medmen.com Open in urlscan Pro
107.162.232.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://medmen.com/
Effective URL:
https://medmen.com/
Submission: On October 13 via api (October 13th 2022, 2:44:15 am UTC) from US — Scanned from DE

Summary HTTP 125 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 25 domains to perform 125 HTTP transactions. The main IP is 107.162.232.205, located in United States and belongs to DEFENSE-NET, US. The main domain is medmen.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 4th 2021. Valid for: a year.

This is the only time medmen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	107.162.232.205 107.162.232.205	55002 (DEFENSE-NET) (DEFENSE-NET)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	169.47.214.218 169.47.214.218	36351 (SOFTLAYER) (SOFTLAYER)
3	34.225.222.245 34.225.222.245	14618 (AMAZON-AES) (AMAZON-AES)
11	2600:9000:214... 2600:9000:214f:ba00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
5	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	65.9.66.91 65.9.66.91	16509 (AMAZON-02) (AMAZON-02)
2 6	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
2	95.101.27.14 95.101.27.14	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.65 143.204.215.65	16509 (AMAZON-02) (AMAZON-02)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	52.28.103.172 52.28.103.172	16509 (AMAZON-02) (AMAZON-02)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
12	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.214.218.48 18.214.218.48	14618 (AMAZON-AES) (AMAZON-AES)
2	154.59.122.74 154.59.122.74	174 (COGENT-174) (COGENT-174)
4 10	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 4	52.51.145.228 52.51.145.228	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	193.0.160.33 193.0.160.33	54312 (ROCKETFUEL) (ROCKETFUEL)
2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	52.214.159.83 52.214.159.83	16509 (AMAZON-02) (AMAZON-02)
2	52.236.186.217 52.236.186.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
125	34

26 107.162.232.205 (United States) 1 redirects

ASN55002 (DEFENSE-NET, US)

medmen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.47.214.218 (United States)

ASN36351 (SOFTLAYER, US)
PTR: da.d6.2fa9.ip4.static.sl-reverse.com

medmen.usablenet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.225.222.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-222-245.compute-1.amazonaws.com

514012152.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:214f:ba00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-91.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

8869459.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.27.14 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-14.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.103.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-103-172.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.218.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-218-48.compute-1.amazonaws.com

bk.adprimemedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.59.122.74 (United States)

ASN174 (COGENT-174, US)

acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 66.155.71.150 (Portsmouth, United Kingdom) 4 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.51.145.228 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-145-228.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.0.160.33 (United States)

ASN54312 (ROCKETFUEL, US)

medmen.netmng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.contentful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.159.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-159-83.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.236.186.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	medmen.com 1 redirects medmen.com	2 MB
12	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 993	11 KB
11	doubleclick.net 2 redirects 8869459.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 pubads.g.doubleclick.net — Cisco Umbrella Rank: 446	5 KB
11	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3916	307 KB
8	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 1662 consumer.krxd.net — Cisco Umbrella Rank: 2206 beacon.krxd.net — Cisco Umbrella Rank: 528	183 KB
7	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 362 fonts.googleapis.com — Cisco Umbrella Rank: 44 www.googleapis.com — Cisco Umbrella Rank: 29	188 KB
6	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3534	649 B
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	63 KB
5	google.de 2 redirects www.google.de — Cisco Umbrella Rank: 6045 adservice.google.de — Cisco Umbrella Rank: 8724	2 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	basis.net 4 redirects pixel-a.basis.net — Cisco Umbrella Rank: 18309	264 B
4	netmng.com medmen.netmng.com	5 KB
4	bidr.io 2 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6919	2 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 789 vars.hotjar.com — Cisco Umbrella Rank: 916	72 KB
3	serving-sys.com secure-ds.serving-sys.com — Cisco Umbrella Rank: 1907 bs.serving-sys.com — Cisco Umbrella Rank: 1148	23 KB
3	igodigital.com 514012152.collect.igodigital.com nova.collect.igodigital.com — Cisco Umbrella Rank: 4831	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	151 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 770	281 B
2	contentful.com cdn.contentful.com — Cisco Umbrella Rank: 9087	1 KB
2	acuityplatform.com acuityplatform.com — Cisco Umbrella Rank: 1236	1012 B
2	adprimemedia.net bk.adprimemedia.net	2 KB
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 632	521 B
2	usablenet.com medmen.usablenet.com	2 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9732	2 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 1984	22 KB
125	25

	Domain	Requested by
26	medmen.com	1 redirects medmen.com
12	pixel.mathtag.com	8869459.fls.doubleclick.net pixel.mathtag.com
11	images.ctfassets.net	medmen.com
6	pixel.sitescout.com	medmen.com 8869459.fls.doubleclick.net
6	8869459.fls.doubleclick.net	2 redirects medmen.com www.googletagmanager.com adservice.google.com
6	www.google-analytics.com	medmen.com www.google-analytics.com az416426.vo.msecnd.net
5	cdn.krxd.net	medmen.com cdn.krxd.net
5	maps.googleapis.com	medmen.com maps.googleapis.com az416426.vo.msecnd.net
4	pixel-a.basis.net	4 redirects
4	medmen.netmng.com	8869459.fls.doubleclick.net medmen.netmng.com
4	segment.prod.bidr.io	2 redirects 8869459.fls.doubleclick.net
3	www.google.de	medmen.com
3	www.google.com	medmen.com
3	stats.g.doubleclick.net	az416426.vo.msecnd.net
3	www.googletagmanager.com	medmen.com www.googletagmanager.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	cdn.contentful.com	az416426.vo.msecnd.net
2	pubads.g.doubleclick.net	8869459.fls.doubleclick.net bk.adprimemedia.net
2	acuityplatform.com	8869459.fls.doubleclick.net pixel.mathtag.com
2	bk.adprimemedia.net	8869459.fls.doubleclick.net
2	insight.adsrvr.org	8869459.fls.doubleclick.net
2	adservice.google.de	2 redirects
2	adservice.google.com	8869459.fls.doubleclick.net
2	consumer.krxd.net	cdn.krxd.net
2	secure-ds.serving-sys.com	www.googletagmanager.com az416426.vo.msecnd.net
2	nova.collect.igodigital.com	medmen.com
2	static.hotjar.com	medmen.com www.googletagmanager.com
2	medmen.usablenet.com	medmen.com medmen.usablenet.com
1	www.googleapis.com	az416426.vo.msecnd.net
1	beacon.krxd.net	cdn.krxd.net
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	up.pixel.ad	www.googletagmanager.com
1	az416426.vo.msecnd.net	medmen.com
1	fonts.googleapis.com	medmen.com
1	514012152.collect.igodigital.com	medmen.com
125	37

This site contains no links.

Subject Issuer	Validity	Valid
*.medmen.com Go Daddy Secure Certificate Authority - G2	`2021-12-04` - `2022-11-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.usablenet.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-02` - `2022-12-03`	a year	crt.sh
*.collect.igodigital.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
adprimemedia.net R3	`2022-08-26` - `2022-11-24`	3 months	crt.sh
*.acuityplatform.com Go Daddy Secure Certificate Authority - G2	`2022-04-11` - `2023-05-13`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.netmng.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-19` - `2023-02-04`	a year	crt.sh
cdn.contentful.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05	`2022-09-07` - `2023-09-02`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://medmen.com/
Frame ID: 6C62F29FAB87A7B66F5782B86F21F79B
Requests: 80 HTTP requests in this frame

Frame: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576
Frame ID: CDCDABF2DDC8FA45019485A19EA1CA03
Requests: 1 HTTP requests in this frame

Frame: https://8869459.fls.doubleclick.net/activityi;dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Frame ID: ADED3CA620BDAC0A55E7E313E13BFAD8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 450F4E87F90AD74B9FFF622BAEB14BE8
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: E8DF3B0F068AAD3C3A7454B9D8CB2DC0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Frame ID: 8E1D1B8A9862C2FC1B31A4A26C71C4A0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/
Frame ID: 7A059E9941968CB52B48EC74741F281A
Requests: 1 HTTP requests in this frame

Frame: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Frame ID: 17A4E814B2EBD8EFD9D52EB2F004E6FF
Requests: 12 HTTP requests in this frame

Frame: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/
Frame ID: 1D49C45EF1CAE42CB1AA69FEF1894B52
Requests: 12 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=08456347-7b73-4100-ae9a-09c615af2bd3&no_iframe=1&mt_adid=223009&source=mathtag
Frame ID: B146606C8F8C26E1EACADBAE84F64043
Requests: 3 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=96ab6347-7b73-4500-9925-d528cfce8d1a&no_iframe=1&mt_adid=223009&source=mathtag
Frame ID: 611DF0D0622F9D72672D11AF66C69D10
Requests: 3 HTTP requests in this frame

Frame: https://medmen.usablenet.com/pt/switch
Frame ID: 1011AC63792CF084D7987AA614DEF09A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 1DEDE9C3A52F6829898C4F92AD78E452
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 5AF8DC7F2E16C35FBBC231E3D55A7B3C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: DD8C493CBCB64AC0161B8D57C974D410
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MedMen Cannabis Dispensaries and Delivery Service

Page URL History Show full URLs

http://medmen.com/ HTTP 302
https://medmen.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

UsableNet (Accessibility) Expand

Overall confidence: 100%
Detected patterns

\.usablenet\.com/pt/

Page Statistics

125
Requests

97 %
HTTPS

37 %
IPv6

25
Domains

37
Subdomains

34
IPs

6
Countries

2867 kB
Transfer

8976 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://medmen.com/ HTTP 302
https://medmen.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://8869459.fls.doubleclick.net/activityi;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576 HTTP 302
https://8869459.fls.doubleclick.net/activityi;dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576

Request Chain 46

https://8869459.fls.doubleclick.net/activityi;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F HTTP 302
https://8869459.fls.doubleclick.net/activityi;dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F

Request Chain 70

https://adservice.google.de/ddm/fls/i/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F HTTP 302
https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F

Request Chain 72

https://adservice.google.de/ddm/fls/i/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/ HTTP 302
https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/

Request Chain 92

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

Request Chain 95

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 96

https://pixel-a.basis.net/iap/d46ec517f54be3d6 HTTP 301
https://pixel.sitescout.com/iap/d46ec517f54be3d6

Request Chain 97

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

Request Chain 100

https://pixel-a.basis.net/iap/d46ec517f54be3d6 HTTP 301
https://pixel.sitescout.com/iap/d46ec517f54be3d6

Request Chain 101

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

125 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
medmen.com/
Redirect Chain

http://medmen.com/
https://medmen.com/

470 KB
74 KB

3824ms
3711ms

Document
text/html

107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 77011865eb33d5bd4b1c16353d1e810a70afbc20afaffe8c9e860a912db3e0f3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 13 Oct 2022 02:44:01 GMT
ETag: W/"75866-YcW4wFBJqY3juyDnx4rQxqhfZlE"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 fra1-bit15028

Redirect headers

Connection: close
Content-Length: 0
Location: https://medmen.com/

GET
H/1.1 200
OK bundle.34f5a2e0.css
medmen.com/static/css/ 143 KB
25 KB 755ms
660ms Stylesheet
text/css 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.com/static/css/bundle.34f5a2e0.css
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 9d9e3ba3e9fb4d819be63139f0b2bbc2d3781ee07188945de9c641a039faa85b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:02 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"23ae9-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK bundle.34f5a2e0.js Show response
medmen.com/static/js/ 6 MB
2 MB 761ms
665ms Script
application/javascript 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.com/static/js/bundle.34f5a2e0.js
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: bf7952a6fd01124941dc6fb60d86de951edbb1df3b2190ca95fb112c463e4445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:02 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"59d720-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 169 KB
56 KB 115ms
51ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8&libraries=places

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

dae23cdaecef04da336a0145738bf29f537f3d55005cb70f4909819bd0c8baa3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:01 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=30
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56571
x-xss-protection: 0
expires: Thu, 13 Oct 2022 03:14:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 67ms
30ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-112939841-1

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

126a469f2c88dab0c487aec6a4cfd637d49286c454cfa3e262113c78e54f2625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42420
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 00:01:18 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Oct 2022 02:44:02 GMT

GET
H2 200 start Show response
medmen.usablenet.com/pt/ 2 KB
1 KB 559ms
136ms Script
text/javascript 169.47.214.218
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://medmen.usablenet.com/pt/start

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

169.47.214.218 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

da.d6.2fa9.ip4.static.sl-reverse.com

Software

Resource Hash

ec5e8bed881ff353262f240dbde1c2061ac7344a41031db2fdd5ccf69ef604f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600, public
content-encoding: gzip
date: Thu, 13 Oct 2022 02:44:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8

GET
H2 200 collect.js Show response
514012152.collect.igodigital.com/ 8 KB
2 KB 350ms
97ms Script
application/javascript 34.225.222.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://514012152.collect.igodigital.com/collect.js
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.222.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-222-245.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 22:24:33 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK mobile-menu.d9fe4230.svg
medmen.com/static/media/ 278 B
788 B 177ms
173ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/mobile-menu.d9fe4230.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: b7844d240d400c2e9c62cf3ec3a2381ced604a9a3d99793399a8ca315efad7ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:02 GMT
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"116-18367686370"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 278

GET
H/1.1 200
OK logo-red.4ec39e62.svg
medmen.com/static/media/ 4 KB
2 KB 178ms
173ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/logo-red.4ec39e62.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 847ced341e460ec43012f8c38c591165bac938facc323f54837722e9c7f0a3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:02 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"11fa-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK cart.7291935a.svg
medmen.com/static/media/ 1001 B
1 KB 348ms
170ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/cart.7291935a.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 8cf2c7d8af5c7956d251f5e8f2da1cf4b4b1caae90c833fe0975b14c1d55b0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"3e9-18367686370"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 1001

GET
H2 200 Buds.svg
images.ctfassets.net/1ehd3ycc3wzr/5JzXalDdwbTcfb8woWATHt/914a69536951e37b00e1f2ef4c5d1308/ 12 KB
6 KB 59ms
11ms Image
image/svg+xml 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/5JzXalDdwbTcfb8woWATHt/914a69536951e37b00e1f2ef4c5d1308/Buds.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0299010fa4343141a7594d5cec7db707b346bcc368ea576006d5aab02134b4ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 12:27:52 GMT
content-encoding: gzip
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 17:57:40 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
age: 51371
etag: W/"80c5058e56b0f8cd1ccdda0bbabcb3b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: A6R5yFt6G05jZa4GycZgcl1OPoB-zlbyqcPSJo3-C2GzIbHQCJD6Sg==

GET
H2 200 Heavy_Hitters_Logo.png
images.ctfassets.net/1ehd3ycc3wzr/4rzWsJgzz5RryeVXELZLpQ/322b0d089e6f258f33db1127664da081/ 15 KB
15 KB 60ms
12ms Image
image/png 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/4rzWsJgzz5RryeVXELZLpQ/322b0d089e6f258f33db1127664da081/Heavy_Hitters_Logo.png
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: e90f0012a362fb14430780526b9e402aba14f7b6dbc75fd2efbf616e06fb7550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 12:27:52 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Thu, 29 Aug 2019 23:39:38 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
age: 51371
etag: "36cb3a593f53e5ecf2cca1f86ea11d4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 15408
x-amz-cf-id: ufCzBSxVUZQ4YD-Em34WVE_eyaGogzbqpGB3QUAuty_1IUC_RJPv3w==

GET
H2 200 absolutextracts.png
images.ctfassets.net/1ehd3ycc3wzr/5R7YEblajyjZgZERChvgha/ac0d58e70f977a5a2de26a6349948bea/ 16 KB
16 KB 230ms
182ms Image
image/png 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/5R7YEblajyjZgZERChvgha/ac0d58e70f977a5a2de26a6349948bea/absolutextracts.png
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f67fad2dd7e776266c41833db8c19f6dc97b0e8de3ee5772b76aaf12324d5b1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:03 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Mon, 09 Mar 2020 17:49:45 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
etag: "80ef71abeed079cf91c7beca33203449"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 16501
x-amz-cf-id: jDCJevg1wj-fE8K019D0NlQOlM5amWU3Df_1mTCtvKq-l0GkiVZY7Q==

GET
H2 200 ember_valley.png
images.ctfassets.net/1ehd3ycc3wzr/6ivNJiIok5yIekoOzFS5gi/5312ea5d05bced457a015e8edae531bf/ 13 KB
13 KB 69ms
21ms Image
image/png 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/6ivNJiIok5yIekoOzFS5gi/5312ea5d05bced457a015e8edae531bf/ember_valley.png
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: dbade9fc7804fdde4df09f2347a3e8963b8372080a72168c072a8e1785720787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 12:27:52 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Mon, 09 Mar 2020 21:27:06 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
age: 51371
etag: "f3c3c38ff395ac4b4b11b7d8cd294b1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 12951
x-amz-cf-id: 87iKQ8kq9TFJBEXvnDs0E13T1mkPctw56EefFOW5Z5eDblajBmlj7Q==

GET
H2 200 MedMen_Red_Logo_New.png
images.ctfassets.net/1ehd3ycc3wzr/1meeFShx0z3OoiK8uj3Qde/33d9919c4826c6dca21d7c3d2fa27141/ 11 KB
12 KB 60ms
19ms Image
image/png 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/1meeFShx0z3OoiK8uj3Qde/33d9919c4826c6dca21d7c3d2fa27141/MedMen_Red_Logo_New.png
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0e8d74933941c5f4c66965bc03201feb1ed18ea7043381b1800312790b748ca3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 12:27:52 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jan 2021 23:08:54 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
age: 51371
etag: "04b69ce35932526911e61012808d2a20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 11523
x-amz-cf-id: R8jo1KZwylI2DSoBTtnnPbQP2ziKlMJviQKjMd__m-4Cl-7ZnH4-QA==

GET
H2 200 Connected_cannabis.png
images.ctfassets.net/1ehd3ycc3wzr/7lgTMIHh9DJvzAtf6NPJRS/d16b5524e310500a825d57344f9f23bb/ 10 KB
11 KB 12ms
11ms Image
image/png 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/7lgTMIHh9DJvzAtf6NPJRS/d16b5524e310500a825d57344f9f23bb/Connected_cannabis.png
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 88611d2586ceee667592bf2ea0177f402ce0d62e704e05ee2c49692c4d056729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 16:32:05 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 21:21:34 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
age: 36718
etag: "4b2aabcd08a671d05a77f362aa1b2efa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 10705
x-amz-cf-id: 6gymD9NUQab_Oq7PiVKg7Mgm1Pv5BkMVEbYnQcS5l6Zn57qGuhWHkw==

GET
H2 200 dosist_Logo_3x.png
images.ctfassets.net/1ehd3ycc3wzr/6F2Ng2lm1h3brCQST0th2f/a90971f67f6c0fdf2c48cdcf0792da46/ 9 KB
9 KB 198ms
198ms Image
image/png 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/6F2Ng2lm1h3brCQST0th2f/a90971f67f6c0fdf2c48cdcf0792da46/dosist_Logo_3x.png
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6a8a4f512f8e31acb546d771fd89edc7739e42d7648cf2c967948f01b90f23c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:03 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 21:31:16 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
etag: "f2427a8d6dee1949b50a8bff95bdb5a0"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 9097
x-amz-cf-id: C4YJ0XU28tzkDJ0rXcQu15k3kNE-8fzobi24DGfij5sSBR2d4mcqvg==

GET
H2 200 Selfies.png
images.ctfassets.net/1ehd3ycc3wzr/riKihHrSkmvmbd9H89qcP/2644c25ddfbcc05d05a59cdc1f3a2419/ 22 KB
22 KB 12ms
12ms Image
image/png 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/riKihHrSkmvmbd9H89qcP/2644c25ddfbcc05d05a59cdc1f3a2419/Selfies.png
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b65f633aea7131a659841b62fef2e8b2bc197d817eea62167f791d96b0ee4759

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 12:27:52 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Mon, 08 Mar 2021 20:40:33 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
age: 51371
etag: "a7e0801ac5121bec754d6a33280b459d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 22567
x-amz-cf-id: ZqRXCKuDRrOUVNk51VrwKgJaALl3rCb4hT_Q_J5vPyxpc1YiKq1ImA==

GET
H2 200 kikoko_logo.png
images.ctfassets.net/1ehd3ycc3wzr/mP6cHv5AaY80C9QE4Bu03/34eb41c3feadb5bb4d6bdc086606655a/ 12 KB
13 KB 317ms
317ms Image
image/png 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/mP6cHv5AaY80C9QE4Bu03/34eb41c3feadb5bb4d6bdc086606655a/kikoko_logo.png
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b1d75085991d82b73c1cdc9d3f6327738a24e3325c37cb8973e85dab1ced38c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:04 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Sat, 07 Mar 2020 00:25:48 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
etag: "03ea6ee6202e173e60bf0c6d8f64157c"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 12622
x-amz-cf-id: kz1UA_zDJBv4azpE6iib38ffYp18hZZC_UcI_JZMlDTriLHG2rMfvQ==

GET
H/1.1 200
OK carousel-button-left-active.1b666abf.svg
medmen.com/static/media/ 605 B
1 KB 172ms
171ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/carousel-button-left-active.1b666abf.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: cf65d62fb3ec5362f85dd40c33c764080ccc48bcdf53966998b8f01c7383819c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"25d-18367686370"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 605

GET
H/1.1 200
OK spectrum-cbd-rich.53e71e18.svg
medmen.com/static/media/ 1 KB
1 KB 172ms
172ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/spectrum-cbd-rich.53e71e18.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 6a6d4824e6def41b36e70379f1ff05bb76973a230edfffe7e24f37744bdf4d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"570-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK spectrum-sativa.443aaed4.svg
medmen.com/static/media/ 3 KB
2 KB 173ms
173ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/spectrum-sativa.443aaed4.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 7c1d2644d6cdb3e55150b1032af04d8f1f73588ac3cef941225104ba101d7a35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"b57-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK spectrum-sativa-dominant.b7b30db9.svg
medmen.com/static/media/ 3 KB
2 KB 170ms
170ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/spectrum-sativa-dominant.b7b30db9.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 897956186ac43cefcb48717a28c1e75c4ca72a6f32563c3243c9d15e4d273d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"d0c-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK spectrum-hybrid.c897358c.svg
medmen.com/static/media/ 4 KB
2 KB 171ms
171ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/spectrum-hybrid.c897358c.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 510559c471361a46e15b4c55cc6890d4157b63d6e735af8ce628db9caf1ea990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"ee6-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK spectrum-indica-dominant.e077fe9b.svg
medmen.com/static/media/ 1 KB
1 KB 170ms
170ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/spectrum-indica-dominant.e077fe9b.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: daf8570a19fd2adf99c6ad2704af079de87f8236253820a02d1d2e94c0c9c9e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"57a-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK spectrum-indica.507f3861.svg
medmen.com/static/media/ 1 KB
1 KB 171ms
170ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/spectrum-indica.507f3861.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 1c16eab81de9135313e30f36ea0413693b0e94f53f37d28cf7452a9360ca8c12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"429-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-footer-social-facebook-off.bdffbd54.svg
medmen.com/static/media/ 3 KB
2 KB 171ms
171ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-facebook-off.bdffbd54.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: ff90cc4ac0935612385a6962684ec5b4c94efb7607357dcd93d3b0147932d76c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"bbc-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-footer-social-facebook-on.2444a8e0.svg
medmen.com/static/media/ 3 KB
2 KB 170ms
170ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-facebook-on.2444a8e0.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: e2928858da99fb4e62826a3ae19a8d26d7e7209c35ac928235ce188f7652d794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"bbc-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-footer-social-twitter-off.7c147182.svg
medmen.com/static/media/ 4 KB
3 KB 171ms
171ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-twitter-off.7c147182.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 1d1ef128acbbfdc0850ab9a1d26fcb6e2b01c6dc85777b73e98d8162699885fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"101b-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-footer-social-twitter-on.f449cb62.svg
medmen.com/static/media/ 4 KB
3 KB 170ms
170ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-twitter-on.f449cb62.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 7bccbf4fac8c424d82fcdcf7cce8771cafd3d205591d7195a27d91e62002c4c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"101b-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-footer-social-instagram-off.d85212f2.svg
medmen.com/static/media/ 3 KB
2 KB 169ms
169ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-instagram-off.d85212f2.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 73ddca1d5c05c6cc15bafa1e66f73de96d9768271e9b7c85d39b055665761d23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"d55-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-footer-social-instagram-on.1fd0b77e.svg
medmen.com/static/media/ 5 KB
2 KB 172ms
172ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-instagram-on.1fd0b77e.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 769e4e838034e05d5ec90c655dfec2600cab746d9b727a1dd5599b9e84a1c27b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"12a6-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK mobile-menu-angle.8636f384.svg
medmen.com/static/media/ 566 B
1 KB 170ms
170ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/mobile-menu-angle.8636f384.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 392d444ec1716b26a509753ba295c253dae2afb791a3513cd13ac799d5650554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"236-18367686370"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 566

GET
H/1.1 200
OK mobile-menu-plus.760c6f47.svg
medmen.com/static/media/ 398 B
908 B 169ms
169ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/mobile-menu-plus.760c6f47.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: b63c729cbabbefcab2bb40ba388e90ced9ea85386d97df723efb5811b07fe8f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"18e-18367686370"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 398

GET
H/1.1 200
OK mobile-menu-close.9f65624b.svg
medmen.com/static/media/ 350 B
860 B 170ms
169ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/mobile-menu-close.9f65624b.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: a1454f94371ba5d171b5e0460fc61d78f5744c1ad229f7e28470319506a9b544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"15e-18367686370"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 350

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 57ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass

Requested by

Host: medmen.com
URL: https://medmen.com/static/css/bundle.34f5a2e0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d57b8fbc5f90f3a703c3d39f9398fb84c57497cc2f17c23a974a6abbb0e54fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 02:19:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Oct 2022 02:44:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
68 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8806e8d06a794504a045a6323a70be887485ff71a2509ea5edaa0e5b82d22cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69624
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 00:01:18 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Oct 2022 02:44:02 GMT

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
446 B 58ms
24ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medmen.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 01:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6123
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 13 Oct 2022 03:01:59 GMT

GET
H2 200 tbth5qz56.js Show response
cdn.krxd.net/controltag/ 26 KB
8 KB 40ms
6ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tbth5qz56.js
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 48f15b53d21b43ca1bbdd33f3439c0d1c2b0fff4ff76e649f4738a89306e527e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 859
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 7432
x-served-by: config-service-a005-ash-prod.krxd.net, cache-iad-kiad7000060-IAD, cache-fra19167-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1665629043.904185,VS0,VE1
etag: "751300fbe8f36832e62f8d94a631e1df4b33df7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 21, 1

GET
H2 200 hotjar-2370412.js Show response
static.hotjar.com/c/ 4 KB
3 KB 47ms
10ms Script
application/javascript 65.9.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2370412.js?sv=6

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-91.fra56.r.cloudfront.net

Software

Resource Hash

2335ec3d5694098dfddc832d91d36bf09028bc916e78743059411ba00b1c53c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 24
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/f5cc5ec7251b18b076edad0b810003e7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: UQkuT0jgZsT5BF9F4gM6UVlUejQKZFSFWkvGU8nuNtfjlR-MWThOag==

GET
H2 202 track_page_view
nova.collect.igodigital.com/c2/514012152/ 43 B
687 B 109ms
109ms Image
image/gif 34.225.222.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/514012152/track_page_view?payload=%7B%22title%22%3A%22MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service%22%2C%22url%22%3A%22https%3A%2F%2Fmedmen.com%2F%22%2C%22referrer%22%3A%22%22%7D

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.222.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-222-245.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-runtime: 0.007507
date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
x-xss-protection: 1; mode=block
x-request-id: bad21093-7a25-444c-a1e1-bcd8bfe6acf8

GET
H3

200

activityi;dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576 Show response
8869459.fls.doubleclick.net/ Frame CDCD
Redirect Chain

https://8869459.fls.doubleclick.net/activityi;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576?
https://8869459.fls.doubleclick.net/activityi;dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576?

494 B
408 B

56ms
26ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8869459.fls.doubleclick.net/activityi;dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576?

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

cfd831da814fcc5c4d4539f774c5d1a025e3d315f1d1f3615ced2b9a3b967c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 383
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 02:44:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 02:44:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK map-marker-w-person-red.8fa097a2.svg
medmen.com/static/media/ 2 KB
1 KB 737ms
667ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/map-marker-w-person-red.8fa097a2.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: dc3abfa81bf126b2f141735f1c0f78feb649ce3d483a216a5245766ff243ad10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"835-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK header-triangle.a5f8b9e9.svg
medmen.com/static/media/ 160 B
669 B 735ms
674ms Image
image/svg+xml 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/header-triangle.a5f8b9e9.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 67945f239be12624d8f67a31a6743530bde14f078cd6a2a07eda0dc1d7681c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"a0-18367686370"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 160

GET
H/1.1 200
OK AvenirNextLTPro-Regular.otf
medmen.com/fonts/ 65 KB
39 KB 682ms
668ms Font
font/otf 107.162.232.205
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.com/fonts/AvenirNextLTPro-Regular.otf
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.232.205 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 21d7fc503db5e58915ced447c70c1743ae04ba01b5114c67bef1ea89d082653a

Request headers

Referer: https://medmen.com/
Origin: https://medmen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Via: 1.1 fra1-bit15028
Last-Modified: Thu, 22 Sep 2022 22:53:58 GMT
ETag: W/"104f0-18367686370"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: font/otf
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 47ms
9ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1539
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ca8b4391-701e-003d-10aa-de6681000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Thu, 13 Oct 2022 03:14:02 GMT

GET
H3

200

activityi;dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F Show response
8869459.fls.doubleclick.net/ Frame ADED
Redirect Chain

https://8869459.fls.doubleclick.net/activityi;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F?
https://8869459.fls.doubleclick.net/activityi;dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmed...

476 B
404 B

48ms
25ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8869459.fls.doubleclick.net/activityi;dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

e0b34d30508f5290750b9a385c7ec1f711b51d73ef3b8ce38d94a55a6c429907

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 379
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 02:44:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 02:44:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8869459.fls.doubleclick.net/activityi;dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2370412.js Show response
static.hotjar.com/c/ 4 KB
3 KB 9ms
9ms Script
application/javascript 65.9.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2370412.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-91.fra56.r.cloudfront.net

Software

Resource Hash

2335ec3d5694098dfddc832d91d36bf09028bc916e78743059411ba00b1c53c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 24
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/f5cc5ec7251b18b076edad0b810003e7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: ui01AudkPT7RRPFSxA5ecFNF8Kilh4fUS7DLIRcDdIHDjc310QehZA==

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 69 KB
21 KB 61ms
7ms Script
application/javascript 95.101.27.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-14.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 08:55:48 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"095a7b562e641bfc203fc3ef9697c6bc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: OKmx5PtSztdP8-FTyRy2YSFA71nq4sivrRBl3n7X9GWbp4Tnyt_FKw==
content-length: 21355

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 95ms
12ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:03 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 593095
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 76b4acaa192bdc90ad217eb4a91e4340

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-112939841-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4422e1544e5a7cdfab731872c8631919ce964a684b529298b57ce187842d879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42428
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 00:01:18 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Oct 2022 02:44:02 GMT

GET
H2 200 controltag.js.387e8802bbd0d9fbfa52c1546d7297df Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 7ms
7ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tbth5qz56.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 278768
age: 14505099
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84742
x-served-by: cache-fra19167-FRA
last-modified: Thu, 28 Apr 2022 05:17:05 GMT
x-timer: S1665629043.919317,VS0,VE0
etag: "387e8802bbd0d9fbfa52c1546d7297df"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 25 Apr 2032 05:17:04 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 43ms
13ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Oct 2022 03:36:18 GMT

GET
H2 200 modules.bcd9ade6b0bb9bdd0789.js Show response
script.hotjar.com/ 254 KB
65 KB 33ms
7ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bcd9ade6b0bb9bdd0789.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2370412.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

e65151d8b191ecdee650118921d3b09ec652545f0c3c1836b0d690a327385da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 12:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 137756
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66262
last-modified: Tue, 11 Oct 2022 12:27:49 GMT
etag: "c874db56accb04836744269ac062cb73"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 6B9oI4xoM1lkYM9Jn1x76GwPM5mOo1-GyuUarf1tOyn0Ub-pvT9XLQ==

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 450F 805 B
827 B 7ms
6ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer: https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42348100
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 525
content-type: text/html
date: Thu, 13 Oct 2022 02:44:02 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
expires: Fri, 19 Feb 2027 17:50:50 GMT
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 174891
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by: cache-fra19167-FRA
x-timer: S1665629043.964328,VS0,VE0

GET
H2 200 tbth5qz56.js Show response
cdn.krxd.net/controltag/ Frame 450F 26 KB
8 KB 8ms
8ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tbth5qz56.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 48f15b53d21b43ca1bbdd33f3439c0d1c2b0fff4ff76e649f4738a89306e527e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 13 Oct 2022 02:44:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 859
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 7432
x-served-by: config-service-a005-ash-prod.krxd.net, cache-iad-kiad7000060-IAD, cache-fra19167-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1665629043.993192,VS0,VE0
etag: "751300fbe8f36832e62f8d94a631e1df4b33df7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 21, 2

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame E8DF 2 KB
1 KB 37ms
10ms Document
text/html 143.204.215.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2370412.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-65.fra53.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 753355
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:28:08 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id: PK3xf-Bfo051FMPIxTG0PeVfAH4Dh6JhnVbfh05A7TzCEwmsJ57HQA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 20ms
20ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=957292714&t=pageview&_s=1&dl=https%3A%2F%2Fmedmen.com%2F&ul=en-us&de=UTF-8&dt=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEIJRAAAACAMI~&jid=1456908330&gjid=1947900187&cid=1330979381.1665629043&tid=UA-112939841-1&_gid=592906672.1665629043&_r=1&gtm=2wgaa0N7J8WCW&z=920237409

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 109 KB
42 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TL8KZ2F&t=gtag_UA_112939841_1&cid=1330979381.1665629043

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb7588d0d2bb57a8e0de0fb5cf5dde4fc1bb6ff8bc2047603a92289c99311bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 13 Oct 2022 02:44:03 GMT

GET
H2 200 7b3785dc-e5e8-4465-88e8-0bb2db048533 Show response
consumer.krxd.net/consent/get/ 234 B
426 B 80ms
42ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/7b3785dc-e5e8-4465-88e8-0bb2db048533?idt=device&dt=kxcookie&callback=Krux.ns.centro.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b1ce6ee9230efeb04a3e32ac6d6e564ea192399e6b1e815c516a895e27a3817f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: consumer-a008-dub-prod.krxd.net, cache-fra19161-FRA
date: Thu, 13 Oct 2022 02:44:03 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1665629043.072920,VS0,VE29
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 187
x-cache-hits: 0, 0

GET
H2 200 dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 8E1D 475 B
849 B 95ms
52ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F

Requested by

Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4147e3e871c613942d59094658cb7ebd07d11dc339f6bcd9230126ebf438461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8869459.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 380
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 02:44:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 10566 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/6/ 2 KB
968 B 127ms
89ms XHR
application/octet-stream 95.101.27.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/6/10566
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-14.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cb9389308a294f1aa4b8e85da093d2fb1e86f89688a1cf39b5983e0d8d6ecb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: ol8.Xn8XQNG0gq4EdEiEWGSTSzEjQoBs
content-encoding: gzip
date: Thu, 13 Oct 2022 02:44:03 GMT
last-modified: Tue, 09 Feb 2021 16:50:50 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "5f3a2e7fd180ef4ab6589cd46b70c80b"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=20
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-amz-cf-id: cT5tK8hr7bONX1kLBPGG8lTgdRIIQmLcKyqzHUCf_nicqoNZqIdjWA==
content-length: 637

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https:... Frame 7A05 493 B
453 B 123ms
86ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/

Requested by

Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03e84c07e868503beb81317859720a4578a366b6f5593207e39a57f3ba33b8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8869459.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 383
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 02:44:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 60ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-112939841-1&cid=1330979381.1665629043&jid=1456908330&gjid=1947900187&_gid=592906672.1665629043&_u=aGDACEIIRAAAACAMI~&z=1207877578

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Oct 2022 02:44:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.387e8802bbd0d9fbfa52c1546d7297df Show response
cdn.krxd.net/ctjs/ Frame 450F 259 KB
83 KB 6ms
6ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tbth5qz56.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 13 Oct 2022 02:44:03 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 278769
age: 14505099
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84742
x-served-by: cache-fra19167-FRA
last-modified: Thu, 28 Apr 2022 05:17:05 GMT
x-timer: S1665629043.051117,VS0,VE0
etag: "387e8802bbd0d9fbfa52c1546d7297df"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 25 Apr 2032 05:17:04 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 20ms
20ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=957292714&t=pageview&_s=1&dl=https%3A%2F%2Fmedmen.com%2F&ul=en-us&de=UTF-8&dt=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUILRAAAACAMI~&jid=1530281897&gjid=608331610&cid=1330979381.1665629043&tid=UA-112939841-1&_gid=592906672.1665629043&_r=1&gtm=2ouaa0&z=612117931

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7b3785dc-e5e8-4465-88e8-0bb2db048533 Show response
consumer.krxd.net/consent/get/ Frame 450F 219 B
279 B 38ms
38ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/7b3785dc-e5e8-4465-88e8-0bb2db048533?idt=device&dt=kxcookie&callback=Krux.ns.centro.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d399bfaa5c7094b8900ee5c7ad973949763deff94c8bc1d5381a3b1e3cb34d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: consumer-a005-dub-prod.krxd.net, cache-fra19161-FRA
date: Thu, 13 Oct 2022 02:44:03 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1665629043.120379,VS0,VE32
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 179
x-cache-hits: 0, 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 68ms
26ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112939841-1&cid=1330979381.1665629043&jid=1456908330&_u=aGDACEIIRAAAACAMI~&z=1557298142

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 61ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112939841-1&cid=1330979381.1665629043&jid=1456908330&_u=aGDACEIIRAAAACAMI~&z=1557298142

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-112939841-1&cid=1330979381.1665629043&jid=1530281897&gjid=608331610&_gid=592906672.1665629043&_u=aGDACUILRAAAACAMI~&z=1011184006

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Oct 2022 02:44:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F Show response
8869459.fls.doubleclick.net/ddm/fls/r/ Frame 17A4
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmed...

2 KB
1002 B

28ms
25ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

b69e30289715aeff61f0e88e1ae3d6dec6d5899142385f99920c20969d024b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 977
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 02:44:03 GMT
expires: Thu, 13 Oct 2022 02:44:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 02:44:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Serving Show response
bs.serving-sys.com/ 385 B
871 B 217ms
13ms Script
text/html 52.28.103.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=10566&dispType=js&sync=0&sessionid=5360960237939783964&pageurl=$$https%3A%2F%2Fmedmen.com%2F$$&activityValues=$$Session%3D6113059583465981889$$&ns=0&rnd=38496190387424667&uinadv=%7B%7D
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.103.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-103-172.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 488b605296cae89f86ef1f7c02000d9bc53a59f0d50760289c2c4b1a705f1811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 290
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3

200

/ Show response
8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref... Frame 1D49
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref...
https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.5...

2 KB
1002 B

30ms
28ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

b69e30289715aeff61f0e88e1ae3d6dec6d5899142385f99920c20969d024b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 977
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 02:44:03 GMT
expires: Thu, 13 Oct 2022 02:44:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 02:44:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 26ms
26ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112939841-1&cid=1330979381.1665629043&jid=1530281897&_u=aGDACUILRAAAACAMI~&z=1530416774

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 77ms
25ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112939841-1&cid=1330979381.1665629043&jid=1530281897&_u=aGDACUILRAAAACAMI~&z=1530416774

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame 17A4 70 B
261 B 102ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=1bqaots&ct=0:yfhoofy&fmt=3
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 17A4 2 KB
3 KB 60ms
21ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x32 config:1.0.0 /
Resource Hash: 396ce957bfecca4f7b13f625e4636663b13c341989e04e526e29931d9f871254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x32 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2052
Expires: Thu, 13 Oct 2022 02:44:02 GMT

GET
H/1.1 200
OK apbWVkbWVuLWNvbnRhaW5lcjE5.js Show response
bk.adprimemedia.net/k/audq/p/ Frame 17A4 707 B
803 B 317ms
96ms Script
application/javascript 18.214.218.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bk.adprimemedia.net/k/audq/p/apbWVkbWVuLWNvbnRhaW5lcjE5.js
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.218.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-218-48.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / PHP/5.6.40
Resource Hash: c18e23c034ab18d4712bb92c6420c48968309a28d4799303ef350b4f48b75eee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 359
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame 1D49 70 B
260 B 95ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=1bqaots&ct=0:yfhoofy&fmt=3
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 1D49 2 KB
3 KB 55ms
24ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x12 config:1.0.0 /
Resource Hash: e2e10acb73873567d8a4953e52f9d1fae7121d620cd04a065018b97bd3893dc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2052
Expires: Thu, 13 Oct 2022 02:44:02 GMT

GET
H/1.1 200
OK apbWVkbWVuLWNvbnRhaW5lcjE5.js Show response
bk.adprimemedia.net/k/audq/p/ Frame 1D49 707 B
803 B 315ms
99ms Script
application/javascript 18.214.218.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bk.adprimemedia.net/k/audq/p/apbWVkbWVuLWNvbnRhaW5lcjE5.js
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.218.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-218-48.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / PHP/5.6.40
Resource Hash: c18e23c034ab18d4712bb92c6420c48968309a28d4799303ef350b4f48b75eee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 02:44:03 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 359
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame B146 713 B
1 KB 23ms
23ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=08456347-7b73-4100-ae9a-09c615af2bd3&no_iframe=1&mt_adid=223009&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x13 config:1.0.0 /
Resource Hash: 8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

Request headers

Referer: https://8869459.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 713
Content-Type: text/html
Date: Thu, 13 Oct 2022 02:44:03 GMT
Expires: Thu, 13 Oct 2022 02:44:02 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4539 98cc2da master cdg-pixel-x13 config:1.0.0

GET
H/1.1 200 3770478739069386752
acuityplatform.com/Adserver/pxl/ Frame 17A4 70 B
506 B 128ms
15ms Image
image/png 154.59.122.74
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acuityplatform.com/Adserver/pxl/3770478739069386752
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.59.122.74 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png
Pragma: no-cache
Date: Thu, 13 Oct 2022 02:44:03 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 17A4 0
481 B 20ms
20ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x11 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 13 Oct 2022 02:44:02 GMT

GET
H/1.1 200 3770478739069386752
acuityplatform.com/Adserver/pxl/ Frame 1D49 70 B
506 B 129ms
20ms Image
image/png 154.59.122.74
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acuityplatform.com/Adserver/pxl/3770478739069386752
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.59.122.74 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png
Pragma: no-cache
Date: Thu, 13 Oct 2022 02:44:03 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 611D 713 B
1 KB 33ms
20ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=96ab6347-7b73-4500-9925-d528cfce8d1a&no_iframe=1&mt_adid=223009&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x31 config:1.0.0 /
Resource Hash: 8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

Request headers

Referer: https://8869459.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 713
Content-Type: text/html
Date: Thu, 13 Oct 2022 02:44:03 GMT
Expires: Thu, 13 Oct 2022 02:44:02 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4539 98cc2da master cdg-pixel-x31 config:1.0.0

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 1D49 0
480 B 33ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x9 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x9 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 13 Oct 2022 02:44:02 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame B146 0
481 B 19ms
18ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=08456347-7b73-4100-ae9a-09c615af2bd3&no_iframe=1&mt_adid=223009&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x12 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=08456347-7b73-4100-ae9a-09c615af2bd3&no_iframe=1&mt_adid=223009&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 13 Oct 2022 02:44:02 GMT

GET
H2 200 switch Show response
medmen.usablenet.com/pt/ Frame 1011 1 KB
687 B 135ms
134ms Document
text/html 169.47.214.218
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.usablenet.com/pt/switch
Requested by: Host: medmen.usablenet.com
URL: https://medmen.usablenet.com/pt/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.47.214.218 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: da.d6.2fa9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 55df69f1421400dfd2e26fe0eee4066ec286f342d562a77a8f80e3a3d18a1401

Request headers

Referer: https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29030400, public
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 13 Oct 2022 02:44:03 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 611D 0
481 B 20ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=96ab6347-7b73-4500-9925-d528cfce8d1a&no_iframe=1&mt_adid=223009&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x10 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=96ab6347-7b73-4500-9925-d528cfce8d1a&no_iframe=1&mt_adid=223009&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:03 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 13 Oct 2022 02:44:02 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 1DED 0
0 73ms
21ms Document
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 13 Oct 2022 02:44:03 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 200 1d1a95d7722f377e
pixel.sitescout.com/up/ 43 B
267 B 74ms
22ms Image
image/gif 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/1d1a95d7722f377e?cntr_url=https%3A%2F%2Fmedmen.com%2F
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame 17A4
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

43 B
796 B

28ms
28ms

Image
image/gif

52.51.145.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

Requested by

Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F

Protocol

HTTP/1.1

Server

52.51.145.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-145-228.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 13 Oct 2022 02:44:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1
Date: Thu, 13 Oct 2022 02:44:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 x-medmen;ord=1665629043
pubads.g.doubleclick.net/activity;dc_iu=/6105/ Frame 17A4 42 B
107 B 116ms
62ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/6105/x-medmen;ord=1665629043

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
medmen.netmng.com/ Frame 17A4 314 B
1 KB 377ms
17ms Script
text/javascript 193.0.160.33
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fadservice.google.com%2F
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.0.160.33 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 1eb5a28919967c713f79430f3d4ca950ff1c79072ce4806a552ca11c221042ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 02:44:03 GMT
Last-Modified: Tue, 11 Oct 2022 02:44:03 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 11 Oct 2022 02:44:03 GMT

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 5AF8
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

23ms
22ms

Document
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 13 Oct 2022 02:44:03 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

d46ec517f54be3d6
pixel.sitescout.com/iap/ Frame 17A4
Redirect Chain

https://pixel-a.basis.net/iap/d46ec517f54be3d6
https://pixel.sitescout.com/iap/d46ec517f54be3d6

0
191 B

25ms
24ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/d46ec517f54be3d6
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CInEuduX3PoCFc7s1QodXdEHBw;src=8869459;type=general;cat=retar0;ord=8246673847397;gtm=2wgaa0;auiddc=1937625470.1665629043;~oref=https%3A%2F%2Fmedmen.com%2F
Protocol: H2
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/d46ec517f54be3d6
content-length: 0

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame 1D49
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

43 B
796 B

28ms
28ms

Image
image/gif

52.51.145.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

Requested by

Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/

Protocol

HTTP/1.1

Server

52.51.145.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-145-228.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 13 Oct 2022 02:44:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1
Date: Thu, 13 Oct 2022 02:44:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 x-medmen;ord=1665629043
pubads.g.doubleclick.net/activity;dc_iu=/6105/ Frame 1D49 42 B
533 B 105ms
60ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/6105/x-medmen;ord=1665629043

Requested by

Host: bk.adprimemedia.net
URL: https://bk.adprimemedia.net/k/audq/p/apbWVkbWVuLWNvbnRhaW5lcjE5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
medmen.netmng.com/ Frame 1D49 314 B
1 KB 375ms
22ms Script
text/javascript 193.0.160.33
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fadservice.google.com%2F
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.0.160.33 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 1eb5a28919967c713f79430f3d4ca950ff1c79072ce4806a552ca11c221042ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 02:44:03 GMT
Last-Modified: Tue, 11 Oct 2022 02:44:03 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 11 Oct 2022 02:44:03 GMT

GET
H2

204

d46ec517f54be3d6
pixel.sitescout.com/iap/ Frame 1D49
Redirect Chain

https://pixel-a.basis.net/iap/d46ec517f54be3d6
https://pixel.sitescout.com/iap/d46ec517f54be3d6

0
191 B

26ms
25ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/d46ec517f54be3d6
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/
Protocol: H2
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 13 Oct 2022 02:44:03 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/d46ec517f54be3d6
content-length: 0

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame DD8C
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

24ms
23ms

Document
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CMSDuduX3PoCFQLqUQodbGQEvg;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6645113201531.576;~oref=https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 13 Oct 2022 02:44:03 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H/1.1 200
OK / Show response
medmen.netmng.com/ Frame 17A4 1 B
1 KB 17ms
17ms Script
text/javascript 193.0.160.33
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fadservice.google.com%2F&cch
Requested by: Host: medmen.netmng.com
URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fadservice.google.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.0.160.33 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 02:44:03 GMT
Last-Modified: Tue, 11 Oct 2022 02:44:03 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 11 Oct 2022 02:44:03 GMT

GET
H/1.1 200
OK / Show response
medmen.netmng.com/ Frame 1D49 1 B
1 KB 18ms
17ms Script
text/javascript 193.0.160.33
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fadservice.google.com%2F&cch
Requested by: Host: medmen.netmng.com
URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fadservice.google.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.0.160.33 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 02:44:03 GMT
Last-Modified: Tue, 11 Oct 2022 02:44:03 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 11 Oct 2022 02:44:03 GMT

GET
H2 200 1wEMRDAHuwW2FW1VVZbQH3 Show response
cdn.contentful.com/spaces/1ehd3ycc3wzr/environments/master/assets/ 914 B
1 KB 8ms
8ms XHR
application/vnd.contentful.delivery.v1+json 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/1ehd3ycc3wzr/environments/master/assets/1wEMRDAHuwW2FW1VVZbQH3

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

c6ce1b075399309e341fbaac153a1453af5b95c9cc1ef0bf3b5d9c922d067f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization: Bearer 3a1fbd8bd8285a5ebe9010b17959d62fed27abc42059373f3789023bb7863a06
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:05 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
contentful-cache: HIT
contentful-api: cda
age: 37064
cf-organization-id: 0tiBXlXu4Iy9txUK7I2tXw
cf-environment-uuid: 49532c5e-2e40-455e-931a-3a6560831926
x-cache: HIT
cf-space-id: 1ehd3ycc3wzr
content-length: 914
x-served-by: cache-ewr18141-EWR, cache-hhn4021-HHN
x-contentful-request-id: 9e03b881-ad11-4162-8ab1-8ee6f64abdfa
cf-environment-id: master
server: Contentful
x-timer: S1665629045.442903,VS0,VE1
etag: "12470501305375559985"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
access-control-allow-origin: *
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature
x-contentful-route: /spaces/:space/environments/:environment/assets/:id
x-contentful-region: us-east-1
x-cache-hits: 3, 1

OPTIONS
H2 204 1wEMRDAHuwW2FW1VVZbQH3
cdn.contentful.com/spaces/1ehd3ycc3wzr/environments/master/assets/ Frame 0
0 142ms
95ms Preflight 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/1ehd3ycc3wzr/environments/master/assets/1wEMRDAHuwW2FW1VVZbQH3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Access-Control-Request-Method: GET
Origin: https://medmen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 0
date: Thu, 13 Oct 2022 02:44:05 GMT
server: Contentful
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
x-cache-hits: 1072, 0
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: b9770c74-ea6f-4dd7-9996-54f83a4b7cd6
x-served-by: cache-ewr18169-EWR, cache-hhn4021-HHN
x-timer: S1665629045.347500,VS0,VE88

GET
H2 200 optout_check Show response
beacon.krxd.net/ 79 B
239 B 126ms
29ms Script
text/javascript 52.214.159.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.centro.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.159.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-159-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8098b1725a46dd6f73f2ab4b83460074c685d4293800962b9b3cab3d5baf5196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Thu, 13 Oct 2022 02:44:05 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=28 t=1665629045
content-type: text/javascript

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 374ms
374ms XHR
application/json 52.236.186.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8e727dbf54f63c36592eea21725f4b4f870120cd825f2046732d99df5ae98799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 88FECEA7-2184-4441-AE06-F513A65EF1BB
strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 02:44:05 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 210ms
20ms Preflight 52.236.186.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://medmen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 13 Oct 2022 02:44:05 GMT
x-content-type-options: nosniff

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 20ms
20ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=957292714&t=pageview&_s=1&dl=https%3A%2F%2Fmedmen.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUILRAAAACAMI~&jid=57766402&gjid=980761420&cid=1330979381.1665629043&tid=UA-112939841-1&_gid=592906672.1665629043&_r=1&_slc=1&z=139300832

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track_page_view
nova.collect.igodigital.com/c2/514012152/ 43 B
716 B 112ms
112ms Image
image/gif 34.225.222.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/514012152/track_page_view?payload=%7B%22item%22%3A%22%22%2C%22title%22%3A%22MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service%22%2C%22url%22%3A%22https%3A%2F%2Fmedmen.com%2F%22%2C%22referrer%22%3A%22%22%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.222.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-222-245.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-runtime: 0.011486
date: Thu, 13 Oct 2022 02:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
x-xss-protection: 1; mode=block
x-request-id: 9cdc5edd-188e-4624-a915-fa1b64a9a9b2

POST
H2 200 geolocate Show response
www.googleapis.com/geolocation/v1/ 102 B
527 B 101ms
59ms XHR
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/geolocation/v1/geolocate?key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

3926074008346284c065b1a4b104f00f2253468fa024b9ed4d8f0f01c16f1511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medmen.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-112939841-1&cid=1330979381.1665629043&jid=57766402&gjid=980761420&_gid=592906672.1665629043&_u=aGDACUILRAAAACAMI~&z=1520219590

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Oct 2022 02:44:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 56ms
26ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112939841-1&cid=1330979381.1665629043&jid=57766402&_u=aGDACUILRAAAACAMI~&z=2088820024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 25ms
25ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112939841-1&cid=1330979381.1665629043&jid=57766402&_u=aGDACUILRAAAACAMI~&z=2088820024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 json Show response
maps.googleapis.com/maps/api/geocode/ 19 KB
2 KB 104ms
103ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/geocode/json?latlng=51.8586368,8.1657856&key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

f1573ac0cfb177615d94920b035a8c7edcdb2f389b5a4edc29f75b89bd9251e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 02:44:05 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
server-timing: gfet4t7; dur=83
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1628
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Rectangle.jpg
images.ctfassets.net/1ehd3ycc3wzr/1wEMRDAHuwW2FW1VVZbQH3/13891a50225d08be29c818367ae98925/ 95 KB
95 KB 85ms
84ms Image
image/webp 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/1wEMRDAHuwW2FW1VVZbQH3/13891a50225d08be29c818367ae98925/Rectangle.jpg?fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6ccde8596638d69f2e402159c04f6262e28c2f3752e273946a93ca5266bd8e10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:05 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 11:44:03 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
etag: "a91376b667783b821a93c130279f951b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 96824
x-amz-cf-id: oI7N4_eTFRF-jkXHSD1ZBuKEOT094TM9sjrnesK5Z4zu0PJ7Z8xKFg==

GET
H2 200 Rectangle.jpg
images.ctfassets.net/1ehd3ycc3wzr/1wEMRDAHuwW2FW1VVZbQH3/13891a50225d08be29c818367ae98925/ 95 KB
95 KB 10ms
10ms Image
image/webp 2600:9000:214f:ba00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/1ehd3ycc3wzr/1wEMRDAHuwW2FW1VVZbQH3/13891a50225d08be29c818367ae98925/Rectangle.jpg?fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6ccde8596638d69f2e402159c04f6262e28c2f3752e273946a93ca5266bd8e10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:44:05 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 11:44:03 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
etag: "a91376b667783b821a93c130279f951b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 96824
x-amz-cf-id: 0b37gi62_w4mqAzfatMWiB_Y2ZaTLlSWKSxc-J4AIFmEs99CU2F4bg==

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/ 248 KB
68 KB 50ms
23ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b02e2d78209325f7d74120d554a8c9e8350e508d99f5053e85daccd792f28acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69614
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 19:01:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 19:38:31 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/ 165 KB
61 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2984c3ba392dc9504b5ffb2c6626852dea7a71c5e1196bcbec4127ca1978d7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61951
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 19:01:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 19:38:31 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 17A4 0
490 B 41ms
41ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x35 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:13 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x35 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 13 Oct 2022 02:44:12 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 1D49 0
490 B 37ms
36ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x32 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:13 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x32 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 13 Oct 2022 02:44:12 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame B146 0
489 B 17ms
17ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=08456347-7b73-4100-ae9a-09c615af2bd3&no_iframe=1&mt_adid=223009&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x7 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=08456347-7b73-4100-ae9a-09c615af2bd3&no_iframe=1&mt_adid=223009&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:13 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x7 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 13 Oct 2022 02:44:12 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 611D 0
490 B 28ms
28ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=96ab6347-7b73-4500-9925-d528cfce8d1a&no_iframe=1&mt_adid=223009&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4539 98cc2da master cdg-pixel-x10 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=96ab6347-7b73-4500-9925-d528cfce8d1a&no_iframe=1&mt_adid=223009&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 02:44:13 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 13 Oct 2022 02:44:12 GMT

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medmen.com/	1970-01-20 08:50:05	Name: _gcl_au Value: 1.1.1937625470.1665629043
.medmen.com/	1970-01-20 16:16:29	Name: _ga Value: GA1.2.1330979381.1665629043
.medmen.com/	1970-01-20 06:41:55	Name: _gid Value: GA1.2.592906672.1665629043
.igodigital.com/	1970-01-20 16:16:29	Name: igodigitaltc2 Value: e5d1af78-4aa0-11ed-a539-86742ec14394
.igodigital.com/	1970-01-20 06:40:32	Name: igodigitalst_514012152 Value: e5d1b676-4aa0-11ed-a539-86742ec14394
.igodigital.com/	1970-01-20 06:40:32	Name: igodigitalstdomain Value: 2000030287
.medmen.com/	1970-01-20 06:40:29	Name: _gat_UA-112939841-1 Value: 1
medmen.com/	1970-01-20 15:26:05	Name: ai_user Value: qxKk4\|2022-10-13T02:44:03.004Z
.medmen.com/	1970-01-20 06:40:29	Name: _gat_gtag_UA_112939841_1 Value: 1
.medmen.com/	1970-01-20 15:26:05	Name: _hjSessionUser_2370412 Value: eyJpZCI6IjJhMDExNTllLTM1ZjctNTA0My1iNTc1LWEwYmI0OGRjNGI5MCIsImNyZWF0ZWQiOjE2NjU2MjkwNDMwNjYsImV4aXN0aW5nIjpmYWxzZX0=
.medmen.com/	1970-01-20 06:40:30	Name: _hjFirstSeen Value: 1
medmen.com/	1970-01-20 06:40:29	Name: _hjIncludedInSessionSample Value: 0
.medmen.com/	1970-01-20 06:40:30	Name: _hjSession_2370412 Value: eyJpZCI6IjE4MjY0ZmYzLWY5ZGEtNDMyYy04NTIzLTI5MmU1YmMxNDhiZCIsImNyZWF0ZWQiOjE2NjU2MjkwNDMwOTQsImluU2FtcGxlIjpmYWxzZX0=
.medmen.com/	1970-01-20 06:40:30	Name: _hjAbsoluteSessionInProgress Value: 0
.krxd.net/	1970-01-20 10:59:41	Name: _kuid_ Value: PIniRESG
.doubleclick.net/	1970-01-20 16:02:05	Name: IDE Value: AHWqTUlCZCLsSK9lMSW5wN62S5gozA79ydhT_aZTUlvrb6_4F5cTgt4zFjN9I03l6eY
.mathtag.com/	1970-01-20 16:06:24	Name: uuid Value: 96ab6347-7b73-4500-9925-d528cfce8d1a
.mathtag.com/	1970-01-20 07:23:41	Name: mt_misc Value: mt_bt:1
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_10566 Value: 1
.serving-sys.com/	1970-01-20 08:50:05	Name: OT2 Value: 0002B61rmy
.serving-sys.com/	1970-01-20 08:50:05	Name: u2 Value: 987972d7-dab9-468b-bdaf-91ea6711ef694Je060
.acuityplatform.com/	1970-01-20 15:26:05	Name: auid Value: 698899616991
.bidr.io/	1970-01-20 16:09:02	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 16:09:02	Name: bito Value: AAEy9U7GjvcAAB4tae75Ww
.netmng.com/	1970-01-20 16:09:17	Name: u Value: 2FE3AF7A-F870-4D47-A412-4D84AC8E2C6E
.netmng.com/	1970-01-20 11:04:00	Name: evo5 Value: 8uryoq6pzkfdm%7CO%7CTWpWdlNtcDFWRzh3Y1dkak5XdEpTekZhWVhZNWRXSXhOVFpDYW1wU09FZHVjVVk0ZFhCdFIxRmhaMFoxY1ZONmVXUmhjRmRUU2xWRk1VMWhaalpMTVhkeVNEZEVSMmhqWkdKQk5TODBla1IxWWtKMFFuRlpOa0ZhZVVkRWRtbzFaVUpEY0RSdlZ6ZDNSVEU0TjA1V1psVm9SVkJPT1VaMk9ISTRSelkzTkZoaVpWVk1UekZzYlZWQmVEZElOVWhqT0dVM2JGQkpLMkp0VFRrMlltMXllalV5UVcweEswdHNiM1JYV2tKUmNGbzBURk55TURCTmJERk9XbXBtZWtkTVZYbHVhbTlFWW01Mk16RnhUVUo2YTIxR2ExbFBZVEYxUTJWemFtdFNOVU16TlRWaE1Fa3dkSFJQZEc1c1RucFNVMUJ5ZUZSamEwVlFaek5xYW14TWNnPT06K2hEYm95SllNNXZ2OEpIQlJ4cDY5QT09
medmen.com/	1969-12-31 23:59:59	Name: TSce839be1027 Value: 08134aeec9ab2000c2cc3c45f1f7bc13f671c18cdbfc7ded0d07449d0f6ec042f9322123334f0ade08a747d40d11300048acc654e3a2d89c8e4a40ab99c27efe29a7d13576e61e0c58314a9e7f5e3e16166e189f9251c8bf48ce85c657baf092
medmen.com/	1969-12-31 23:59:59	Name: BUILD_NUMBER Value: 49808
.medmen.com/	1970-01-20 06:40:29	Name: _gat Value: 1
medmen.com/	1970-01-20 06:40:30	Name: ai_session Value: H5SU3\|1665629043115\|1665629045344
medmen.com/	1970-01-20 06:41:55	Name: LAST_HEADER_STORE Value: Los%20Angeles%20-%20DTLA%20(S.%20Broadway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

514012152.collect.igodigital.com
8869459.fls.doubleclick.net
acuityplatform.com
adservice.google.com
adservice.google.de
az416426.vo.msecnd.net
beacon.krxd.net
bk.adprimemedia.net
bs.serving-sys.com
cdn.contentful.com
cdn.krxd.net
consumer.krxd.net
dc.services.visualstudio.com
fonts.googleapis.com
images.ctfassets.net
insight.adsrvr.org
maps.googleapis.com
medmen.com
medmen.netmng.com
medmen.usablenet.com
nova.collect.igodigital.com
pixel-a.basis.net
pixel.mathtag.com
pixel.sitescout.com
pubads.g.doubleclick.net
script.hotjar.com
secure-ds.serving-sys.com
segment.prod.bidr.io
static.hotjar.com
stats.g.doubleclick.net
up.pixel.ad
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
107.162.232.205
13.32.27.54
143.204.215.65
151.101.114.49
151.101.130.133
151.101.194.133
154.59.122.74
169.47.214.218
172.217.18.6
178.79.242.181
18.214.218.48
193.0.160.33
2.18.233.201
2600:9000:214f:ba00:12:94b3:c380:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:800::2002
2a00:1450:4001:806::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c1b::9b
34.225.222.245
35.71.131.137
52.214.159.83
52.236.186.217
52.28.103.172
52.51.145.228
65.9.66.91
66.155.71.150
95.101.27.14
0299010fa4343141a7594d5cec7db707b346bcc368ea576006d5aab02134b4ce
03e84c07e868503beb81317859720a4578a366b6f5593207e39a57f3ba33b8e0
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0e8d74933941c5f4c66965bc03201feb1ed18ea7043381b1800312790b748ca3
126a469f2c88dab0c487aec6a4cfd637d49286c454cfa3e262113c78e54f2625
1c16eab81de9135313e30f36ea0413693b0e94f53f37d28cf7452a9360ca8c12
1d1ef128acbbfdc0850ab9a1d26fcb6e2b01c6dc85777b73e98d8162699885fe
1eb5a28919967c713f79430f3d4ca950ff1c79072ce4806a552ca11c221042ec
21d7fc503db5e58915ced447c70c1743ae04ba01b5114c67bef1ea89d082653a
2335ec3d5694098dfddc832d91d36bf09028bc916e78743059411ba00b1c53c0
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2984c3ba392dc9504b5ffb2c6626852dea7a71c5e1196bcbec4127ca1978d7e5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3926074008346284c065b1a4b104f00f2253468fa024b9ed4d8f0f01c16f1511
392d444ec1716b26a509753ba295c253dae2afb791a3513cd13ac799d5650554
396ce957bfecca4f7b13f625e4636663b13c341989e04e526e29931d9f871254
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
488b605296cae89f86ef1f7c02000d9bc53a59f0d50760289c2c4b1a705f1811
48f15b53d21b43ca1bbdd33f3439c0d1c2b0fff4ff76e649f4738a89306e527e
4d399bfaa5c7094b8900ee5c7ad973949763deff94c8bc1d5381a3b1e3cb34d3
510559c471361a46e15b4c55cc6890d4157b63d6e735af8ce628db9caf1ea990
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
55df69f1421400dfd2e26fe0eee4066ec286f342d562a77a8f80e3a3d18a1401
67945f239be12624d8f67a31a6743530bde14f078cd6a2a07eda0dc1d7681c01
6a6d4824e6def41b36e70379f1ff05bb76973a230edfffe7e24f37744bdf4d80
6a8a4f512f8e31acb546d771fd89edc7739e42d7648cf2c967948f01b90f23c0
6ccde8596638d69f2e402159c04f6262e28c2f3752e273946a93ca5266bd8e10
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f
73ddca1d5c05c6cc15bafa1e66f73de96d9768271e9b7c85d39b055665761d23
769e4e838034e05d5ec90c655dfec2600cab746d9b727a1dd5599b9e84a1c27b
77011865eb33d5bd4b1c16353d1e810a70afbc20afaffe8c9e860a912db3e0f3
7bccbf4fac8c424d82fcdcf7cce8771cafd3d205591d7195a27d91e62002c4c2
7c1d2644d6cdb3e55150b1032af04d8f1f73588ac3cef941225104ba101d7a35
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
8098b1725a46dd6f73f2ab4b83460074c685d4293800962b9b3cab3d5baf5196
847ced341e460ec43012f8c38c591165bac938facc323f54837722e9c7f0a3b7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8806e8d06a794504a045a6323a70be887485ff71a2509ea5edaa0e5b82d22cc2
88611d2586ceee667592bf2ea0177f402ce0d62e704e05ee2c49692c4d056729
897956186ac43cefcb48717a28c1e75c4ca72a6f32563c3243c9d15e4d273d5c
8cf2c7d8af5c7956d251f5e8f2da1cf4b4b1caae90c833fe0975b14c1d55b0e6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e727dbf54f63c36592eea21725f4b4f870120cd825f2046732d99df5ae98799
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9d9e3ba3e9fb4d819be63139f0b2bbc2d3781ee07188945de9c641a039faa85b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1454f94371ba5d171b5e0460fc61d78f5744c1ad229f7e28470319506a9b544
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b02e2d78209325f7d74120d554a8c9e8350e508d99f5053e85daccd792f28acd
b1ce6ee9230efeb04a3e32ac6d6e564ea192399e6b1e815c516a895e27a3817f
b1d75085991d82b73c1cdc9d3f6327738a24e3325c37cb8973e85dab1ced38c8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b63c729cbabbefcab2bb40ba388e90ced9ea85386d97df723efb5811b07fe8f1
b65f633aea7131a659841b62fef2e8b2bc197d817eea62167f791d96b0ee4759
b69e30289715aeff61f0e88e1ae3d6dec6d5899142385f99920c20969d024b66
b7844d240d400c2e9c62cf3ec3a2381ced604a9a3d99793399a8ca315efad7ad
bb7588d0d2bb57a8e0de0fb5cf5dde4fc1bb6ff8bc2047603a92289c99311bab
bf7952a6fd01124941dc6fb60d86de951edbb1df3b2190ca95fb112c463e4445
c18e23c034ab18d4712bb92c6420c48968309a28d4799303ef350b4f48b75eee
c6ce1b075399309e341fbaac153a1453af5b95c9cc1ef0bf3b5d9c922d067f5f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9389308a294f1aa4b8e85da093d2fb1e86f89688a1cf39b5983e0d8d6ecb86
cf65d62fb3ec5362f85dd40c33c764080ccc48bcdf53966998b8f01c7383819c
cfd831da814fcc5c4d4539f774c5d1a025e3d315f1d1f3615ced2b9a3b967c7f
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d
d4147e3e871c613942d59094658cb7ebd07d11dc339f6bcd9230126ebf438461
d57b8fbc5f90f3a703c3d39f9398fb84c57497cc2f17c23a974a6abbb0e54fae
dae23cdaecef04da336a0145738bf29f537f3d55005cb70f4909819bd0c8baa3
daf8570a19fd2adf99c6ad2704af079de87f8236253820a02d1d2e94c0c9c9e7
dbade9fc7804fdde4df09f2347a3e8963b8372080a72168c072a8e1785720787
dc3abfa81bf126b2f141735f1c0f78feb649ce3d483a216a5245766ff243ad10
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0b34d30508f5290750b9a385c7ec1f711b51d73ef3b8ce38d94a55a6c429907
e2928858da99fb4e62826a3ae19a8d26d7e7209c35ac928235ce188f7652d794
e2e10acb73873567d8a4953e52f9d1fae7121d620cd04a065018b97bd3893dc2
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4422e1544e5a7cdfab731872c8631919ce964a684b529298b57ce187842d879
e65151d8b191ecdee650118921d3b09ec652545f0c3c1836b0d690a327385da0
e90f0012a362fb14430780526b9e402aba14f7b6dbc75fd2efbf616e06fb7550
ec5e8bed881ff353262f240dbde1c2061ac7344a41031db2fdd5ccf69ef604f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1573ac0cfb177615d94920b035a8c7edcdb2f389b5a4edc29f75b89bd9251e2
f67fad2dd7e776266c41833db8c19f6dc97b0e8de3ee5772b76aaf12324d5b1d
ff90cc4ac0935612385a6962684ec5b4c94efb7607357dcd93d3b0147932d76c

medmen.com Open in urlscan Pro 107.162.232.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

97 %HTTPS

37 %IPv6

25 Domains

37 Subdomains

34 IPs

6 Countries

2867 kBTransfer

8976 kBSize

31 Cookies

0 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

medmen.com Open in urlscan Pro
107.162.232.205 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

97 %
HTTPS

37 %
IPv6

25
Domains

37
Subdomains

34
IPs

6
Countries

2867 kB
Transfer

8976 kB
Size

31
Cookies

125 HTTP transactions
0 data transactions