904d22b74597c3c65b39b%3Arm202103161630%3A5f847dd233cce51c4a2cca13%3A1%22%2C%22accountID%22%3A%221126%22%2C%22msID%22%3A%221126%3A5fd904d22b74597c3c65b39b%3Arm202103161630%22%2C%22cID%22%3A%225f847dd233cce51c4a2cca13%22%7D; expires=Tue, 23-Mar-2021 18:40:10 GMT; Max-Age=86400; path=/; domain=.e.ykso.co; secure; samesite=none
cache-control: no-cache, private
location: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-robots-tag: none
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: f7d64d53c6853a2b0f93bf90c9aafca7
cf-cache-status: DYNAMIC
cf-request-id: 08fcd5d4730000d729ef96f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63418c00b979d729-FRA

GET
H2 200 generous.jpg
cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/e8ad253/1537555190/ 19 KB
20 KB 618ms
570ms Image
image/webp 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/e8ad253/1537555190/generous.jpg
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: a26ac93994296f80e2265b345403a4eaf4a9d8c691f9827c07bddad96e26f22c

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=29770
x-opensky-requestid: 605756eab3489a17e65b4176
x-powered-by: PHP/7.3.11
content-type: image/webp
content-disposition: inline; filename="generous.webp"
content-length: 19512
cf-request-id: 08fcd5d83200009c3fc10a6000000001
x-osky-p-node: devo-prod-web12.ali-a.osky.io
x-mc-log-session: 272ad722a2141d57b11036bda70f1200
last-modified: Fri, 21 Sep 2018 18:39:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-varnish: 316573929
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=529478144
x-osky-w-node: devo-prod-web12.ali-a.osky.io
accept-ranges: bytes
cf-ray: 63418c06b9839c3f-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 fonts-desktop-55596a7.css
cdn1.ykso.co/dist/css/packed/main/ 511 B
338 B 106ms
67ms Stylesheet
text/css 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ykso.co/dist/css/packed/main/fonts-desktop-55596a7.css
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0861357152ff93697353666c5b66ff3eef48ab6bd56d24d71b6b3d22300d70e7

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 141
x-osky-w-node: devo-prod-web13.ali-a.osky.io
content-encoding: gzip
cf-request-id: 08fcd5d82f00009c3fcfb86000000001
x-varnish: 57999625
last-modified: Fri, 19 Mar 2021 14:59:21 GMT
server: cloudflare
etag: W/"6054bc49-1ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 63418c06b97c9c3f-AMS
expires: Tue, 22 Mar 2022 18:40:11 GMT

GET
H2 200 opensky-3423720.css
cdn1.ykso.co/dist/css/packed/main/ 285 KB
48 KB 78ms
39ms Stylesheet
text/css 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ykso.co/dist/css/packed/main/opensky-3423720.css
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bc688e6107076fc088e8440254cb994c0d51a5f4638aeebe4862afdf452f20a

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6437
x-osky-w-node: devo-prod-web17.ali-a.osky.io
cf-request-id: 08fcd5d83100009c3fe686a000000001
x-varnish: 111313458
last-modified: Fri, 19 Mar 2021 14:59:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish (Varnish/5.2)
cache-control: public, max-age=31536000
cf-ray: 63418c06b97e9c3f-AMS
expires: Tue, 22 Mar 2022 18:40:11 GMT

GET
H2 200 sites-31e5f3e.css
cdn1.ykso.co/dist/css/packed/main/sites/ 16 KB
3 KB 105ms
66ms Stylesheet
text/css 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ykso.co/dist/css/packed/main/sites/sites-31e5f3e.css
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa501d47dfaa358b703a25bfc8afa7d4c27ed88d5cf7a704dfe2d386ec5325e

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6991
x-osky-w-node: devo-prod-web15.ali-a.osky.io
cf-request-id: 08fcd5d83100009c3fd61e1000000001
x-varnish: 58754554
last-modified: Fri, 19 Mar 2021 14:59:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish (Varnish/5.2)
cache-control: public, max-age=31536000
cf-ray: 63418c06b9809c3f-AMS
expires: Tue, 22 Mar 2022 18:40:11 GMT

GET
H2 200 5a985040fa08eb1e702a9058-1609942478.css
cdn1.ykso.co/asset/site/ 314 B
463 B 123ms
84ms Stylesheet
text/css 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ykso.co/asset/site/5a985040fa08eb1e702a9058-1609942478.css
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: cad827e249e99ce48c3883ffcc3dc14dbc294603927f6640cea4c6336f0f3417

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 428596
x-opensky-requestid: 60525a57aab90b554f7631f5
x-powered-by: PHP/7.3.11
cf-ray: 63418c06b9819c3f-AMS
cf-request-id: 08fcd5d83100009c3fe707a000000001
x-osky-p-node: devo-prod-web15.ali-a.osky.io
x-mc-log-session: f13df0668efdd3a591892e4c3ee5b210
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 946669807
via: 1.1 varnish (Varnish/5.2)
cache-control: public, max-age=31536000
x-osky-w-node: devo-prod-web15.ali-a.osky.io
content-type: text/css; charset=UTF-8
expires: Tue, 22 Mar 2022 18:40:11 GMT

GET
H2 200 gemafina-2340e43.css
cdn1.ykso.co/dist/css/packed/main/sites/ 16 KB
4 KB 509ms
470ms Stylesheet
text/css 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ykso.co/dist/css/packed/main/sites/gemafina-2340e43.css
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 147b9c6de118749d09d48577aaa43b44e5076622b27ccef2643907306b75ee9f

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: REVALIDATED
last-modified: Fri, 19 Mar 2021 14:59:21 GMT
server: cloudflare
x-osky-w-node: devo-prod-web12.ali-a.osky.io
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=31536000
x-varnish: 134709332
cf-ray: 63418c06b9829c3f-AMS
cf-request-id: 08fcd5d83200009c3fe2bc2000000001
expires: Tue, 22 Mar 2022 18:40:11 GMT

GET
H2 200 roboto.woff
cdn1.ykso.co/fonts/roboto/ 19 KB
20 KB 189ms
150ms Font
application/font-woff 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ykso.co/fonts/roboto/roboto.woff
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed

Request headers

Origin: https://www.gemafina.com
Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 5188010
content-encoding: gzip
cf-request-id: 08fcd5d8310000fa444627c000000001
x-varnish: 771392027
last-modified: Wed, 21 Oct 2020 07:52:01 GMT
server: cloudflare
etag: W/"5f8fe8a1-4d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 63418c06bc36fa44-AMS
expires: Thu, 20 Mar 2031 18:40:11 GMT

GET
H2 200 logo.svg
cdn1.ykso.co/img/sites/gemafina/ 6 KB
2 KB 74ms
71ms Image
image/svg+xml 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/img/sites/gemafina/logo.svg
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ea76c871e22a5d22d241a6655766887dab48d613c2f7a1e4808f9f2665b162c

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 5188010
content-encoding: gzip
cf-request-id: 08fcd5da0f00009c3fd39ea000000001
x-varnish: 771064647
last-modified: Wed, 21 Oct 2020 07:52:01 GMT
server: cloudflare
etag: W/"5f8fe8a1-18fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 63418c09ab639c3f-AMS
expires: Thu, 20 Mar 2031 18:40:11 GMT

GET
H2 200 starseller-2019.png
cdn1.ykso.co/img/starseller-badges/ 3 KB
3 KB 55ms
52ms Image
image/webp 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/img/starseller-badges/starseller-2019.png
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd0ccdfeb27fe7b6fc022f02f464c9a1bf08ca24ea0ae5a0ab7f0c9c2e7513d2

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 60981
cf-polished: origFmt=png, origSize=5047
content-type: image/webp
content-disposition: inline; filename="starseller-2019.webp"
content-length: 3060
cf-request-id: 08fcd5da1500009c3fd6205000000001
last-modified: Wed, 21 Oct 2020 07:52:02 GMT
server: cloudflare
etag: "5f8fe8a2-13b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-varnish: 378536657
access-control-allow-origin: *
expires: Thu, 20 Mar 2031 18:40:11 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 63418c09ab649c3f-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 placeholder.jpg
cdn1.ykso.co/img/ 44 B
281 B 74ms
72ms Image
image/webp 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/img/placeholder.jpg
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c5a98f77e9516f40f64a2f722439753be20901df1986c02cae5daa8a83e2d2c

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 4049189
cf-polished: qual=85, origFmt=jpeg, origSize=1107
content-type: image/webp
content-disposition: inline; filename="placeholder.webp"
content-length: 44
cf-request-id: 08fcd5da1000009c3fcc173000000001
last-modified: Wed, 21 Oct 2020 07:52:01 GMT
server: cloudflare
etag: "5f8fe8a1-453"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-varnish: 586973538
access-control-allow-origin: *
expires: Thu, 20 Mar 2031 18:40:11 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 63418c09ab669c3f-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 thumb.jpg
cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/e8ad253/1537555190/ 720 B
1006 B 515ms
512ms Image
image/webp 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/e8ad253/1537555190/thumb.jpg
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: 593bd59056d04585a5263c91f11d2440793d46030d13fed50434890219748bc8

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=1390
x-opensky-requestid: 605756eab90c884c52459622
x-powered-by: PHP/7.3.11
content-type: image/webp
content-disposition: inline; filename="thumb.webp"
content-length: 720
cf-request-id: 08fcd5da1400009c3fe6889000000001
x-osky-p-node: devo-prod-web14.ali-a.osky.io
x-mc-log-session: d286730b0897682216824f3882edf9a4
last-modified: Fri, 21 Sep 2018 18:39:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-varnish: 317227887
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=529478143
x-osky-w-node: devo-prod-web14.ali-a.osky.io
accept-ranges: bytes
cf-ray: 63418c09ab679c3f-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 thumb.jpg
cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/215e27e/1497299063/ 742 B
1 KB 560ms
558ms Image
image/webp 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/215e27e/1497299063/thumb.jpg
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: 3c40e0d562c6450fc212b78cdcf66c4bf65fb48c5c2f3c37c6773c7376d17dca

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=1427
x-opensky-requestid: 605756ea94b721695d565a09
x-powered-by: PHP/7.3.11
content-type: image/webp
content-disposition: inline; filename="thumb.webp"
content-length: 742
cf-request-id: 08fcd5da1000009c3fde85f000000001
x-osky-p-node: devo-prod-web12.ali-a.osky.io
x-mc-log-session: 218c21f0fba9344056e3ccf98f5e007c
last-modified: Mon, 12 Jun 2017 20:24:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-varnish: 367002500
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=529478143
x-osky-w-node: devo-prod-web12.ali-a.osky.io
accept-ranges: bytes
cf-ray: 63418c09ab689c3f-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 thumb.jpg
cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/6bcd757/1483473837/ 498 B
852 B 550ms
548ms Image
image/webp 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/6bcd757/1483473837/thumb.jpg
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: 41896ea2af8eae633c1905b7ff8dfa67636a31358b25661ebb52a06e5cc335ce

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=1094
x-opensky-requestid: 605756ea32a5470e934e4607
x-powered-by: PHP/7.3.11
content-type: image/webp
content-disposition: inline; filename="thumb.webp"
content-length: 498
cf-request-id: 08fcd5da1100009c3fc92f1000000001
x-osky-p-node: devo-prod-web14.ali-a.osky.io
x-mc-log-session: 501d2354b37ffd6d12e7c79af8f1f2bd
last-modified: Tue, 03 Jan 2017 20:03:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-varnish: 313496307
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=529478143
x-osky-w-node: devo-prod-web14.ali-a.osky.io
accept-ranges: bytes
cf-ray: 63418c09ab699c3f-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 thumb.jpg
cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/8e4c490/1496691555/ 1 KB
1 KB 564ms
562ms Image
image/webp 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/8e4c490/1496691555/thumb.jpg
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: 01a15e43f1530a3144d771a1b75725b5c6237f83ea836bbf290c4238c012cba3

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=1732
x-opensky-requestid: 605756ea3849dc170911e218
x-powered-by: PHP/7.3.11
content-type: image/webp
content-disposition: inline; filename="thumb.webp"
content-length: 1132
cf-request-id: 08fcd5da1100009c3fb703e000000001
x-osky-p-node: devo-prod-web16.ali-a.osky.io
x-mc-log-session: 62f7077059f588de0768b59e6b24fcf8
last-modified: Mon, 05 Jun 2017 19:39:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-varnish: 316310936
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=529478143
x-osky-w-node: devo-prod-web16.ali-a.osky.io
accept-ranges: bytes
cf-ray: 63418c09ab6a9c3f-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 thumb.jpg
cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/be714c3/1497299119/ 1 KB
1 KB 581ms
579ms Image
image/jpeg 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/be714c3/1497299119/thumb.jpg
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: 6eff32b57053e116c5bccf8ca9dd58da9e5ee424770268e0053178fa0f7b9214

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
x-opensky-requestid: 6058e48c53280c007c59cfa0
x-powered-by: PHP/7.3.11
cf-ray: 63418c09ab6b9c3f-AMS
content-length: 1199
cf-request-id: 08fcd5da1e00009c3fc380b000000001
x-osky-p-node: devo-prod-web12.ali-a.osky.io
x-mc-log-session: e4f37e2d5783fef85d5aeb3dafa0a134
last-modified: Mon, 12 Jun 2017 20:25:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 475070480
cache-control: public, max-age=529478143
x-osky-w-node: devo-prod-web12.ali-a.osky.io
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb.jpg
cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/4c6c4c2/1534519900/ 874 B
1 KB 543ms
541ms Image
image/webp 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings/images/4c6c4c2/1534519900/thumb.jpg
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: ebc2ec385d0435cf0f9ecdbd467e094ed588a3c52d224f2a354bddf4fc97c875

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=1493
x-opensky-requestid: 605756ea3b9eea49f63ce2c1
x-powered-by: PHP/7.3.11
content-type: image/webp
content-disposition: inline; filename="thumb.webp"
content-length: 874
cf-request-id: 08fcd5da1b00009c3fe9b80000000001
x-osky-p-node: devo-prod-web11.ali-a.osky.io
x-mc-log-session: 17a22ab5c115f02395b2cfd1fb2a7771
last-modified: Fri, 17 Aug 2018 15:31:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-varnish: 365987521
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=529478143
x-osky-w-node: devo-prod-web11.ali-a.osky.io
accept-ranges: bytes
cf-ray: 63418c09cb769c3f-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 price-widget Show response
widget.sezzle.com/v1/javascript/ 1017 B
1 KB 573ms
185ms Script
text/javascript 35.162.144.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/javascript/price-widget?uuid=8a1f70be-a583-4f4a-b763-241fd9481961

Requested by

Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.162.144.38 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-162-144-38.us-west-2.compute.amazonaws.com

Software

Resource Hash

575b13e32dfc766b8888610c7970780c0b41c2e8b52564108e773af1c84f9fc3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript
cache-control: private,max-age=900
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 523
x-xss-protection: 1; mode=block;

GET
H2 200 credit-card-logos.png
cdn1.ykso.co/img/ 10 KB
10 KB 56ms
55ms Image
image/png 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/img/credit-card-logos.png
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2fbba9b29e03bc95f82c719ccd3cd621b1557957be5ede1af60593879fa56d3

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 11546059
cf-polished: status=cannot_optimize
content-type: image/png
content-length: 9965
cf-request-id: 08fcd5da1c00009c3fde860000000001
last-modified: Tue, 14 Apr 2020 11:55:39 GMT
server: cloudflare
etag: "5e95a4bb-26ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 185795255
access-control-allow-origin: *
expires: Thu, 20 Mar 2031 18:40:11 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 63418c09cb779c3f-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 5f522ea30782481a4a4f7b0b.png
cdn1.ykso.co/image/cdn_image/ 19 KB
19 KB 57ms
56ms Image
image/webp 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/image/cdn_image/5f522ea30782481a4a4f7b0b.png?publicId=a05871e&filterName=original&cacheBuster=1467148600
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: 9bb0909bb5cd0ea049d7921eab7aafd9b83f9b3ea304c74724d1725bfe26dc1e

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=34853
age: 34127
x-opensky-requestid: 602dbeab25717721960a7d34
x-powered-by: PHP/7.3.11
cf-ray: 63418c09cb789c3f-AMS
content-disposition: inline; filename="5f522ea30782481a4a4f7b0b.webp"
content-length: 19302
cf-request-id: 08fcd5da1b00009c3fdbb62000000001
x-osky-p-node: devo-prod-web15.ali-a.osky.io
x-mc-log-session: 0fc8348c536d07559a7a8d482fd66ce2
last-modified: Fri, 04 Sep 2020 12:10:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-varnish: 322571781
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=529478144
x-osky-w-node: devo-prod-web15.ali-a.osky.io
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 5f522f76b2032561dc4812e4.png
cdn1.ykso.co/image/cdn_image/ 8 KB
8 KB 72ms
70ms Image
image/webp 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/image/cdn_image/5f522f76b2032561dc4812e4.png?publicId=3b272d5&filterName=original&cacheBuster=1467148600
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: 965db2c7e59eddc548f11a407826d4011bd1fb0548eb809aa520f0c028f6666e

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=24913
age: 73307
x-opensky-requestid: 601b1f2f702d882aae57ecb3
x-powered-by: PHP/7.3.11
cf-ray: 63418c09cb7a9c3f-AMS
content-disposition: inline; filename="5f522f76b2032561dc4812e4.webp"
content-length: 8160
cf-request-id: 08fcd5da1f00009c3fb7040000000001
x-osky-p-node: devo-prod-web17.ali-a.osky.io
x-mc-log-session: 7d635437b9046a6b37e65a51f48cf81b
last-modified: Fri, 04 Sep 2020 12:13:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-varnish: 589202120
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=529478144
x-osky-w-node: devo-prod-web17.ali-a.osky.io
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 logo.svg
cdn1.ykso.co/img/sites/morecommerce/ 4 KB
1 KB 76ms
75ms Image
image/svg+xml 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/img/sites/morecommerce/logo.svg
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf155d9ed3ebc0fb21a89a0e968fbaba6a346744bd7d650057ce3282c252ff5

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 10927652
content-encoding: gzip
cf-request-id: 08fcd5da1c00009c3fbd3d9000000001
x-varnish: 304710269
last-modified: Tue, 14 Apr 2020 11:55:39 GMT
server: cloudflare
etag: W/"5e95a4bb-10a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 63418c09cb7b9c3f-AMS
expires: Thu, 20 Mar 2031 18:40:11 GMT

GET
H2 200 email-decode.min.js Show response
www.gemafina.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
885 B 20ms
20ms Script
application/javascript 104.17.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gemafina.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.32.74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 22:16:23 GMT
server: cloudflare
etag: W/"60512e37-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 63418c09ae57c863-AMS
vary: Accept-Encoding
cf-request-id: 08fcd5da080000c8633aa45000000001
expires: Wed, 24 Mar 2021 18:40:11 GMT

GET
H2 200 jquery-require-5d31050.js Show response
cdn1.ykso.co/js/packed/components/ 225 KB
64 KB 62ms
59ms Script
application/javascript 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ykso.co/js/packed/components/jquery-require-5d31050.js
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a7fda3f284d86584c4b1e181cb02441f67364b9d40aff4555572fb244ceef79

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 11897939
cf-ray: 63418c09ab619c3f-AMS
cf-request-id: 08fcd5da1100009c3fc380a000000001
access-control-allow-origin: *
last-modified: Fri, 01 Feb 2019 16:25:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 643334533
via: 1.1 varnish (Varnish/5.2)
cache-control: public, max-age=315360000
content-type: application/javascript
expires: Thu, 20 Mar 2031 18:40:11 GMT

GET
H2 200 5a985040fa08eb1e702a9058-1609942478.js Show response
cdn1.ykso.co/asset/site/ 0
277 B 493ms
490ms Script
application/javascript 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ykso.co/asset/site/5a985040fa08eb1e702a9058-1609942478.js
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.11
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
cf-cache-status: MISS
x-opensky-requestid: 6058e48cfe511b7f4c797c72
x-powered-by: PHP/7.3.11
cf-ray: 63418c09ab629c3f-AMS
cf-request-id: 08fcd5da0f00009c3fb5bee000000001
x-osky-p-node: devo-prod-web16.ali-a.osky.io
x-mc-log-session: 42029a6fc60aef3c1ac5ace09a76d591
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 519668769
via: 1.1 varnish (Varnish/5.2)
cache-control: public, max-age=31536000
x-osky-w-node: devo-prod-web16.ali-a.osky.io
content-type: application/javascript
expires: Tue, 22 Mar 2022 18:40:12 GMT

GET
H2 200 FontAwesome.woff2
cdn1.ykso.co/fonts/font-awesome/ 12 KB
12 KB 463ms
462ms Font
application/octet-stream 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ykso.co/fonts/font-awesome/FontAwesome.woff2?ucgr151
Requested by: Host: cdn1.ykso.co
URL: https://cdn1.ykso.co/dist/css/packed/main/opensky-3423720.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d48fd8bedd0b7fba4f94f47fcb8dc6ac87253575081450925b38ebae236520b4

Request headers

Origin: https://www.gemafina.com
Referer: https://cdn1.ykso.co/dist/css/packed/main/opensky-3423720.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
cf-ray: 63418c09b9a0fa44-AMS
content-length: 12348
cf-request-id: 08fcd5da140000fa44fea50000000001
last-modified: Wed, 21 Oct 2020 07:52:01 GMT
server: cloudflare
etag: "5f8fe8a1-303c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 472320916
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
content-type: application/octet-stream
expires: Thu, 20 Mar 2031 18:40:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 149 KB
44 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KB6ZTRQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfa40cf974bf331081abe716aeb30496553eff176a6cd96b730b9f2f1908bb0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44863
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 18:07:03 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Mar 2021 18:40:11 GMT

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61529a1c708a76e057b5a5758d977ccf9c312d9c67cdbda7c92c857c4996eb3c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 osky-pdp-a8fc8e0.js Show response
cdn1.ykso.co/js/packed/modules/ 732 KB
202 KB 54ms
53ms Script
application/javascript 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ykso.co/js/packed/modules/osky-pdp-a8fc8e0.js
Requested by: Host: cdn1.ykso.co
URL: https://cdn1.ykso.co/js/packed/components/jquery-require-5d31050.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e27662134e4c70fbf79d10d4395709c236637ea5b51d86926c85f7711d2930

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2199282
cf-ray: 63418c0a5bc19c3f-AMS
cf-request-id: 08fcd5da7600009c3fdc955000000001
access-control-allow-origin: *
last-modified: Thu, 25 Feb 2021 07:39:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 231934655
via: 1.1 varnish (Varnish/5.2)
cache-control: public, max-age=315360000
content-type: application/javascript
expires: Thu, 20 Mar 2031 18:40:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB6ZTRQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4306
date: Mon, 22 Mar 2021 17:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 22 Mar 2021 19:28:25 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
938 B 35ms
21ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 319
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 22 Mar 2021 19:34:52 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 318
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Mon, 22 Mar 2021 19:34:53 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
195 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=445673153&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&dp=%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26utm_medium%3Dpromotionalutm_campaign%3DGemafina__DOTD__Daily&ul=en-us&de=UTF-8&dt=Buy%2018k%20White%20Gold%20Plated%20Swarovski%20Element%20Leverback%20Earrings%20by%20yeidid%20international%20on%20Gemafina&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEArAAAAAC~&jid=1107391185&gjid=138047137&cid=1147555352.1616438412&uid=5863fa4f485e6b10cf62fd8d&tid=UA-10162225-45&_gid=1042468833.1616438412&_r=1&gtm=2wg3a0KB6ZTRQ&cd1=non_buyer&cd8=5863fa4f485e6b10cf62fd8d&cd13=5iki99hb5u443vipdipknddham&z=1777134024

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gemafina.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-10162225-45&cid=1147555352.1616438412&jid=1107391185&uid=5863fa4f485e6b10cf62fd8d&gjid=138047137&_gid=1042468833.1616438412&_u=aGBAAEAqAAAAAC~&z=1596113193

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Mar 2021 18:40:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.gemafina.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content 26ecc0cb-d02d-48cf-94b8-9d659485bc18 Show response
js.logentries.com/v1/logs/ 0
202 B 143ms
32ms XHR
text/plain 176.34.134.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.logentries.com/v1/logs/26ecc0cb-d02d-48cf-94b8-9d659485bc18
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.134.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-134-163.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 22 Mar 2021 18:40:12 GMT
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
111 B 31ms
30ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-10162225-45&cid=1147555352.1616438412&jid=1107391185&_u=aGBAAEAqAAAAAC~&z=104529570

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
28ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-10162225-45&cid=1147555352.1616438412&jid=1107391185&_u=aGBAAEAqAAAAAC~&z=104529570

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content 26ecc0cb-d02d-48cf-94b8-9d659485bc18 Show response
js.logentries.com/v1/logs/ 0
202 B 32ms
32ms XHR
text/plain 176.34.134.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.logentries.com/v1/logs/26ecc0cb-d02d-48cf-94b8-9d659485bc18
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.134.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-134-163.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 22 Mar 2021 18:40:12 GMT
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
expires: 0

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 67ms
22ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: 1Q2S1CXPE2FQYVGB
x-cache: HIT
content-length: 11777
x-amz-id-2: mxeCgAmGAbCZ38EH0qrerPePKUVCWue9flVDCXeisNvTsLwhYsUDZAbqpatWXJNcJPg8rH7dDAA=
x-served-by: cache-hhn4071-HHN
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1616438412.416194,VS0,VE0
date: Mon, 22 Mar 2021 18:40:12 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 31217

GET
H2 200 logo.svg
cdn1.ykso.co/img/sites/11main/ 2 KB
950 B 36ms
35ms Image
image/svg+xml 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/img/sites/11main/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c5346c51e5351959e2f45164b59061a637ff0a22a91eec19f57d859589a3ff0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 2435580
content-encoding: gzip
cf-request-id: 08fcd5dc5300009c3fcfbba000000001
x-varnish: 988677997
last-modified: Wed, 21 Oct 2020 07:52:01 GMT
server: cloudflare
etag: W/"5f8fe8a1-7d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 63418c0d5d539c3f-AMS
expires: Thu, 20 Mar 2031 18:40:12 GMT

GET
H2 200 logo.svg
cdn1.ykso.co/img/sites/storenvy-steals/ 33 KB
4 KB 32ms
31ms Image
image/svg+xml 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/img/sites/storenvy-steals/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bf8afd71d68e3e408c898b4089be486d36b8bab25ea7e86feacbbc1af58a6ce

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 905129
content-encoding: gzip
cf-request-id: 08fcd5dc5300009c3fd73b7000000001
x-varnish: 170693421
last-modified: Wed, 21 Oct 2020 07:52:02 GMT
server: cloudflare
etag: W/"5f8fe8a2-8541"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 63418c0d5d559c3f-AMS
expires: Thu, 20 Mar 2031 18:40:12 GMT

GET
H2 200 logo.svg
cdn1.ykso.co/img/sites/dotandbo/ 2 KB
1 KB 28ms
28ms Image
image/svg+xml 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/img/sites/dotandbo/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70c856e53bac4f54e761adbb527386dd15c0a2875a4222d971c42928a313c514

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 11620140
content-encoding: gzip
cf-request-id: 08fcd5dc5300009c3fb705b000000001
x-varnish: 67863476
last-modified: Tue, 14 Apr 2020 11:55:39 GMT
server: cloudflare
etag: W/"5e95a4bb-986"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 63418c0d5d589c3f-AMS
expires: Thu, 20 Mar 2031 18:40:12 GMT

GET
H2 200 logo.svg
cdn1.ykso.co/img/sites/opensky/ 3 KB
2 KB 37ms
37ms Image
image/svg+xml 104.17.77.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ykso.co/img/sites/opensky/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.77.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e32439b6aa7dd5ed332df202018024741dab865fab6e28b814743b88147ef9

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 11727623
content-encoding: gzip
cf-request-id: 08fcd5dc5400009c3fe70a6000000001
x-varnish: 574947597
last-modified: Tue, 14 Apr 2020 11:55:39 GMT
server: cloudflare
etag: W/"5e95a4bb-d13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 63418c0d5d599c3f-AMS
expires: Thu, 20 Mar 2031 18:40:12 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 28 KB
9 KB 45ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB6ZTRQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:11 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref: Ref A: FDDD1254ECD5478A8EC86CFC7C0CE350 Ref B: FRAEDGE1521 Ref C: 2021-03-22T18:40:12Z
etag: "804e75f6fd11d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8562

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: ULtu+0WzcYKi+VYtErVsNKRNDWI98od2yDvKMaHWHHIMFZjNpmGYVyEqYE1KHY1ESTu7C9d7qdyPVE7vBToyDA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 22 Mar 2021 18:40:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ce4b838ae22711e5a84312db57d22bb5.js Show response
d22xmn10vbouk4.cloudfront.net/ 93 KB
22 KB 93ms
37ms Script
text/javascript 65.9.67.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22xmn10vbouk4.cloudfront.net/ce4b838ae22711e5a84312db57d22bb5.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB6ZTRQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 979e5b9071bc724db9a99becbb2f1a791caf48bc81ae8c36103d524e39e762d3

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 15:11:01 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:09:39 GMT
server: AmazonS3
age: 12552
etag: W/"e574adb450714fcbee8018b011fd53fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
cache-control: public, max-age=601
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Ir5XffqasAyz1MOHFMrEk_eNi7CLObns0HECJk66l7ga-WOE-Psyhw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 49ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49857
x-xss-protection: 0
server: cafe
etag: 11991498641368206346
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 18:40:12 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 34 KB
13 KB 83ms
32ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB6ZTRQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e2c0743ba1485334ad7b8a678ae6dce077443e6674329d859879623148fcd95c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13204
x-xss-protection: 0
server: cafe
etag: 4463060295041814852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 18:40:12 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: IHf0WCwJwLhXpySMgeSAFtF7HT/xtx8JwXwCB+b3yDWEa8fbkdV6U/FeHgqYLRjGPK7E4uWIPSvWFvxOTEhLRQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 22 Mar 2021 18:40:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 268504737041847 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 76ms
76ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/268504737041847?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c170482218e793d1a3da73fc642267cbea3ee4f0c296ad779291d0011b433c4e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Y6AwmpDz8jGVjdYi/OSIexV4LQMxgHwMkdYy8IorKfzzeOUBuQXU+GTX3qrn9uu0WrlEDDHwU6kgZdIOKshPXg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 22 Mar 2021 18:40:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
149 B 28ms
27ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4031604&tm=gtm001&Ver=2&mid=25c5716d-d565-40eb-ad7c-ac0ba6b627ae&sid=093dbbd08b3e11ebbbc92768e96200b9&vid=093e17508b3e11eba8375391a9658ed7&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Buy%2018k%20White%20Gold%20Plated%20Swarovski%20Element%20Leverback%20Earrings%20by%20yeidid%20international%20on%20Gemafina&p=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&r=&lt=2038&evt=pageLoad&msclkid=N&sv=1&rn=719743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 22 Mar 2021 18:40:11 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: E48E8ACBDB354BCBB697D5682CB08B4A Ref B: FRAEDGE1521 Ref C: 2021-03-22T18:40:12Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 69ms
56ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6535057103559538&plah=www.gemafina.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 18:40:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 62B7 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gemafina.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gemafina.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 18:01:35 GMT
expires: Mon, 05 Apr 2021 18:01:35 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 2317
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
tracking.sezzle.com/ Frame 48AD 412 B
1 KB 36ms
12ms Document
text/html 2600:9000:211e:1200:1c:eade:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.sezzle.com/

Requested by

Host: widget.sezzle.com
URL: https://widget.sezzle.com/v1/javascript/price-widget?uuid=8a1f70be-a583-4f4a-b763-241fd9481961

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:1200:1c:eade:2240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2459ae05713a8311fcf9d8dcbe6edf9cff1b73bbfde49e5948413f8e06ed0362

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tracking.sezzle.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gemafina.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gemafina.com/

Response headers

content-type: text/html
content-length: 412
last-modified: Tue, 12 Jan 2021 15:24:55 GMT
x-amz-version-id: ..l01oZIKMBZNjKjG1QflkP.gXFbrLHu
accept-ranges: bytes
server
strict-transport-security: max-age=15724800; includeSubDomains;
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Mon, 22 Mar 2021 17:50:39 GMT
cache-control: no-store, max-age=0
etag: "c9a7808df537688df8932fe33324efd2"
x-cache: Hit from cloudfront
via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: vzXwZ9Jvx5BdGsT3cVbfbLvv2R90t1A5vI--MBuf-oy7n1mSFvn-UA==
age: 5922

GET
H/1.1 200
OK 5fcd7e3d4b Show response
bam-cell.nr-data.net/1/ 57 B
657 B 178ms
146ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/5fcd7e3d4b?a=11062354&v=1208.49599aa&to=YFZRNxRSC0FSV0QIXlkccBYVRwpfHEdVDV1WUV8GOVQARg%3D%3D&rst=2160&ck=1&ref=https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings&ap=138&be=934&fe=2035&dc=1946&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1616438410325,%22n%22:0,%22f%22:227,%22dn%22:228,%22dne%22:244,%22c%22:244,%22s%22:257,%22ce%22:288,%22rq%22:288,%22rp%22:911,%22rpe%22:1033,%22dl%22:914,%22di%22:1946,%22ds%22:1946,%22de%22:1948,%22dc%22:2035,%22l%22:2035,%22le%22:2038%7D,%22navigation%22:%7B%7D%7D&fp=1487&fcp=1487&at=TBFSQVxIGE8%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 18:40:12 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 63418c0e4d3d0c79-AMS
cf-request-id: 08fcd5dcef00000c79cca06000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/808360416/ 3 KB
2 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/808360416/?random=1616438412487&cv=9&fst=1616438412487&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&ig=1&data=ecomm_prodid%3D569e83f44c3d6fd17d8b4b94%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D15.74&frm=0&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&tiba=Buy%2018k%20White%20Gold%20Plated%20Swarovski%20Element%20Leverback%20Earrings%20by%20yeidid%20international%20on%20Gemafina&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e7b81487e145d5e5146ec72eeb07ba0534c3e669f59d31ec454773eb41074c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 22ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=268504737041847&ev=PageView&dl=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&rl=&if=false&ts=1616438412512&sw=1600&sh=1200&ud[em]=22530451f2bb13e0361925b34baaa3a4018aab589589631e9ce571b49d1bc296&ud[fn]=d85135edba8dcf03d17144a635d198b461fb36cb5f34fd689bb5c6738911b20d&ud[ln]=cc505d3f030573e25853fea5a7bb4605722b3d14e0fabd615e09627d07f02301&ud[ct]=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&ud[st]=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&ud[zp]=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616438412510.840751840&it=1616438412400&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 22 Mar 2021 18:40:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 22ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=268504737041847&ev=ViewContent&dl=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&rl=&if=false&ts=1616438412519&cd[content_ids]=%5B%22569e83f44c3d6fd17d8b4b92%22%5D&cd[content_type]=product&sw=1600&sh=1200&ud[em]=22530451f2bb13e0361925b34baaa3a4018aab589589631e9ce571b49d1bc296&ud[fn]=d85135edba8dcf03d17144a635d198b461fb36cb5f34fd689bb5c6738911b20d&ud[ln]=cc505d3f030573e25853fea5a7bb4605722b3d14e0fabd615e09627d07f02301&ud[ct]=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&ud[st]=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&ud[zp]=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1616438412510.840751840&it=1616438412400&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 22 Mar 2021 18:40:12 GMT

GET
H2 200 main-1610465065938.js Show response
tracking.sezzle.com/ Frame 48AD 47 KB
17 KB 8ms
7ms Script
application/javascript 2600:9000:211e:1200:1c:eade:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.sezzle.com/main-1610465065938.js

Requested by

Host: tracking.sezzle.com
URL: https://tracking.sezzle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:1200:1c:eade:2240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

db667b41e50c0e0da64755781aa04a29008c8b59bcb2f24084967da8be8d7951

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tracking.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Rpk5OlHz6fYN15bZB7eYYyqHC84wRxJ4
content-encoding: gzip
x-content-type-options: nosniff
age: 6527
x-cache: Hit from cloudfront
date: Mon, 22 Mar 2021 18:32:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jan 2021 15:24:55 GMT
server
etag: W/"7ff190e857b3e2becf709682681897b8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
cache-control: no-store, max-age=0
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 9odRZvXTD7UmS0qknqzMfHi9E5bpkyegTvDyYwhduoXYKDbBVD02aw==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
640 B 113ms
60ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.gemafina.com&callback=_gfp_s_&client=ca-pub-6535057103559538

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6535057103559538&plah=www.gemafina.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

06189da43dc384d76f9f5fb187b10acefacac4c808e12fdf1e4886f0ea54495b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gemafina.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
243 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gemafina.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
38ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&tn=HEADER&id=header&cls=header%20header-top-stack-1&ign=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D772 54 B
337 B 116ms
116ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&adk=1812271804&adf=3025194257&lmt=1616438412&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&ea=0&flash=0&pra=5&wgl=1&dt=1616438412441&bpp=15&bdt=1201&idt=101&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4103805947432&frm=20&pv=2&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=119

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6535057103559538&output=html&adk=1812271804&adf=3025194257&lmt=1616438412&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&ea=0&flash=0&pra=5&wgl=1&dt=1616438412441&bpp=15&bdt=1201&idt=101&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4103805947432&frm=20&pv=2&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=119
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gemafina.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gemafina.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Mar 2021 18:40:12 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: IDE=AHWqTUmxNKosmqcjtjWEGdozWk1uzL4hC3MAkTOJoH6i1htSyQwUlNZaaA71Z4ckUEM; expires=Sat, 16-Apr-2022 18:40:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 18:40:12 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
32ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a4bb0b09c3cbbbb7ea787acbc96059c4331c8a90490ba281c576a344d26ea44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6622
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 22 Mar 2021 18:40:12 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6B3 86 KB
26 KB 671ms
670ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=800&slotname=3360408353&adk=4069893624&adf=4284122038&pi=t.ma~as.3360408353&w=300&lmt=1616438412&rafmt=12&psa=0&format=300x800&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&wgl=1&dt=1616438412457&bpp=13&bdt=1218&idt=111&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1276&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8448&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FioEP6y8J1&p=https%3A//www.gemafina.com&dtd=116

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79957e5bc9f2933cea9c192f9a19238c2cafc61efc9acfea2c3622b2c85af511

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjViavGxO8CFcPU3godz00L8Q&gqi=jORYYNvKI8qtzAbe8ZbACg&layout=/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6535057103559538&output=html&h=800&slotname=3360408353&adk=4069893624&adf=4284122038&pi=t.ma~as.3360408353&w=300&lmt=1616438412&rafmt=12&psa=0&format=300x800&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&wgl=1&dt=1616438412457&bpp=13&bdt=1218&idt=111&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1276&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8448&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FioEP6y8J1&p=https%3A//www.gemafina.com&dtd=116
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gemafina.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gemafina.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjViavGxO8CFcPU3godz00L8Q&gqi=jORYYNvKI8qtzAbe8ZbACg&layout=/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Mar 2021 18:40:13 GMT
server: cafe
content-length: 25734
x-xss-protection: 0
set-cookie: IDE=AHWqTUnu7iDU6rIA3Q7K6eXjHCAabLhIg6ZTWWuccoTdsN0Uipw7xHH7b_Jn3GxVbPI; expires=Sat, 16-Apr-2022 18:40:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 18:40:13 GMT
cache-control: private

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/808360416/ 42 B
530 B 51ms
36ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/808360416/?random=1616438412487&cv=9&fst=1616436000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&data=ecomm_prodid%3D569e83f44c3d6fd17d8b4b94%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D15.74&frm=0&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&tiba=Buy%2018k%20White%20Gold%20Plated%20Swarovski%20Element%20Leverback%20Earrings%20by%20yeidid%20international%20on%20Gemafina&async=1&fmt=3&is_vtc=1&random=107650053&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/808360416/ 42 B
530 B 49ms
34ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/808360416/?random=1616438412487&cv=9&fst=1616436000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&data=ecomm_prodid%3D569e83f44c3d6fd17d8b4b94%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D15.74&frm=0&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&tiba=Buy%2018k%20White%20Gold%20Plated%20Swarovski%20Element%20Leverback%20Earrings%20by%20yeidid%20international%20on%20Gemafina&async=1&fmt=3&is_vtc=1&random=107650053&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D63 59 KB
23 KB 526ms
526ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=250&slotname=5181073717&adk=2840091421&adf=2126487628&pi=t.ma~as.5181073717&w=300&fwrn=4&fwrnh=100&lmt=1616438412&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&dt=1616438412470&bpp=1&bdt=1231&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x800&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IX08eep8bY&p=https%3A//www.gemafina.com&dtd=126

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

006c0aca11ba9f69e3664abc9ea3daabb7fd37c6870849c49c0141e836c6dbae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6535057103559538&output=html&h=250&slotname=5181073717&adk=2840091421&adf=2126487628&pi=t.ma~as.5181073717&w=300&fwrn=4&fwrnh=100&lmt=1616438412&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&dt=1616438412470&bpp=1&bdt=1231&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x800&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IX08eep8bY&p=https%3A//www.gemafina.com&dtd=126
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gemafina.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gemafina.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Mar 2021 18:40:13 GMT
server: cafe
content-length: 23031
x-xss-protection: 0
set-cookie: IDE=AHWqTUlYKCBfmUdxFiCcgwntb1KqWYshke8ne3wbG2Xb9SmUMfbauIgHd9jTtrqAedE; expires=Sat, 16-Apr-2022 18:40:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 18:40:13 GMT
cache-control: private

GET
H2 200 price-widget Show response
widget.sezzle.com/v1/javascript/ 50 KB
16 KB 189ms
188ms Script
text/javascript 35.162.144.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/javascript/price-widget?uuid=8a1f70be-a583-4f4a-b763-241fd9481961&track_id=b8a8be10-b5cd-4607-bc8f-35108543f53d

Requested by

Host: widget.sezzle.com
URL: https://widget.sezzle.com/v1/javascript/price-widget?uuid=8a1f70be-a583-4f4a-b763-241fd9481961

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.162.144.38 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-162-144-38.us-west-2.compute.amazonaws.com

Software

Resource Hash

a4321968bf85319f71bd1cea8c65f10143878cc04571888e8d13d22be4d9c141

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: private,max-age=900
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-xss-protection: 1; mode=block;

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 22 Mar 2021 18:40:12 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame CB20 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gemafina.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gemafina.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 18:39:37 GMT
expires: Tue, 22 Mar 2022 18:39:37 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 35
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame CB20 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 84403
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 40ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210316&jk=1517410128517645&bg=!JSalJmLNAAbUo7L91KM7ACkAdvg8Wrac2b_VuZ6YMqcPgu7KweNEhiLS6UMv1BVUuW-GP2NvDEMISAIAAABoUgAAAAtoAQcKAK1TMavV0Nkcf0qglRKw1ivGUfxGaCf0SUUK11Mhsm1XbTHY7x931jGW1BNyCdEIz0nX626l9-oAg5oRGoXszwihQpcB0GoMM311AbTeGWq_f5G5MjYcVcazxPIt25WpyktHPrY_aebrC6sLABvkuZz5vVs5uj2zXOlSF466bNbdCRoi_i7K6JILyjZkRKXP_AgDqiXrt8xp3Kb60Z6oLu48u5DXPwcjV3IaDsDQHZkBxWUi2Gs26ZhEBpb4cxfCqgR8srTkp03XjzLsVqk07EBPtKF7vkyL-w6WCRh93zJk0M06H6-KXi0QQ3bfgWTRC5WlNd4bqC6MXW_J4Q0jvAH7-GNPJAiddBea7IAewf0z4qRJIpmawR5o-ozqAmaU11x4vCp7aQ2ireFxXhTs6L0M2i2wbjijYdqZbqfZiYQTVYWpjltgAlW_c3s2JH-LoJWiytJD4pBED8pQ-knYZZI5giOY0BmInDjNO7mTfx7qn6plcxhjZRYFRFQafu6XxeftFcRbChdiyuX2cgJ1IyXHgf6q-vrSExKCGKch6Q-mILkpS3plgGftiquIwpKHcFNOLjd9zWZqEt7oZcU17_Knr_5TkJPtwwq2FZCm-DZC_nWpw6oApjSLYAPQ_YhjfroSRpAnXaOkbtrOVodLddS8vFPxQHIU1xR9K4XWIqcN4uaRTxnwAtvvYN7meoAyUta4FCHsq8gxnNjwptFW9cdm664njOCJW3EF2MMLCTpHlhKCEJLbPvpdU0Psg1DGUYcC-LN5cjmECAfWOLgG79ASju0dxAbgIafAl4FMqt3UYog3XzVxrpi30qMXac_ZYQm84bt_Hg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ipdetails Show response
geoip.sezzle.com/v1/geoip/ 236 B
1 KB 574ms
188ms XHR
application/json 52.33.65.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip.sezzle.com/v1/geoip/ipdetails

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.33.65.38 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-65-38.us-west-2.compute.amazonaws.com

Software

Resource Hash

72e1607167152a053a31fc0894ccef0c1341834ab69514e4518666425759f5ad

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:13 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gemafina.com
access-control-allow-credentials: true
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 236
x-xss-protection: 1; mode=block;

POST
H2 200 /
www.facebook.com/tr/ 0
108 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary3HrQAO2TY3xaCWqY

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 22 Mar 2021 18:40:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.gemafina.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 18233870443628672173
tpc.googlesyndication.com/simgad/ Frame 5D63 43 KB
43 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18233870443628672173?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkQiqPUOdJCuVPTtlSyy2IeFlpImw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=250&slotname=5181073717&adk=2840091421&adf=2126487628&pi=t.ma~as.5181073717&w=300&fwrn=4&fwrnh=100&lmt=1616438412&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&dt=1616438412470&bpp=1&bdt=1231&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x800&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IX08eep8bY&p=https%3A//www.gemafina.com&dtd=126

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5a54d63ec13d1e2a8e6998d68ebefa5ad6cf268f9f7cd83d6139c82d4db504a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 13:50:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 08:46:15 GMT
server: sffe
age: 449390
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44117
x-xss-protection: 0
expires: Thu, 17 Mar 2022 13:50:23 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 5D63 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 18:38:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 5D63 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 18:38:17 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D63 117 KB
36 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Mon, 22 Mar 2021 18:40:13 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 5D63 12 KB
5 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 18:38:42 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 5D63 24 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae7ac02dac97a4d3cfc9e53b94b29e957300756be95d93ac7dbc5c1ff1bd4f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 15:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10336
x-xss-protection: 0
server: cafe
etag: 2466886026629934609
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 15:02:45 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D63 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Crbd9jORYYKv5JczbzQaqu6igApmYmfdhqaPM58oNrgIQASCh8YAlYJWKuILIB6ABh4O_9wPIAQKoAwHIA8kEqgSNA0_Q6S1QkhDLXzpqsVfXhilII-6VJKST82dVyjtZPzmezSFG9W14Nn1__9xZurleVkpZkt-f4y_WrjYIIm89G1ivISNWWUYZjSHXzM85GOaRzcwF5N5WUNEzNZrU4tvnxYD92isNvOyvQyK3oKFxPI5Br8fDjdZ9ZRLOlYXrBZxbdneWurzwCppqrVe4Tzz0zr0wwE_Rn8Xh80iZcgfjm0vfzYpt2o9z6CeZDNTH_mcl5ooU9GDOg6OtWMNJqwM4Y4fM3D7enlEIUdXwDJ7I-qfkjl2Que5az33vpO6HKT_vi7FzTPGRX9cE1QuWn-PPsWI0VGTORRvbW0OieMjPxTekyTJrDaFxw0FEkJnsLULqadmIoJyorZVd7c6-NckNErtGVQRdkxLfO96WK4fLX--t_h-u1lyXQNciX4k73X4dRMs_3fNZhtD-NaP_d1oVixWox7UzYm5LtowVO-Tywr78RgI6srwN7aYwAEwyiRZkejbcCYHKKIlDCdWXxsP3q0viQKD21Hyqb-6grmDABKTz-InPA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfk9JeJAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBRDSiNUB0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTY1MzUwNTcxMDM1NTk1Mzg&sigh=qMjjS2SDsA0&tpd=AGWhJmu_NSiBPRg_emDxpzKH00oqwpKrLvBGK8Q-FBNhqF9pyA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=250&slotname=5181073717&adk=2840091421&adf=2126487628&pi=t.ma~as.5181073717&w=300&fwrn=4&fwrnh=100&lmt=1616438412&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&dt=1616438412470&bpp=1&bdt=1231&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x800&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IX08eep8bY&p=https%3A//www.gemafina.com&dtd=126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 22 Mar 2021 18:40:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86F6 143 B
216 B 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=250&slotname=5181073717&adk=2840091421&adf=2126487628&pi=t.ma~as.5181073717&w=300&fwrn=4&fwrnh=100&lmt=1616438412&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&dt=1616438412470&bpp=1&bdt=1231&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x800&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IX08eep8bY&p=https%3A//www.gemafina.com&dtd=126
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlYKCBfmUdxFiCcgwntb1KqWYshke8ne3wbG2Xb9SmUMfbauIgHd9jTtrqAedE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=250&slotname=5181073717&adk=2840091421&adf=2126487628&pi=t.ma~as.5181073717&w=300&fwrn=4&fwrnh=100&lmt=1616438412&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&dt=1616438412470&bpp=1&bdt=1231&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x800&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IX08eep8bY&p=https%3A//www.gemafina.com&dtd=126

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Mar 2021 18:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1013
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2F19 1 KB
854 B 7ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 03:14:09 GMT
expires: Tue, 23 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 55564
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2F19 35 B
463 B 27ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPoi6EGVgxRczsa4VvyDwjM&google_cver=1&google_push=AQvitUIg7tps361tnO5VJLEbyifvO3jIJEB7lecgDBKif2Qoy96Z3-8W-QYM9YQl6tyEvNe1lcg6a_EmKtNGBg1kK6inH8fd

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2F19
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJ95kvONfdRmmofViay2v5xRnmi93rC94HgB6d...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUZqa2pRQUFBSWR0ZmlIWg&google_push=AQvitUJ95kvONfdRmmofViay2v5xRnmi93rC94HgB6dt5ApJ1AR4CXaUCROhQtE2VT1R02yGhEu73I_O4kDLeh1TZDk2WKm-bw

170 B
190 B

79ms
51ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUZqa2pRQUFBSWR0ZmlIWg&google_push=AQvitUJ95kvONfdRmmofViay2v5xRnmi93rC94HgB6dt5ApJ1AR4CXaUCROhQtE2VT1R02yGhEu73I_O4kDLeh1TZDk2WKm-bw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUZqa2pRQUFBSWR0ZmlIWg&google_push=AQvitUJ95kvONfdRmmofViay2v5xRnmi93rC94HgB6dt5ApJ1AR4CXaUCROhQtE2VT1R02yGhEu73I_O4kDLeh1TZDk2WKm-bw
Date: Mon, 22 Mar 2021 18:40:13 GMT
Server: Apache
Connection: keep-alive
Content-Length: 389
Content-Type: text/html; charset=iso-8859-1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2F19
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECsgwMRMAvgCySeCClpStmg&google_cver=1&google_push=AQvitUIpV847VEW_hTmU63GhSmWSOfLO_o2QWERc-mPHuv6U1PbLERvBiDwInFmHhieXWo2yyvdZ-a7_R5a_Dc-D_L3TGi8qkw
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VDc2d3TVJNQXZnQ3lTZUNDbHBTdG1n

170 B
484 B

75ms
45ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VDc2d3TVJNQXZnQ3lTZUNDbHBTdG1n

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 18:40:12 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VDc2d3TVJNQXZnQ3lTZUNDbHBTdG1n
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2F19
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKfGMmc8G_mbgeV1xfiwsydOoNYZkIx1FK8JJvJDzKdKNC15IikF1Vce_9fbt7nLa7DlfBjejWTAMjtIiTK2bCr5N-wjg&google_gid=CAESEAiAKixfrOxYs7gzeYsPzxo&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCI3J44IGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BUXZpdFVLZkdNbWM4R19tYmdlVjF4Zml3c3lkT29OWVprSXgxRks4Skp2SkR6S2RLTkMxNUlpa0YxVmNlXzlmYnQ3bkxhN0RsZkJqZWpXVEFNanRJaV...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVGVWNHRodTBqeUw1QzRpYXYxTTNUQVFRSmNhVF94YkcxQWlHWUxmaU5kWQ==&google_push

170 B
190 B

75ms
46ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVGVWNHRodTBqeUw1QzRpYXYxTTNUQVFRSmNhVF94YkcxQWlHWUxmaU5kWQ==&google_push

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Mar 2021 18:40:13 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVGVWNHRodTBqeUw1QzRpYXYxTTNUQVFRSmNhVF94YkcxQWlHWUxmaU5kWQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 2F19 43 B
324 B 61ms
23ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEP1a44A6lL6EFVVZyGN5VDQ&google_push=AQvitUILF0CarnnhyOFDLNrOxPAhpRzjsbV625P2UTm6PZf8ylA9uXpHVtUgGCqBiBr_rhCqN_UHDOncHx-wpZXGe8AjSI_h&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=250&slotname=5181073717&adk=2840091421&adf=2126487628&pi=t.ma~as.5181073717&w=300&fwrn=4&fwrnh=100&lmt=1616438412&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&dt=1616438412470&bpp=1&bdt=1231&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x800&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IX08eep8bY&p=https%3A//www.gemafina.com&dtd=126
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:13 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 2F19 43 B
296 B 62ms
19ms Image
image/gif 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGBjcuh4FHsbkPEfgBgZkvY&google_cver=1&google_push=AQvitUJexWq_U0TAXZ0FPFw-9sNqhWQsAgkDQp29tzKacZ3mRFGQ-BTUIMlq7LWvcuewIvd1aA81tpIqsZJk9Go_YkVA1rwf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=250&slotname=5181073717&adk=2840091421&adf=2126487628&pi=t.ma~as.5181073717&w=300&fwrn=4&fwrnh=100&lmt=1616438412&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&dt=1616438412470&bpp=1&bdt=1231&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x800&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IX08eep8bY&p=https%3A//www.gemafina.com&dtd=126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:13 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2F19
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELaT6q-NLfW2zhTIOwjEU_A&google_cver=1&google_push=AQvitUJ7OhJAM1GHdhTl87nd...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ7OhJAM1GHdhTl87ndLBpt6Ce-Xm-FG-OEYdpFPOFgMsAMPNC8ugUJrSz22R74tg_N5yqpKaF2X6SebeCu56trB9F23Bk&google_hm=

170 B
190 B

32ms
32ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ7OhJAM1GHdhTl87ndLBpt6Ce-Xm-FG-OEYdpFPOFgMsAMPNC8ugUJrSz22R74tg_N5yqpKaF2X6SebeCu56trB9F23Bk&google_hm=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:13 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ7OhJAM1GHdhTl87ndLBpt6Ce-Xm-FG-OEYdpFPOFgMsAMPNC8ugUJrSz22R74tg_N5yqpKaF2X6SebeCu56trB9F23Bk&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sun, 21 Mar 2021 18:40:13 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2F19 0
227 B 91ms
35ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISRBk6WaOeoIXKoH3OTvkl7daoJA_g_VwHVWOnUp7ngnFr0Yih8XQEQqZa69jIJM7-tRySIw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:13 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86F6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

40ms
40ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlYKCBfmUdxFiCcgwntb1KqWYshke8ne3wbG2Xb9SmUMfbauIgHd9jTtrqAedE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 18:40:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 22-Mar-2021 19:40:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 18:40:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 18:40:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5D63 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe8a2ba6849d61b4a362e284652ff2aa7a324281e4a800acc2d1df102859e866

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame C6B3 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=800&slotname=3360408353&adk=4069893624&adf=4284122038&pi=t.ma~as.3360408353&w=300&lmt=1616438412&rafmt=12&psa=0&format=300x800&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&wgl=1&dt=1616438412457&bpp=13&bdt=1218&idt=111&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1276&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8448&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FioEP6y8J1&p=https%3A//www.gemafina.com&dtd=116

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2258
date: Mon, 22 Mar 2021 18:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 22 Mar 2021 20:02:35 GMT

GET
H3-Q050 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C6B3 84 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 11:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 11:14:53 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1833 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 84404
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame C6B3 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 18:38:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame C6B3 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 18:38:17 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6B3 117 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:40:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Mon, 22 Mar 2021 18:40:13 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame C6B3 12 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 18:38:42 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame C6B3 24 KB
24 KB 29ms
6ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQHXmFZotD_W6UGxiwFhKcB9WLZsO1AOA71oSedAYStrN_DOPc3_M6cDMq-8oY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e2b7043baa60568c1bd9f437c5f1d743b8d654f53ced8fd6bf6238ea71f8e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:17:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 08:00:03 GMT
server: sffe
age: 44588
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24637
x-xss-protection: 0
expires: Tue, 22 Mar 2022 06:17:05 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame C6B3 25 KB
25 KB 37ms
12ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRzvk5oHteY3oSoVDrDAuPFj0lbd_EYvLGUzSr977E-7DTCHqTnEBWmXc9gAOI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06fd4d06a80c418c4b9d524d82c825e6bc5ea5e8ca25e8e6a196ecfea99be6a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 17:38:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2019 16:35:59 GMT
server: sffe
age: 262876
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25093
x-xss-protection: 0
expires: Sat, 19 Mar 2022 17:38:57 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame C6B3 16 KB
17 KB 31ms
7ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRfkOvw43NRdY9Oa6hLTF441ETHj198IzW_XmqoAIU_AvuGK5sNJZV4ppKUeQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3b1d7109d46befc1066c2ee9bbb90f253a6ffb8ac96801116e98a13a255517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 11:43:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 20 Dec 2020 01:13:08 GMT
server: sffe
age: 456988
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16624
x-xss-protection: 0
expires: Thu, 17 Mar 2022 11:43:45 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C6B3 19 KB
19 KB 15ms
10ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSvHtKWqbQoutN73_dQc9W1MclzmqW3q0n3WsHiMaXt7qqORMup2DJg_Jy2OA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7cac58e57bd6674aaa4aa24bf3fae773dcc21d93c5c3436377890b7bd754fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 19:54:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 09:50:23 GMT
server: sffe
age: 513917
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18995
x-xss-protection: 0
expires: Wed, 16 Mar 2022 19:54:56 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C6B3 29 KB
29 KB 17ms
13ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSt2K8jJEM2YzTzOk9tAd0hAPJUklbegkZOabDNzyR46pP3gTA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d694894966c7f5afa4a385050f69eaee5cfa721a769604c445572e556430e84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:37:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2019 16:35:07 GMT
server: sffe
age: 7386
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30070
x-xss-protection: 0
expires: Tue, 22 Mar 2022 16:37:07 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame C6B3 22 KB
22 KB 40ms
17ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSY9sZVFiW_abfxMqbZWDpG4QSd29POD11-Twu5I9VWpcgmh6WZVUtYBWNnnQo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae8ed491ed84b8c9e256e3f67f618bc24383dd3ae0e8b7bb74c4164dc30a8526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 16:02:43 GMT
x-content-type-options: nosniff
last-modified: Sat, 19 Dec 2020 09:52:12 GMT
server: sffe
age: 527850
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22313
x-xss-protection: 0
expires: Wed, 16 Mar 2022 16:02:43 GMT

GET
H3-Q050 200 10248613508429122157
tpc.googlesyndication.com/simgad/ Frame C6B3 6 KB
7 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10248613508429122157

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a10555f86d9e4efa75fa7db4e0c612f5417b5080732ae4ddbb76e53357bffc05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:50:55 GMT
x-content-type-options: nosniff
age: 341358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6601
x-xss-protection: 0
last-modified: Tue, 17 Nov 2015 18:31:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 19:50:55 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6B3 0
0 45ms
44ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3gEOjORYYMjfJMOp-wbPm62ID7X5gKth0vq3iLwH3O3684sOEAEgofGAJWCViriCyAegAZTZtOIDyAEJqAMByANKqgSPA0_QkDKrSWOhWT1zudIPjFSqVTp9AEemYdEeD29r9gKcslwfqfuxUtX61MlAErn6WSACAVg05FiocpQXXRnqy4Mjgtx0J5SSSkTEArs5mMY3YMdmYYQtpKQaFD78p11-iEJrEyJ4n9jxOl_ESeClwTsFuWMdamuXrL2jXL3FH4VnyGE76q21S33x7DpQEO_3b46S7EhUdEjJ068wUiVLxC0Spl6ekNOa0aAgLhZq6yynMzJR2iBGV1zxeq8jQvj6geg3NyY5nWINvKRngxDO9pGd924dZqMr73IT-cwIMQlwd8fHHLhMPYH5M7_hRMILSR0LGdJdZCgZGP02ATyFBvvxW85AehxW_W6XCPieeTm9Nx7RU5QpAfa-MPPOcWIiGFA6YOUVWppWc9fqKD_AHS0Tmy_10FdXIFf8l-WsM5NW6HVlQEtfGf-Wi6UAfmZusJqRmxyYJ4Vv6ZEBISPsQgZ6U6Lr3YZzntWmloSWK3QMbeeVgs-LxmX5EkUynvP8xltBx5KySmO9RZEAqy8kAcAEvrydr9cBkgUECAQYAZIFBAgFGASgBi6AB9Smyx2oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEPv62wTSCAkIgOGAEBABGB-ACgHICwHYEwuyFxoKGAgAEhRwdWItNjUzNTA1NzEwMzU1OTUzOA&sigh=lFPh3NodL78&template_id=311&tpd=AGWhJmsH_32-wkjDXRdgrJ2BL7CFnXTjFL_q1-9uMUDQQ7aodA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=800&slotname=3360408353&adk=4069893624&adf=4284122038&pi=t.ma~as.3360408353&w=300&lmt=1616438412&rafmt=12&psa=0&format=300x800&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&wgl=1&dt=1616438412457&bpp=13&bdt=1218&idt=111&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1276&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8448&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FioEP6y8J1&p=https%3A//www.gemafina.com&dtd=116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 22 Mar 2021 18:40:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F944 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=800&slotname=3360408353&adk=4069893624&adf=4284122038&pi=t.ma~as.3360408353&w=300&lmt=1616438412&rafmt=12&psa=0&format=300x800&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&wgl=1&dt=1616438412457&bpp=13&bdt=1218&idt=111&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1276&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8448&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FioEP6y8J1&p=https%3A//www.gemafina.com&dtd=116
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnu7iDU6rIA3Q7K6eXjHCAabLhIg6ZTWWuccoTdsN0Uipw7xHH7b_Jn3GxVbPI; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6535057103559538&output=html&h=800&slotname=3360408353&adk=4069893624&adf=4284122038&pi=t.ma~as.3360408353&w=300&lmt=1616438412&rafmt=12&psa=0&format=300x800&url=https%3A%2F%2Fwww.gemafina.com%2Fyeidid-international%2Fproduct%2Fbrase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings%3Futm_source%3Dcordial%26loginUserIdKey%3DcFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0%3D%26max_discount%3D1%26gemf_campaign%3DGemafina__DOTD__Daily%26utm_campaign%3DGemafina__DOTD__Daily%26utm_medium%3Dpromotional&flash=0&wgl=1&dt=1616438412457&bpp=13&bdt=1218&idt=111&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4103805947432&frm=20&pv=1&ga_vid=1147555352.1616438412&ga_sid=1616438413&ga_hid=445673153&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1276&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731610%2C182982100%2C31060047%2C44739387&oid=3&pvsid=1517410128517645&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8448&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FioEP6y8J1&p=https%3A//www.gemafina.com&dtd=116

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Mar 2021 18:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1013
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame C6B3 0
111 B 41ms
41ms Other
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjViavGxO8CFcPU3godz00L8Q&gqi=jORYYNvKI8qtzAbe8ZbACg&layout=/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C6B3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48f5be570d9da1dbf4585d833d0ff0c5885589901ef58622b4c1abb14368add5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F944
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

39ms
39ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnu7iDU6rIA3Q7K6eXjHCAabLhIg6ZTWWuccoTdsN0Uipw7xHH7b_Jn3GxVbPI; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 18:40:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 22-Mar-2021 19:40:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 18:40:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 18:40:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame A5F3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 84404
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6B3 42 B
501 B 63ms
45ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_a_U9FyWy02vL6cFuik9nM-_uKKcQgoSuVGeuiQGi0TxosScbIumukpTkW0VZLHZDh6Izd-ivMCwM--VkwN0kQxEk6G8HKG4Ki7TqUezbKzIKi0HiiGpsDTU1sA&sai=AMfl-YT4SOM0tyV_t6mQ37ig7MJ1xRyCHtXCRwlyh7_5cQq27dAQ0vPSQSbhgNh9rtws9t6fS4kwb1DUDpEb1NZdTYXxM_88rYZcrww&sig=Cg0ArKJSzKv9WsqbASf7EAE&cid=CAASF-Rov1z56OUqZSPEsJiljnaSD0x3EHms&id=osdim&mcvt=1000&p=229,1276,1029,1576&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210319&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=21&adk=4069893624&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616438412575&dlt=687&rpt=61&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 18:40:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 5fcd7e3d4b Show response
bam-cell.nr-data.net/events/1/ 24 B
492 B 187ms
186ms XHR
image/gif 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/5fcd7e3d4b?a=11062354&v=1208.49599aa&to=YFZRNxRSC0FSV0QIXlkccBYVRwpfHEdVDV1WUV8GOVQARg%3D%3D&rst=12160&ck=1&ref=https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings
Requested by: Host: www.gemafina.com
URL: https://www.gemafina.com/yeidid-international/product/brase59-18kt-white-gold-plated-graduated-swarovski-elements-crystal-leverback-earrings?utm_source=cordial&loginUserIdKey=cFFlYVZPV3hPdzF1c1ZHd2dndTh6ak80MDdFWmdaZE1tRnlYbk9Yek8wND0=&max_discount=1&gemf_campaign=Gemafina__DOTD__Daily&utm_campaign=Gemafina__DOTD__Daily&utm_medium=promotional
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.gemafina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 22 Mar 2021 18:40:22 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.gemafina.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 63418c4c9e690c79-AMS
Content-Length: 24
cf-request-id: 08fcd603eb00000c7987118000000001

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gemafina.com/	1970-01-19 17:02:04	Name: _gid Value: GA1.2.1042468833.1616438412
.gemafina.com/	1970-01-20 10:31:50	Name: _ga Value: GA1.2.1147555352.1616438412
.gemafina.com/	1970-01-19 17:00:38	Name: _gat_UA-10162225-45 Value: 1
.gemafina.com/	1970-01-19 19:10:14	Name: _gcl_au Value: 1.1.434274668.1616438412
www.gemafina.com/	1969-12-31 23:59:59	Name: attrSessId Value: 6058e48b9218c60ac136e6e9
.gemafina.com/	1970-01-19 17:43:50	Name: __cfduid Value: d80d98e4086c40ea7865e22f4dcbe685f1616438410
www.gemafina.com/	1969-12-31 23:59:59	Name: session Value: 5iki99hb5u443vipdipknddham
www.gemafina.com/yeidid-international/product	1969-12-31 23:59:59	Name: b56a05fbe8d24b293b9c5dd2004aecda Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 268504737041847.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
bam-cell.nr-data.net
bat.bing.com
cdn1.ykso.co
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.agkn.com
d22xmn10vbouk4.cloudfront.net
e.e.ykso.co
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
geoip.sezzle.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
js-agent.newrelic.com
js.logentries.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tracking.sezzle.com
widget.sezzle.com
www.facebook.com
www.gemafina.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
104.17.32.74
104.17.77.75
142.250.185.98
142.250.186.130
151.101.114.110
162.247.243.146
172.217.23.98
176.34.134.163
217.182.200.20
2600:9000:211e:1200:1c:eade:2240:93a1
2606:4700::6812:497f
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c01::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8101:f6ab:342:7837:ce6e
34.98.67.61
35.162.144.38
35.244.174.68
52.28.108.245
52.33.65.38
63.33.127.66
65.9.67.86
006c0aca11ba9f69e3664abc9ea3daabb7fd37c6870849c49c0141e836c6dbae
01a15e43f1530a3144d771a1b75725b5c6237f83ea836bbf290c4238c012cba3
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06189da43dc384d76f9f5fb187b10acefacac4c808e12fdf1e4886f0ea54495b
06fd4d06a80c418c4b9d524d82c825e6bc5ea5e8ca25e8e6a196ecfea99be6a7
0861357152ff93697353666c5b66ff3eef48ab6bd56d24d71b6b3d22300d70e7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
147b9c6de118749d09d48577aaa43b44e5076622b27ccef2643907306b75ee9f
1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2459ae05713a8311fcf9d8dcbe6edf9cff1b73bbfde49e5948413f8e06ed0362
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c
2bc688e6107076fc088e8440254cb994c0d51a5f4638aeebe4862afdf452f20a
2bf8afd71d68e3e408c898b4089be486d36b8bab25ea7e86feacbbc1af58a6ce
2c5346c51e5351959e2f45164b59061a637ff0a22a91eec19f57d859589a3ff0
2c5a98f77e9516f40f64a2f722439753be20901df1986c02cae5daa8a83e2d2c
2cf155d9ed3ebc0fb21a89a0e968fbaba6a346744bd7d650057ce3282c252ff5
3b3b1d7109d46befc1066c2ee9bbb90f253a6ffb8ac96801116e98a13a255517
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3c40e0d562c6450fc212b78cdcf66c4bf65fb48c5c2f3c37c6773c7376d17dca
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
41896ea2af8eae633c1905b7ff8dfa67636a31358b25661ebb52a06e5cc335ce
48f5be570d9da1dbf4585d833d0ff0c5885589901ef58622b4c1abb14368add5
4a4bb0b09c3cbbbb7ea787acbc96059c4331c8a90490ba281c576a344d26ea44
4a7fda3f284d86584c4b1e181cb02441f67364b9d40aff4555572fb244ceef79
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea76c871e22a5d22d241a6655766887dab48d613c2f7a1e4808f9f2665b162c
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
575b13e32dfc766b8888610c7970780c0b41c2e8b52564108e773af1c84f9fc3
593bd59056d04585a5263c91f11d2440793d46030d13fed50434890219748bc8
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
61529a1c708a76e057b5a5758d977ccf9c312d9c67cdbda7c92c857c4996eb3c
6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6eff32b57053e116c5bccf8ca9dd58da9e5ee424770268e0053178fa0f7b9214
70c856e53bac4f54e761adbb527386dd15c0a2875a4222d971c42928a313c514
72e1607167152a053a31fc0894ccef0c1341834ab69514e4518666425759f5ad
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
79957e5bc9f2933cea9c192f9a19238c2cafc61efc9acfea2c3622b2c85af511
839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e7b81487e145d5e5146ec72eeb07ba0534c3e669f59d31ec454773eb41074c
911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
965db2c7e59eddc548f11a407826d4011bd1fb0548eb809aa520f0c028f6666e
979e5b9071bc724db9a99becbb2f1a791caf48bc81ae8c36103d524e39e762d3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9bb0909bb5cd0ea049d7921eab7aafd9b83f9b3ea304c74724d1725bfe26dc1e
9d694894966c7f5afa4a385050f69eaee5cfa721a769604c445572e556430e84
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10555f86d9e4efa75fa7db4e0c612f5417b5080732ae4ddbb76e53357bffc05
a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5
a26ac93994296f80e2265b345403a4eaf4a9d8c691f9827c07bddad96e26f22c
a2fbba9b29e03bc95f82c719ccd3cd621b1557957be5ede1af60593879fa56d3
a4321968bf85319f71bd1cea8c65f10143878cc04571888e8d13d22be4d9c141
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e32439b6aa7dd5ed332df202018024741dab865fab6e28b814743b88147ef9
a9909a7c4dd4438756e4b4be26995edb66c619cce1735121d658a388e765e56d
ae7ac02dac97a4d3cfc9e53b94b29e957300756be95d93ac7dbc5c1ff1bd4f8f
ae8ed491ed84b8c9e256e3f67f618bc24383dd3ae0e8b7bb74c4164dc30a8526
b2e27662134e4c70fbf79d10d4395709c236637ea5b51d86926c85f7711d2930
bd0ccdfeb27fe7b6fc022f02f464c9a1bf08ca24ea0ae5a0ab7f0c9c2e7513d2
c170482218e793d1a3da73fc642267cbea3ee4f0c296ad779291d0011b433c4e
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cad827e249e99ce48c3883ffcc3dc14dbc294603927f6640cea4c6336f0f3417
d48fd8bedd0b7fba4f94f47fcb8dc6ac87253575081450925b38ebae236520b4
d7cac58e57bd6674aaa4aa24bf3fae773dcc21d93c5c3436377890b7bd754fd3
daa501d47dfaa358b703a25bfc8afa7d4c27ed88d5cf7a704dfe2d386ec5325e
db667b41e50c0e0da64755781aa04a29008c8b59bcb2f24084967da8be8d7951
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa40cf974bf331081abe716aeb30496553eff176a6cd96b730b9f2f1908bb0e
e2c0743ba1485334ad7b8a678ae6dce077443e6674329d859879623148fcd95c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a54d63ec13d1e2a8e6998d68ebefa5ad6cf268f9f7cd83d6139c82d4db504a
ebc2ec385d0435cf0f9ecdbd467e094ed588a3c52d224f2a354bddf4fc97c875
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f8e2b7043baa60568c1bd9f437c5f1d743b8d654f53ced8fd6bf6238ea71f8e8
fe8a2ba6849d61b4a362e284652ff2aa7a324281e4a800acc2d1df102859e866

www.gemafina.com Open in urlscan Pro 104.17.32.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

98 %HTTPS

61 %IPv6

26 Domains

37 Subdomains

37 IPs

6 Countries

1323 kBTransfer

3666 kBSize

8 Cookies

14 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gemafina.com Open in urlscan Pro
104.17.32.74 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

98 %
HTTPS

61 %
IPv6

26
Domains

37
Subdomains

37
IPs

6
Countries

1323 kB
Transfer

3666 kB
Size

8
Cookies

117 HTTP transactions
1 data transactions