www.newseasonsmarket.com Open in urlscan Pro
44.240.23.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newseasonsmarket.com/
Effective URL:
https://www.newseasonsmarket.com/
Submission: On September 01 via manual (September 1st 2021, 10:04:39 am UTC) from GB

Summary HTTP 167 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 72 IPs in 7 countries across 63 domains to perform 167 HTTP transactions. The main IP is 44.240.23.106, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.newseasonsmarket.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 18th 2020. Valid for: 2 years.

This is the only time www.newseasonsmarket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	44.240.23.106 44.240.23.106	16509 (AMAZON-02) (AMAZON-02)
21	2600:9000:224... 2600:9000:2240:9000:f:4d5a:3340:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:252f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f449	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 3	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2 7	2a02:26f0:6c0... 2a02:26f0:6c00::210:bac8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28c::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
1	206.81.5.96 206.81.5.96	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 1	38.68.201.139 38.68.201.139	174 (COGENT-174) (COGENT-174)
8 8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	38.67.14.225 38.67.14.225	174 (COGENT-174) (COGENT-174)
2 5	52.30.200.197 52.30.200.197	16509 (AMAZON-02) (AMAZON-02)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1	52.55.91.197 52.55.91.197	14618 (AMAZON-AES) (AMAZON-AES)
2	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
1	13.32.120.62 13.32.120.62	16509 (AMAZON-02) (AMAZON-02)
3	193.0.160.49 193.0.160.49	54312 (ROCKETFUEL) (ROCKETFUEL)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223c:5c00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.209.200.15 18.209.200.15	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:aef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.111 18.66.112.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3 8	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	34.197.168.203 34.197.168.203	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.112.109 18.66.112.109	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
13 18	34.253.133.188 34.253.133.188	16509 (AMAZON-02) (AMAZON-02)
1 4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	199.232.80.84 199.232.80.84	54113 (FASTLY) (FASTLY)
3 7	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1 4	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2600:1f18:612... 2600:1f18:612b:4200:3aa:8894:1069:c551	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.158.92.16 18.158.92.16	16509 (AMAZON-02) (AMAZON-02)
2	54.171.152.112 54.171.152.112	16509 (AMAZON-02) (AMAZON-02)
2 5	3.64.144.49 3.64.144.49	16509 (AMAZON-02) (AMAZON-02)
2 4	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.120.90.180 3.120.90.180	16509 (AMAZON-02) (AMAZON-02)
1 2	13.32.121.105 13.32.121.105	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	3.93.127.70 3.93.127.70	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2 4	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 3	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 5	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.27 151.101.13.27	54113 (FASTLY) (FASTLY)
16 22	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2	13.32.121.108 13.32.121.108	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1	3.228.45.187 3.228.45.187	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.209.129.133 52.209.129.133	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
167	72

14 44.240.23.106 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-23-106.us-west-2.compute.amazonaws.com

newseasonsmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.newseasonsmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:2240:9000:f:4d5a:3340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.newseasonsmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:252f (United States)

ASN13335 (CLOUDFLARENET, US)

js.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f449 (United States)

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

5295329.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00::210:bac8 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28c::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.81.5.96 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: dev9.fw2.xt.com.tr

www.mnixpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.68.201.139 (United States) 1 redirects

ASN174 (COGENT-174, US)

mpp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.67.14.225 (United States) 1 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.30.200.197 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-200-197.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.91.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-91-197.compute-1.amazonaws.com

bidagent.xad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.120.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-120-62.fra60.r.cloudfront.net

media-cdn.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.49 (United States)

ASN54312 (ROCKETFUEL, US)

newseasons.netmng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gcm.netmng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5c00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.209.200.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:aef (United States)

ASN13335 (CLOUDFLARENET, US)

geoip-js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 193.0.160.128 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

20826659p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20820827p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.168.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-168-203.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.109 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.253.133.188 (Dublin, Ireland) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.80.84 (Marseille, France)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.220.241 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:3aa:8894:1069:c551 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.92.16 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-92-16.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.152.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-152-112.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.64.144.49 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-144-49.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.184.216.10 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.90.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-90-180.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-105.fra60.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.127.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-127-70.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.249 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.39 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.99.6 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 159.253.128.183 (Amsterdam, Netherlands) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-108.fra60.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.45.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-45-187.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.129.133 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	newseasonsmarket.com 1 redirects newseasonsmarket.com www.newseasonsmarket.com cdn.newseasonsmarket.com	2 MB
25	adroll.com 15 redirects s.adroll.com d.adroll.com	32 KB
24	simpli.fi 16 redirects i.simpli.fi um.simpli.fi	14 KB
15	doubleclick.net 10 redirects 5295329.fls.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	4 KB
10	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	9 KB
8	rfihub.com 3 redirects 20826659p.rfihub.com a.rfihub.com p.rfihub.com 20820827p.rfihub.com	11 KB
5	openx.net 2 redirects us-u.openx.net	851 B
5	bidswitch.net 2 redirects x.bidswitch.net	2 KB
5	demdex.net 2 redirects dpm.demdex.net	4 KB
4	tapad.com 2 redirects pixel.tapad.com	2 KB
4	lijit.com 2 redirects ce.lijit.com	2 KB
4	eyeota.net 2 redirects ps.eyeota.net	2 KB
4	spotxchange.com 2 redirects sync.search.spotxchange.com	2 KB
4	pinterest.com ct.pinterest.com	1 KB
4	facebook.com 1 redirects www.facebook.com	345 B
4	google.com 2 redirects adservice.google.com www.google.com fcmatch.google.com	1 KB
3	advertising.com 2 redirects pixel.advertising.com	793 B
3	exelator.com 1 redirects loadm.exelator.com	2 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com	1 KB
3	yahoo.com ads.yahoo.com ups.analytics.yahoo.com	2 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com	3 KB
3	rubiconproject.com pixel.rubiconproject.com	717 B
3	bluekai.com 1 redirects stags.bluekai.com tags.bluekai.com	2 KB
3	google.de www.google.de adservice.google.de	1 KB
3	facebook.net connect.facebook.net	200 KB
3	netmng.com newseasons.netmng.com gcm.netmng.com tradedesk2waycm.netmng.com Failed	7 KB
3	ipredictive.com media-cdn.ipredictive.com ad.ipredictive.com	9 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	cloudflare.com cdnjs.cloudflare.com	11 KB
2	nr-data.net bam.nr-data.net	469 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	pro-market.net 2 redirects fei.pro-market.net	877 B
2	intentiq.com sync.intentiq.com
2	3lift.com 1 redirects eb2.3lift.com	738 B
2	pubmatic.com image2.pubmatic.com simage2.pubmatic.com	888 B
2	rezync.com 1 redirects live.rezync.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	607 B
2	krxd.net beacon.krxd.net	675 B
2	agkn.com 1 redirects aa.agkn.com	558 B
2	tremorhub.com partners.tremorhub.com simplifi.partners.tremorhub.com	365 B
2	postrelease.com jadserve.postrelease.com	853 B
2	mxptint.net 2 redirects mpp.mxptint.net aep.mxptint.net	1 KB
2	pinimg.com s.pinimg.com	18 KB
1	googleadservices.com 1 redirects www.googleadservices.com	651 B
1	bfmio.com sync.bfmio.com	421 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	taboola.com sync.taboola.com	221 B
1	outbrain.com sync.outbrain.com	477 B
1	rtactivate.com bpi.rtactivate.com	109 B
1	youtube.com fcmatch.youtube.com	546 B
1	serving-sys.com bs.serving-sys.com	105 B
1	media.net contextual.media.net	696 B
1	addthis.com x.dlx.addthis.com	191 B
1	geoip-js.com geoip-js.com	367 B
1	rfihub.net c1.rfihub.net	6 KB
1	xad.com bidagent.xad.com	341 B
1	turn.com r.turn.com	407 B
1	mnixpixel.com www.mnixpixel.com	287 B
1	myfonts.net hello.myfonts.net	154 B
1	maxmind.com js.maxmind.com	2 KB
1	googletagmanager.com www.googletagmanager.com	69 KB
0	vmmpxl.com Failed secfld.vmmpxl.com Failed
167	63

	Domain	Requested by
22	um.simpli.fi	16 redirects
21	cdn.newseasonsmarket.com	www.newseasonsmarket.com cdn.newseasonsmarket.com
18	d.adroll.com	13 redirects s.adroll.com www.newseasonsmarket.com
13	www.newseasonsmarket.com	www.newseasonsmarket.com cdn.newseasonsmarket.com
8	cm.g.doubleclick.net	8 redirects
7	ib.adnxs.com	3 redirects www.newseasonsmarket.com
7	s.adroll.com	2 redirects www.googletagmanager.com www.newseasonsmarket.com s.adroll.com
5	us-u.openx.net	2 redirects www.newseasonsmarket.com
5	x.bidswitch.net	2 redirects www.newseasonsmarket.com
5	p.rfihub.com	2 redirects www.newseasonsmarket.com
5	dpm.demdex.net	2 redirects www.newseasonsmarket.com
4	pixel.tapad.com	2 redirects www.newseasonsmarket.com
4	ce.lijit.com	2 redirects www.newseasonsmarket.com
4	ps.eyeota.net	2 redirects www.newseasonsmarket.com
4	sync.search.spotxchange.com	2 redirects www.newseasonsmarket.com
4	ct.pinterest.com	s.pinimg.com www.newseasonsmarket.com
4	www.facebook.com	1 redirects www.newseasonsmarket.com
3	pixel.advertising.com	2 redirects www.newseasonsmarket.com
3	loadm.exelator.com	1 redirects www.newseasonsmarket.com
3	secure.adnxs.com	1 redirects www.newseasonsmarket.com
3	idsync.rlcdn.com	1 redirects www.newseasonsmarket.com
3	dsum-sec.casalemedia.com	1 redirects www.newseasonsmarket.com
3	pixel.rubiconproject.com	www.newseasonsmarket.com
3	connect.facebook.net	www.newseasonsmarket.com connect.facebook.net
3	5295329.fls.doubleclick.net	1 redirects www.googletagmanager.com www.newseasonsmarket.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.newseasonsmarket.com
3	cdnjs.cloudflare.com	www.newseasonsmarket.com
2	bam.nr-data.net	js-agent.newrelic.com
2	bcp.crwdcntrl.net	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com
2	eb2.3lift.com	1 redirects www.newseasonsmarket.com
2	live.rezync.com	1 redirects c1.rfihub.net
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	www.newseasonsmarket.com
2	aa.agkn.com	1 redirects www.newseasonsmarket.com
2	ads.yahoo.com	www.newseasonsmarket.com
2	stags.bluekai.com	1 redirects
2	ad.ipredictive.com	www.newseasonsmarket.com
2	www.google.de	www.newseasonsmarket.com
2	www.google.com	1 redirects www.newseasonsmarket.com
2	jadserve.postrelease.com	www.newseasonsmarket.com
2	newseasons.netmng.com	www.newseasonsmarket.com newseasons.netmng.com
2	i.simpli.fi	www.googletagmanager.com i.simpli.fi
2	pubads.g.doubleclick.net	www.newseasonsmarket.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	sync.bfmio.com
1	simplifi.partners.tremorhub.com
1	js-agent.newrelic.com	www.newseasonsmarket.com
1	sync.taboola.com	www.newseasonsmarket.com
1	simage2.pubmatic.com	www.newseasonsmarket.com
1	sync.outbrain.com	www.newseasonsmarket.com
1	ups.analytics.yahoo.com	www.newseasonsmarket.com
1	tags.bluekai.com	www.newseasonsmarket.com
1	image2.pubmatic.com	www.newseasonsmarket.com
1	gcm.netmng.com	www.newseasonsmarket.com
1	20820827p.rfihub.com	1 redirects
1	bpi.rtactivate.com	www.newseasonsmarket.com
1	fcmatch.youtube.com	www.newseasonsmarket.com
1	fcmatch.google.com	1 redirects
1	bs.serving-sys.com	www.newseasonsmarket.com
1	contextual.media.net	www.newseasonsmarket.com
1	partners.tremorhub.com	www.newseasonsmarket.com
1	x.dlx.addthis.com	www.newseasonsmarket.com
1	a.rfihub.com	www.newseasonsmarket.com
1	adservice.google.de	adservice.google.com
1	vars.hotjar.com	static.hotjar.com
1	20826659p.rfihub.com	c1.rfihub.net
1	adservice.google.com	5295329.fls.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	geoip-js.com	js.maxmind.com
1	c1.rfihub.net	www.newseasonsmarket.com
1	media-cdn.ipredictive.com	www.googletagmanager.com
1	bidagent.xad.com	www.newseasonsmarket.com
1	r.turn.com	www.newseasonsmarket.com
1	aep.mxptint.net	1 redirects
1	mpp.mxptint.net	1 redirects
1	www.mnixpixel.com	www.newseasonsmarket.com
1	static.hotjar.com	www.googletagmanager.com
1	hello.myfonts.net	cdn.newseasonsmarket.com
1	js.maxmind.com	www.newseasonsmarket.com
1	www.googletagmanager.com	www.newseasonsmarket.com
1	newseasonsmarket.com	1 redirects
0	tradedesk2waycm.netmng.com Failed	www.newseasonsmarket.com
0	secfld.vmmpxl.com Failed	www.googletagmanager.com
167	88

This site contains links to these domains. Also see Links.

Domain
instacart.newseasonsmarket.com
orders.newseasonsmarket.com
www.grubhub.com
reservation.newseasonsmarket.com
www.instagram.com
cdn.newseasonsmarket.com
thepantry.newseasonsmarket.com
www.facebook.com
twitter.com
instagram.com
www.bcorporation.net

Subject Issuer	Validity	Valid
*.newseasonsmarket.com DigiCert SHA2 Secure Server CA	`2020-03-18` - `2022-06-08`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.maxmind.com Sectigo RSA Organization Validation Secure Server CA	`2020-10-07` - `2021-11-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
adroll.com R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.mnixpixel.com R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
bidagent.xad.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ipredictive.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.netmng.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-04` - `2022-02-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-06-11` - `2021-09-09`	3 months	crt.sh
*.rfihub.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-10` - `2022-02-10`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-16` - `2021-10-06`	2 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.eyeota.net R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2022-01-19`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-05` - `2022-06-06`	a year	crt.sh
*.intentiq.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 7 frames:

Primary Page: https://www.newseasonsmarket.com/
Frame ID: A97324BC05B907A6DCCC9F9B9DD6D65E
Requests: 141 HTTP requests in this frame

Frame: https://5295329.fls.doubleclick.net/activityi;dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F
Frame ID: A91B854CE92EB21155F4DA08F937DA83
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F
Frame ID: B2115B2BC76551978B3EBA333D558FE2
Requests: 1 HTTP requests in this frame

Frame: https://20826659p.rfihub.com/ca.html?ver=9&rb=42379&ca=20826659&_o=42379&_t=20826659&pe=https%3A%2F%2Fwww.newseasonsmarket.com%2F&pf=&ra=634130190986208
Frame ID: A0DA862EDC1D51AFF1166E859A170A55
Requests: 21 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 3BA824BBCB7F7F28842C56D2E20415D3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F
Frame ID: E0F99AD39643449E9219A779F306BCBC
Requests: 1 HTTP requests in this frame

Frame: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=89963278be525df10d09c83dbc6148a2&k=site&ver=9&pe=https%3A%2F%2Fwww.newseasonsmarket.com%2F&pf=
Frame ID: CB640B719DA1BEEB022CB265C3DD5B77
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Seasons Market New Seasons Market | Grocery Stores in the Portland Metro areaPlusPlusPlusPlusPlus

Page URL History Show full URLs

http://newseasonsmarket.com/ HTTP 301
https://www.newseasonsmarket.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

167
Requests

99 %
HTTPS

32 %
IPv6

63
Domains

88
Subdomains

72
IPs

7
Countries

2301 kB
Transfer

4293 kB
Size

0
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://instacart.newseasonsmarket.com/store
Title: Instacart

Search URL Search Domain Scan URL

URL: http://orders.newseasonsmarket.com/?storeid=NSMHPVLY
Title: Happy Valley

Search URL Search Domain Scan URL

URL: http://orders.newseasonsmarket.com/?storeid=NSMWDSTK
Title: Woodstock

Search URL Search Domain Scan URL

URL: https://instacart.newseasonsmarket.com/
Title: Instacart

Search URL Search Domain Scan URL

URL: https://www.grubhub.com/
Title: Grubhub

Search URL Search Domain Scan URL

URL: https://reservation.newseasonsmarket.com/
Title: Shop Reservations

Search URL Search Domain Scan URL

URL: https://instacart.newseasonsmarket.com/store/new-seasons-market/storefront
Title: Save on Instacart Order Online >

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CTQf18SDZnN/
Title: Women-owned @nomenwine in Newberg, OR combines the

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CTFO_ZbtlPI/
Title: When avocados from Morro Bay, CA grace us with the

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CTDp7X9tqrd/
Title: How does winning a $150 Instacart gift card sound?

Search URL Search Domain Scan URL

URL: https://cdn.newseasonsmarket.com/wp-content/uploads/2020/09/NSM_impact_2019_Finalsmall.pdf
Title: Our Impact Report

Search URL Search Domain Scan URL

URL: https://thepantry.newseasonsmarket.com/
Title: Staff Portal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NewSeasonsMarket
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/newseasons
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/newseasonsmarket
Title:

Search URL Search Domain Scan URL

URL: http://www.bcorporation.net/
Title: Logo of the BCORP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newseasonsmarket.com/ HTTP 301
https://www.newseasonsmarket.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://5295329.fls.doubleclick.net/activityi;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F HTTP 302
https://5295329.fls.doubleclick.net/activityi;dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F

Request Chain 31

https://mpp.mxptint.net/2/26331/?rnd=%n&gtmcb=2016729419 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjM1Q0FBX0UyQjk2NjhEXzUyODM2MA%3D%3D HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CAA_E2B9668D_528360&redir=https://aep.mxptint.net/sn.ashx?ak=1

Request Chain 49

https://s.adroll.com/j/exp/I2HEGJOMNZHW7IKBWOY3FS/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 50

https://s.adroll.com/j/pre/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 77

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3NTgxOTYyMjM3MDIyMzM4Nw==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOPb9sOxm2eJumVqOuEmUj4&google_cver=1

Request Chain 78

https://ib.adnxs.com/setuid?entity=18&code=1875819622370223387 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1875819622370223387

Request Chain 79

https://stags.bluekai.com/site/4722?id=1875819622370223387&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 81

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1875819622370223387&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1875819622370223387&redir=

Request Chain 82

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819622370223387&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819622370223387&forward=&C=1

Request Chain 86

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819622370223387&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819622370223387&img=1&__user_check__=1&sync_id=f6800316-0b0b-11ec-8106-14e583300306

Request Chain 90

https://x.bidswitch.net/sync?dsp_id=119&user_id=1875819622370223387&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1875819622370223387&expires=30

Request Chain 91

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=1875819622370223387&bid=omt9pi0 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=1875819622370223387&bid=omt9pi0

Request Chain 92

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YS9QIAAEIMeuOgBg HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YS9QIAAEIMeuOgBg&_test=YS9QIAAEIMeuOgBg

Request Chain 95

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1875819622370223387&referrer=https%3A%2F%2Fwww.newseasonsmarket.com%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=e45d8483-6453-4234-9568-a91f5c206b9a%3A1630490656.21&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3De45d8483-6453-4234-9568-a91f5c206b9a%253A1630490656.21 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=e45d8483-6453-4234-9568-a91f5c206b9a%3A1630490656.21 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQWhUSmhhUU1PQXRUQ2xta0piT21BcVJuTllDdzRKSGUtVDNZZzNHcUd6SQ==&google_cm&gdpr=1&gdpr_consent=CPLPDEMPLPDN_ADABCENBoCsAP_AAH_AAAAAGSIF5C5URCFD4GJsIJIUIAEXwFAAAGAgBgQBA4AACBCAEAwEkAAAEAAAIAAAAAAAIAIAAAAACAkAAAAAQIAAIQAAAAQAIAAAIAIACAAAEAAAAAgAAoAQEAAAAAAAAAAAgAAAAAYAQMkQLyFyoiEKGwMDQQCQoQAIigKAAAMBADAACBgAAECEAIBgJIAAAAAAAQAAAAAAAQAQAAAAAABIAAAAAgQAAQgAAAAgAQAAAQAQAEAAAIAAAABAABQAgAAAAAAAAAAABAAAAAAwAgAA.YAAAAAAAA4AA HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoofuMMwUwPT7YijtIWIAhaD6b_u2NIITo55KcrokZmhPJuqua-ZuC62szznvDHOplNHIM5WUgBst_FczOro_aLVNrXzTocHIFgV7dzmX0873f2IZZkzhbEUSmcsq5CsuORbtMRn6yb-wO0HdLHVXtIfve-8Qw HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoofuMMwUwPT7YijtIWIAhaD6b_u2NIITo55KcrokZmhPJuqua-ZuC62szznvDHOplNHIM5WUgBst_FczOro_aLVNrXzTocHIFgV7dzmX0873f2IZZkzhbEUSmcsq5CsuORbtMRn6yb-wO0HdLHVXtIfve-8Qw

Request Chain 97

https://20820827p.rfihub.com/ca.html?ver=9&rb=39985&ca=20820827&_o=39985&_t=20820827&pe=https%3A%2F%2Fwww.newseasonsmarket.com%2F&pf=&ra=6466610792721297 HTTP 302
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=89963278be525df10d09c83dbc6148a2&k=site&ver=9&pe=https%3A%2F%2Fwww.newseasonsmarket.com%2F&pf=

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=netmng&google_cm&google_sc&google_hm=ZHdkaWZ6Y2RjaHg1bw==&vid=dwdifzcdchx5o HTTP 302
https://gcm.netmng.com/?id=&vid=dwdifzcdchx5o&google_gid=CAESELxkHwwmiG9uK4s0y9xpOT0&google_cver=1

Request Chain 100

https://dpm.demdex.net/ibs:dpid=640&dpuuid=dwdifzcdchx5o HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=dwdifzcdchx5o

Request Chain 102

https://ib.adnxs.com/setuid?entity=72&code=dwdifzcdchx5o HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D72%26code%3Ddwdifzcdchx5o

Request Chain 103

https://secure.adnxs.com/mapuid?member=6928&user=dwdifzcdchx5o HTTP 307
https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Ddwdifzcdchx5o

Request Chain 107

https://ce.lijit.com/merge?pid=15&3pid=dwdifzcdchx5o&cb=1630490654 HTTP 302
https://ce.lijit.com/merge?pid=15&3pid=dwdifzcdchx5o&cb=1630490654&dnr=1

Request Chain 108

https://pixel.advertising.com/ups/55948/sync?uid=dwdifzcdchx5o&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55948/sync?uid=dwdifzcdchx5o&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55948/sync?uid=dwdifzcdchx5o&_origin=1&apid=UPf74df5fc-0b0b-11ec-8f0b-06a17173c662

Request Chain 109

https://x.bidswitch.net/sync?dsp_id=14&user_id=dwdifzcdchx5o&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=14&user_id=dwdifzcdchx5o&expires=30

Request Chain 110

https://us-u.openx.net/w/1.0/sd?id=537072967&val=dwdifzcdchx5o HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=dwdifzcdchx5o

Request Chain 111

https://ps.eyeota.net/match?bid=6bmpi0v&uid=dwdifzcdchx5o HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6bmpi0v&uid=dwdifzcdchx5o

Request Chain 113

https://match.adsrvr.org/track/cmf/generic?ttd_pid=su9xcof&ttd_tpi=1&ttd_puid=-1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=su9xcof&ttd_tpi=1&ttd_puid=-1 HTTP 302
https://tradedesk2waycm.netmng.com/cm/?buid=-1&id=22075fe1-47e5-40d2-98e1-f60ea3da4f3d

Request Chain 114

https://pixel.tapad.com/idsync/ex/receive?partner_id=3117&partner_device_id=dwdifzcdchx5o HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3117&partner_device_id=dwdifzcdchx5o

Request Chain 115

https://d.adroll.com/pixel/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&pv=99216798511.80453&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ/2XQNIR3ICZFI5PPTEHOKGH.js

Request Chain 119

https://d.adroll.com/cm/index/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&expiration=1662026655

Request Chain 120

https://d.adroll.com/cm/n/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&expires=365

Request Chain 121

https://d.adroll.com/cm/onevideo/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 122

https://d.adroll.com/cm/outbrain/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI

Request Chain 123

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 124

https://d.adroll.com/cm/taboola/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI

Request Chain 125

https://d.adroll.com/cm/triplelift/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 126

https://d.adroll.com/cm/r/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 127

https://d.adroll.com/cm/b/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI

Request Chain 128

https://d.adroll.com/cm/x/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI

Request Chain 130

https://d.adroll.com/cm/o/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=2eeb9ad1c6b5c25ae11d034af459852b

Request Chain 131

https://d.adroll.com/cm/g/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=Luua0ca1wlrhHQNK9FmFKw HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 133

https://www.facebook.com/tr/ HTTP 302
https://www.facebook.com/tr/?redirect=0

Request Chain 142

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=E139BAD690E84F0C8F5E4B222AB36EBA

Request Chain 143

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=E139BAD690E84F0C8F5E4B222AB36EBA HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E139BAD690E84F0C8F5E4B222AB36EBA

Request Chain 144

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=E139BAD690E84F0C8F5E4B222AB36EBA HTTP 302
https://um.simpli.fi/aa_px?sk=164950903896000130622

Request Chain 146

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=E139BAD690E84F0C8F5E4B222AB36EBA

Request Chain 149

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=E139BAD690E84F0C8F5E4B222AB36EBA;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=E139BAD690E84F0C8F5E4B222AB36EBA;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=6161421057984777275

Request Chain 150

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=E139BAD690E84F0C8F5E4B222AB36EBA&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=E139BAD690E84F0C8F5E4B222AB36EBA&j=0&xl8blockcheck=1

Request Chain 152

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=E139BAD690E84F0C8F5E4B222AB36EBA

Request Chain 153

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=E139BAD690E84F0C8F5E4B222AB36EBA

Request Chain 154

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=E139BAD690E84F0C8F5E4B222AB36EBA HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=E139BAD690E84F0C8F5E4B222AB36EBA

Request Chain 155

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=E139BAD690E84F0C8F5E4B222AB36EBA HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=E139BAD690E84F0C8F5E4B222AB36EBA&dnr=1

Request Chain 156

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=E139BAD690E84F0C8F5E4B222AB36EBA

Request Chain 157

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1630490661707&cv=7&fst=1630490661707&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1054249724&cv=7&fst=1630490661707&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=JVAvYeLEMKzN7_UPn9-VmA0&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1054249724&cv=7&fst=1630490661707&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JVAvYeLEMKzN7_UPn9-VmA0&cid=CAQSKQCNIrLM-pNUWU-YlADs2GJCuyrFg5Rdgl8ogMQ9d-hIP_Ww8Kic4_y8&random=947878827 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1054249724&cv=7&fst=1630490661707&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JVAvYeLEMKzN7_UPn9-VmA0&cid=CAQSKQCNIrLM-pNUWU-YlADs2GJCuyrFg5Rdgl8ogMQ9d-hIP_Ww8Kic4_y8&random=947878827&ipr=y

Request Chain 158

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=E139BAD690E84F0C8F5E4B222AB36EBA HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=E139BAD690E84F0C8F5E4B222AB36EBA&__user_check__=1&sync_id=fa9565a9-0b0b-11ec-9d51-191344880206

Request Chain 159

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=E139BAD690E84F0C8F5E4B222AB36EBA HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE139BAD690E84F0C8F5E4B222AB36EBA

Request Chain 160

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=E139BAD690E84F0C8F5E4B222AB36EBA&expires=365

Request Chain 161

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=E139BAD690E84F0C8F5E4B222AB36EBA HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=E139BAD690E84F0C8F5E4B222AB36EBA

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEMhcd3tC4-1kPAuEcZKI_ac&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E139BAD690E84F0C8F5E4B222AB36EBA HTTP 302
https://um.simpli.fi/g_match?id=

167 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.newseasonsmarket.com/
Redirect Chain

http://newseasonsmarket.com/
https://www.newseasonsmarket.com/

132 KB
35 KB

1375ms
961ms

Document
text/html

44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-23-106.us-west-2.compute.amazonaws.com

Software

nginx / PHP/7.2.24-1+ubuntu18.04.1+deb.sury.org+1

Resource Hash

2549f0e0b120c2975616dc642161929bbf3f47ee4a51df0e49af7342e557f070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://newleaf.com/
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.newseasonsmarket.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=LL/2IwQjhnQAVpyZLtt2XSigval1Dlmji50fRFTtzAXCu01pUX+zd586CzdcFg41tmkn/N9Zya+hpvpxkWKlCTLd2vrxIfcuSmleBzFRes/D+bz30YrDJCn+FzPf; Expires=Wed, 08 Sep 2021 10:04:13 GMT; Path=/ AWSALBCORS=LL/2IwQjhnQAVpyZLtt2XSigval1Dlmji50fRFTtzAXCu01pUX+zd586CzdcFg41tmkn/N9Zya+hpvpxkWKlCTLd2vrxIfcuSmleBzFRes/D+bz30YrDJCn+FzPf; Expires=Wed, 08 Sep 2021 10:04:13 GMT; Path=/; SameSite=None; Secure PHPSESSID=68e57673595a810dc26d6d3f5d38562e; path=/
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-1+ubuntu18.04.1+deb.sury.org+1
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.newseasonsmarket.com/wp-json/>; rel="https://api.w.org/" <https://www.newseasonsmarket.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://www.newseasonsmarket.com/>; rel=shortlink
x-xss-protection: 1; mode=block
x-frame-options: ALLOW-FROM https://newleaf.com/
x-content-type-options: nosniff
content-encoding: gzip

Redirect headers

Date: Wed, 01 Sep 2021 10:04:12 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Set-Cookie: AWSALB=EqyxWKmHYZhGeg463tBXggM6RC3zIHwZ3rKjiH1yVjk1IvozveOcl+lJ+xHpNyuIC3Gy81iICrxw4y/I6pFcTiCByUSKcf+a6hCwbcUx5nADtZn9qKaBOA5aSeus; Expires=Wed, 08 Sep 2021 10:04:12 GMT; Path=/ AWSALBCORS=EqyxWKmHYZhGeg463tBXggM6RC3zIHwZ3rKjiH1yVjk1IvozveOcl+lJ+xHpNyuIC3Gy81iICrxw4y/I6pFcTiCByUSKcf+a6hCwbcUx5nADtZn9qKaBOA5aSeus; Expires=Wed, 08 Sep 2021 10:04:12 GMT; Path=/; SameSite=None
Server: nginx
Location: https://www.newseasonsmarket.com/

GET
H2 200 modernizr-custom.js Show response
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/js/ 4 KB
2 KB 73ms
9ms Script
application/javascript 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/js/modernizr-custom.js
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fe3cd6e84a6d7193b9640c96ec1aa2c4dbf8211e52f44df5f4dabda72d1d4097

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 07:14:00 GMT
content-encoding: gzip
last-modified: Mon, 02 Aug 2021 16:00:11 GMT
server: nginx
age: 1911014
etag: W/"6108168b-1164"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: lwRVyegXBn5ppqsSlmhdPyjlu7oRtFcIroZVhYSN9PzXqA6Qg-jaKQ==
expires: Thu, 09 Sep 2021 07:14:00 GMT

GET
H2 200 admin-ajax.php
www.newseasonsmarket.com/wp-admin/ 133 KB
27 KB 558ms
555ms Stylesheet
text/css 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newseasonsmarket.com/wp-admin/admin-ajax.php?action=frmpro_css&ver=8122352

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-23-106.us-west-2.compute.amazonaws.com

Software

nginx / PHP/7.2.24-1+ubuntu18.04.1+deb.sury.org+1

Resource Hash

98ae4288a7547837ed8e809fd9f3f65ae608250874aad5dcc09f9e8bdc466219

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://newleaf.com/
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-admin/admin-ajax.php?action=frmpro_css&ver=8122352
pragma: no-cache
cookie: AWSALB=LL/2IwQjhnQAVpyZLtt2XSigval1Dlmji50fRFTtzAXCu01pUX+zd586CzdcFg41tmkn/N9Zya+hpvpxkWKlCTLd2vrxIfcuSmleBzFRes/D+bz30YrDJCn+FzPf; AWSALBCORS=LL/2IwQjhnQAVpyZLtt2XSigval1Dlmji50fRFTtzAXCu01pUX+zd586CzdcFg41tmkn/N9Zya+hpvpxkWKlCTLd2vrxIfcuSmleBzFRes/D+bz30YrDJCn+FzPf; PHPSESSID=68e57673595a810dc26d6d3f5d38562e
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
server: nginx
x-powered-by: PHP/7.2.24-1+ubuntu18.04.1+deb.sury.org+1
x-frame-options: SAMEORIGIN ALLOW-FROM https://newleaf.com/
content-type: text/css;charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: AWSALB=dtIX7jdw1mo4X1HtzPZ4qQkfgFxi1EbtWcvIP/vg1wP/i76r4UAPobKrlCK2QhWMpbhD6+gJCXIHZ4n49DTy23L1qGZYeKHCiqFSOEo/PHPSC5U+xdm+Zhwzo2U+; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/ AWSALBCORS=dtIX7jdw1mo4X1HtzPZ4qQkfgFxi1EbtWcvIP/vg1wP/i76r4UAPobKrlCK2QhWMpbhD6+gJCXIHZ4n49DTy23L1qGZYeKHCiqFSOEo/PHPSC5U+xdm+Zhwzo2U+; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/; SameSite=None; Secure
x-robots-tag: noindex
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 sbi-styles.min.css
cdn.newseasonsmarket.com/wp-content/plugins/instagram-feed/css/ 16 KB
3 KB 71ms
7ms Stylesheet
text/css 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.2
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 03:22:26 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 02:59:28 GMT
server: nginx
age: 369708
etag: W/"6125b210-41cd"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Rb1L4BTXaN4pXGKVwrsCHylVkx2nPgH4dA3KfBXyeqcLFafp4Grx-A==
expires: Mon, 27 Sep 2021 03:22:26 GMT

GET
H2 200 style.min.css
cdn.newseasonsmarket.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 77ms
15ms Stylesheet
text/css 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-includes/css/dist/block-library/style.min.css?ver=d804ca5e29d7413eda1b7c6c0fcce1ed
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 00:12:22 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 23:51:29 GMT
server: nginx
age: 1677112
etag: W/"6115b401-13abe"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: oOuBzcMVIpYfrfu2Y5merhxOu9XxuZpoUp5P1IilNHtyEOcV8IFYRw==
expires: Sun, 12 Sep 2021 00:12:22 GMT

GET
H2 200 style.css
cdn.newseasonsmarket.com/wp-content/themes/newseasons/ 236 KB
37 KB 78ms
15ms Stylesheet
text/css 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0275adb25bfaff83e5f44c38ee268b6d9802dda2622d2346bc04372cea65cdce

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 06:03:30 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 02:59:30 GMT
server: nginx
age: 100844
etag: W/"6125b212-3af50"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 0YeqnHO4nPzw_r2-21q9J03bFlF12-IS30xBhbzJKY5-O6lecKEzhw==
expires: Thu, 30 Sep 2021 06:03:30 GMT

GET
H2 200 fullcalendar.css
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/js/fullcalendar-2.4.0/ 24 KB
7 KB 71ms
8ms Stylesheet
text/css 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/js/fullcalendar-2.4.0/fullcalendar.css?etag=1&ver=1629860369
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fef8247223ba9416f62689683488147b54ae56fbd8cfbb72327453b7126aabcd

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 03:09:30 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 02:59:29 GMT
server: nginx
age: 629684
etag: W/"6125b211-5f89"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 7Bn-ipYvXhqAIo6uhiB7SdpE4fWaAMKN1LkfiCd3kyGxkNZ3ZQWgyA==
expires: Fri, 24 Sep 2021 03:09:30 GMT

GET
H2 200 jquery.min.js Show response
cdn.newseasonsmarket.com/wp-includes/js/jquery/ 87 KB
31 KB 75ms
13ms Script
application/javascript 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 16:06:47 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 19:10:01 GMT
server: nginx
age: 1447047
etag: W/"6116c389-15db1"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: NRm_F7dEBvLzP_A6in4-ev_-SbNG6P28XclPWHkJFHE-l-suwc81AQ==
expires: Tue, 14 Sep 2021 16:06:47 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdn.newseasonsmarket.com/wp-includes/js/jquery/ 11 KB
4 KB 71ms
9ms Script
application/javascript 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 00:12:22 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 23:51:29 GMT
server: nginx
age: 1677112
etag: W/"6115b401-2bd8"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ZX_NKr4kliWdWKB66qEUqNjrfiHWA-19uLsMXSIgOFr_gagrWUvk4Q==
expires: Sun, 12 Sep 2021 00:12:22 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
9 KB 18ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.newseasonsmarket.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 721858
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9283
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Trogc0T%2FLmqYGoNFPIMADdCIrZ3evxeWJpoX%2FgSLuCTbsIQifWbblVcpe0XAUK0pMfQJeA%2BxpcqjdPaPa3oP5dWarwNmVyL9gNkscoV%2FUl%2BgLpvphGaTuZqGZT3DDq5CulRgk8dY62xvc6dcZ7oE2E%2Bf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 687dac5b3c864dd6-FRA
expires: Mon, 22 Aug 2022 10:04:13 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 1 KB
785 B 14ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.newseasonsmarket.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3468522
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 394
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38WFfu9MOZZrv8N6XqyAVWsdR71AYqBQteNKcmHnSOwwsNd7ySnBzOkIu%2BDyPwfaFGm%2FB806mLvl8tH0%2FFTDeGfJphTkUunh%2FI6Fb0Pv%2F2RTP8FW%2F9CFv18CqWuq1hCA8ccCgbSdxQCohRRCdm4Wk4ky"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 687dac5b3c824dd6-FRA
expires: Mon, 22 Aug 2022 10:04:13 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 2 KB
976 B 24ms
23ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.newseasonsmarket.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 720436
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 657
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmqre3D9JJutanSadcsBLbOX%2FzP7xVCelZZbqlqCq4eLSjosqzX8bYKFhVwtMAG%2FSMmCvw8mVji7jojuXp17RiJw2oTR8rV2tIU50VXwlDvPNb%2BBLw6p0baTXjbwJL%2FJPYXnowNJyWkMoXV4PcuedYQM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 687dac5b3c844dd6-FRA
expires: Mon, 22 Aug 2022 10:04:13 GMT

GET
H2 200 logo-newseasons.svg
www.newseasonsmarket.com/wp-content/themes/newseasons/lib/img/logos/ 4 KB
2 KB 184ms
184ms Image
image/svg+xml 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newseasonsmarket.com/wp-content/themes/newseasons/lib/img/logos/logo-newseasons.svg
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-23-106.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f7d249255cb20736bc87b3399d5a5ae40ff9363f759d759042d04ccca863e47b

Request headers

:path: /wp-content/themes/newseasons/lib/img/logos/logo-newseasons.svg
pragma: no-cache
cookie: AWSALB=LL/2IwQjhnQAVpyZLtt2XSigval1Dlmji50fRFTtzAXCu01pUX+zd586CzdcFg41tmkn/N9Zya+hpvpxkWKlCTLd2vrxIfcuSmleBzFRes/D+bz30YrDJCn+FzPf; AWSALBCORS=LL/2IwQjhnQAVpyZLtt2XSigval1Dlmji50fRFTtzAXCu01pUX+zd586CzdcFg41tmkn/N9Zya+hpvpxkWKlCTLd2vrxIfcuSmleBzFRes/D+bz30YrDJCn+FzPf; PHPSESSID=68e57673595a810dc26d6d3f5d38562e
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 02:59:29 GMT
server: nginx
etag: W/"6125b211-edb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
set-cookie: AWSALB=oLB7qeWO1kDBmZszm+CbeNJJJ0WLX8yCXyW50GL9ifSrAuV5YiR8iBVJ8obsqn6451A7FRApcFqtZwL+tPjknBuhdJlv8SpVeno9ABwYRoaz4chLaDuy/T/SIws0; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/ AWSALBCORS=oLB7qeWO1kDBmZszm+CbeNJJJ0WLX8yCXyW50GL9ifSrAuV5YiR8iBVJ8obsqn6451A7FRApcFqtZwL+tPjknBuhdJlv8SpVeno9ABwYRoaz4chLaDuy/T/SIws0; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/; SameSite=None; Secure
expires: Fri, 01 Oct 2021 10:04:14 GMT

GET
H2 200 placeholder.png
cdn.newseasonsmarket.com/wp-content/plugins/instagram-feed/img/ 176 B
556 B 8ms
7ms Image
image/png 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newseasonsmarket.com/wp-content/plugins/instagram-feed/img/placeholder.png
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 08:49:21 GMT
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
last-modified: Mon, 02 Aug 2021 16:00:14 GMT
server: nginx
age: 1905293
etag: "6108168e-b0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 176
x-amz-cf-id: B4e_JSDBJQ6LLkbCwcxDnH8O2UmbX7JTCttty-qeUV5xXh5HuPBi1Q==
expires: Thu, 09 Sep 2021 08:49:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 235 KB
69 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLHSJ3

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4230b9972f82da961aae519e85ccf8699f3a30a111ec835a926dffbe526f0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70068
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 10:04:14 GMT

GET
H2 200 sbi-scripts.min.js Show response
cdn.newseasonsmarket.com/wp-content/plugins/instagram-feed/js/ 26 KB
8 KB 8ms
7ms Script
application/javascript 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.2
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 25ea523d2867c1c5a6e150aa0b4df05d77a1a97c5256061dfbfc32d45743be79

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 00:12:22 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 23:51:32 GMT
server: nginx
age: 1677112
etag: W/"6115b404-6648"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: v_YJ6mvUusyZIiHkhXX2TDIHnV2IZzkkemNz97oK7UKHqqLBBF98kQ==
expires: Sun, 12 Sep 2021 00:12:22 GMT

GET
H2 200 arrow-subscribe.svg
www.newseasonsmarket.com/wp-content/themes/newseasons/lib/img/greenarrows/ 38 KB
14 KB 187ms
187ms Image
image/svg+xml 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newseasonsmarket.com/wp-content/themes/newseasons/lib/img/greenarrows/arrow-subscribe.svg
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-23-106.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: c02a2fa7cfd620d8e266d1134f16f2b47813d1718f879a8fd56a130f71b6cdb6

Request headers

:path: /wp-content/themes/newseasons/lib/img/greenarrows/arrow-subscribe.svg
pragma: no-cache
cookie: AWSALB=oLB7qeWO1kDBmZszm+CbeNJJJ0WLX8yCXyW50GL9ifSrAuV5YiR8iBVJ8obsqn6451A7FRApcFqtZwL+tPjknBuhdJlv8SpVeno9ABwYRoaz4chLaDuy/T/SIws0; AWSALBCORS=oLB7qeWO1kDBmZszm+CbeNJJJ0WLX8yCXyW50GL9ifSrAuV5YiR8iBVJ8obsqn6451A7FRApcFqtZwL+tPjknBuhdJlv8SpVeno9ABwYRoaz4chLaDuy/T/SIws0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 02:59:29 GMT
server: nginx
etag: W/"6125b211-9821"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
set-cookie: AWSALB=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/ AWSALBCORS=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/; SameSite=None; Secure
expires: Fri, 01 Oct 2021 10:04:14 GMT

GET
H2 200 compiled.min.js Show response
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/js/ 492 KB
151 KB 7ms
7ms Script
application/javascript 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/js/compiled.min.js?etag=1&ver=1629860369
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b44faa96de6df1206b804761538ee09fa32530ad34e694dbf24d1b99f8d46f8

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 03:09:30 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 02:59:29 GMT
server: nginx
age: 629684
etag: W/"6125b211-7af64"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: vVg8pyvmhjB7cYujtdF5k0dA_xiweNYOent6zYXtFpswF4OS1oF-ug==
expires: Fri, 24 Sep 2021 03:09:30 GMT

GET
H2 200 geoip2.js Show response
js.maxmind.com/js/apis/geoip2/v2.1/ 3 KB
2 KB 53ms
26ms Script
application/javascript 2606:4700::6810:252f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js?ver=1.0
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:252f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fe5fb2d025e0a2a028376783078622313bb93ec4a64cae7a8f6c0463507b2b1

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 19:42:34 GMT
server: cloudflare
age: 1462
etag: W/"612e862a-d69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 687dac5c4b294eaf-FRA
expires: Wed, 01 Sep 2021 22:04:14 GMT

GET
H2 200 jquery.qtip.js Show response
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/js/ 100 KB
31 KB 8ms
7ms Script
application/javascript 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/js/jquery.qtip.js?ver=d804ca5e29d7413eda1b7c6c0fcce1ed
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 96f1d145e94ac9465613acda7593d4070f6b50e6ad9a58d8154413a57ea0d935

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 00:12:23 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 23:51:34 GMT
server: nginx
age: 1677111
etag: W/"6115b406-190bb"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 66KgN2uKOoWt6OUimRINmmsqp4WxAlf_dP9T33iL31C4cCl4ySpJXw==
expires: Sun, 12 Sep 2021 00:12:23 GMT

GET
H2 200 page-home.js Show response
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/js/page/ 3 KB
1 KB 8ms
7ms Script
application/javascript 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/js/page/page-home.js?ver=1629860369
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9042deecce18d2dab675d21a95831a696327f912a19f3e608689bac5965af78d

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 04:37:38 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 02:59:29 GMT
server: nginx
age: 624396
etag: W/"6125b211-aad"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: gUhR2XWkeprucq2cxX9v9KpDadroX8AozSxLlGDCIm6qV76l1759fg==
expires: Fri, 24 Sep 2021 04:37:38 GMT

GET
H2 200 print.css
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/css/ 1 KB
912 B 8ms
7ms Stylesheet
text/css 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/css/print.css?etag=1&ver=1629860369
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ade9e8a4c54d9d3466d219dfbd5941f4f54a175b9da86ccc2cfa000458c619ff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 03:09:30 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 02:59:29 GMT
server: nginx
age: 629684
etag: W/"6125b211-4bf"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: njPk0BJEEtZM_VoPGT_gweZQCPs-Tw4-MLB-VAGCd5Km4bjKy2-2Sw==
expires: Fri, 24 Sep 2021 03:09:30 GMT

GET
H2 200 2f3cd9
hello.myfonts.net/count/ 0
154 B 39ms
22ms Stylesheet
text/css 2606:4700::6811:f449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/2f3cd9
Requested by: Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
server: cloudflare
age: 1
expect-ct: null
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 687dac5bd887d6f9-FRA
content-length: 0
expires: Thu, 01 Sep 2022 10:04:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLHSJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1915
date: Wed, 01 Sep 2021 09:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 01 Sep 2021 11:32:19 GMT

GET
H3-29

200

activityi;dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F Show response
5295329.fls.doubleclick.net/ Frame A91B
Redirect Chain

https://5295329.fls.doubleclick.net/activityi;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F?
https://5295329.fls.doubleclick.net/activityi;dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.ne...

487 B
407 B

64ms
34ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5295329.fls.doubleclick.net/activityi;dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLHSJ3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

f76c4ebb4c6b858478fdfcd505ece8050ad64b0bda348e710beb3f2f8b6e87c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5295329.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newseasonsmarket.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Sep 2021 10:04:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 10:19:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Sep 2021 10:04:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5295329.fls.doubleclick.net/activityi;dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 44 KB
15 KB 27ms
9ms Script
text/javascript 2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLHSJ3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: jmFs7KywGuBDQQS_2esYMgDw6mfwd1hF
Content-Encoding: gzip
ETag: "2441168df9ddcfa64f2b072ba490993a"
x-amz-request-id: XDXCMQR6D23JKQA8
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 14510
x-amz-id-2: acN/v3wmX1oMc1BQ3YpyO1mxeAxI0XVr413lkA9cc8Xi+aTHSvBYxaNP1ibPHED6rFrOM8w6KOc=
Last-Modified: Mon, 30 Aug 2021 22:12:49 GMT
Server: AmazonS3
Date: Wed, 01 Sep 2021 10:04:14 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
832 B 150ms
128ms Script
application/javascript 2a02:26f0:6c00:28c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLHSJ3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "d281f5ef4add283680ff41edc6dd28c4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 1d15fece-2.16.186.183
accept-ranges: bytes
content-length: 584
access-control-expose-headers: X-CDN

GET
H2 200 hotjar-713954.js Show response
static.hotjar.com/c/ 4 KB
2 KB 55ms
53ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-713954.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLHSJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3dabf1ddfd0663d2f76e02f60df57575cffbdbee8a1025126055f8908691bd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/a90b73e46c191e7602c173546b0c2763
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1962
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-id: CXM2XtYw8qZQ9J1tUTQibGUPdJAY4tFzeMcia6aRJ7VyiEbKWRs_bA==

GET
H2 200 activityi;register_conversion=1;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F
5295329.fls.doubleclick.net/ 0
0 31ms
29ms Image
text/html 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5295329.fls.doubleclick.net/activityi;register_conversion=1;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F?
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H/1.1 200
OK 764921
www.mnixpixel.com/rt/ 0
287 B 279ms
90ms Image
application/javascript 206.81.5.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mnixpixel.com/rt/764921?p=69741&async=true%27&gtmcb=993550681
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.81.5.96 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: dev9.fw2.xt.com.tr
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:14 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache
Connection: keep-alive

GET
H2 200 activity;xsp=4330730;ord=1;num='+%20a%20+'
pubads.g.doubleclick.net/ 42 B
220 B 36ms
34ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4330730;ord=1;num='+%20a%20+'?gtmcb=1823428547

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;xsp=4330724;ord='+%20a%20+'
pubads.g.doubleclick.net/ 42 B
209 B 44ms
42ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4330724;ord='+%20a%20+'?gtmcb=828032973

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sn.ashx
dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CAA_E2B9668D_528360&redir=https://aep.mxptint.net/
Redirect Chain

https://mpp.mxptint.net/2/26331/?rnd=%n&gtmcb=2016729419
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjM1Q0FBX0UyQjk2NjhEXzUyODM2MA%3D%3D
https://aep.mxptint.net/sn.ashx
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CAA_E2B9668D_528360&redir=https://aep.mxptint.net/sn.ashx?ak=1

42 B
945 B

42ms
42ms

Image
image/gif

52.30.200.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CAA_E2B9668D_528360&redir=https://aep.mxptint.net/sn.ashx?ak=1

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.200.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-200-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-02089d59b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: K/j7P7NWSQw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CAA_E2B9668D_528360&redir=https://aep.mxptint.net/sn.ashx?ak=1
Date: Wed, 01 Sep 2021 10:04:16 GMT
Cache-Control: private
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 235
Strict-Transport-Security: max-age=-313477456; includeSubDomains
Content-Type: text/html; charset=utf-8

GET
H2 200 beacon
r.turn.com/r/ 43 B
407 B 83ms
43ms Image
image/gif 2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=nCH-78PyeZcOiJyajcX2r-XA3Lx-MLwjTU8fPQrsh15XV6DnilXDhC7IW0_yxAHU5jMms0yht-wigRjRRA_ulg&cid=&bprice=&gtmcb=829454320
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK 191450
bidagent.xad.com/conv/ 42 B
341 B 411ms
100ms Image
image/gif 52.55.91.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidagent.xad.com/conv/191450?ts=%pord=!?gtmcb=1041593326
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.91.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-91-197.compute-1.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:14 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H2 200 NSM%20Market_03.woff
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/font/NSMMarket/ 142 KB
143 KB 27ms
9ms Font
font/woff 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/font/NSMMarket/NSM%20Market_03.woff
Requested by: Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f60e861eb5ab95e8ab6bc24639e268ee0753b6a006689a08b82c42b87586417c

Request headers

Origin: https://www.newseasonsmarket.com
Referer: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 19:55:34 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
last-modified: Mon, 02 Aug 2021 16:00:11 GMT
server: nginx
age: 1865320
etag: "6108168b-2386c"
x-cache: Hit from cloudfront
content-type: font/woff
access-control-allow-origin: https://www.newseasonsmarket.com
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 145516
x-amz-cf-id: vSIHlj0DIJoItTOcoIH0JMTXx16cLgf67APwdtfdb8LlfZhdQqkZxw==
expires: Thu, 09 Sep 2021 19:55:34 GMT

GET
H2 200 nav_caret.svg
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/img/backgrounds/ 510 B
896 B 7ms
7ms Image
image/svg+xml 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/img/backgrounds/nav_caret.svg
Requested by: Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 51804a9e6fd0c37bee93765d653d2eb975e30cd4a110ad29e43d1853e1d0fd1e

Request headers

Referer: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 16:42:40 GMT
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
last-modified: Mon, 02 Aug 2021 16:00:11 GMT
server: nginx
age: 1876894
etag: "6108168b-1fe"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 510
x-amz-cf-id: Z30Fdd7ElSFArWJtZRYxR8GgYlDNy_olMmvvZZZek9uJlp-nV2b5uw==
expires: Thu, 09 Sep 2021 16:42:40 GMT

GET
H2 200 badge-instagram.png
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/img/badges/ 3 KB
3 KB 8ms
8ms Image
image/png 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/img/badges/badge-instagram.png
Requested by: Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fd7eff8dea755b65036efa1df7b8c0e334a0dac4ea16f5ecd1b2ccdf3198db48

Request headers

Referer: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 14:36:37 GMT
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
last-modified: Fri, 13 Aug 2021 19:10:06 GMT
server: nginx
age: 1452457
etag: "6116c38e-b62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 2914
x-amz-cf-id: mpySr6ldVB8wcA4Aibl1oIwezV2lgS2RE4cLv7STeddI-GsBKgZ56Q==
expires: Tue, 14 Sep 2021 14:36:37 GMT

GET
H2 200 2F3CD9_4_0.woff2
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/font/ 191 KB
192 KB 33ms
24ms Font
font/woff2 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/font/2F3CD9_4_0.woff2
Requested by: Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 570aae8bc07b32bbaa600bb6f4248b3f2cd3131e82e8baecbdf4ccfb77ebaa7a

Request headers

Origin: https://www.newseasonsmarket.com
Referer: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 19:55:34 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
last-modified: Mon, 02 Aug 2021 16:00:11 GMT
server: nginx
age: 1865320
etag: "6108168b-2fcb7"
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: https://www.newseasonsmarket.com
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 195767
x-amz-cf-id: Vqq0cKMnqGiKXp3aORFXdJwgJy9p9IIfhArYjyI1_84W7vQ0yplPZw==
expires: Thu, 09 Sep 2021 19:55:34 GMT

GET
H2 200 hvd_fonts_-_brandongrotesque-regular-webfont.woff2
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/font/BrandonGrotesqueReg/ 27 KB
28 KB 25ms
17ms Font
font/woff2 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/font/BrandonGrotesqueReg/hvd_fonts_-_brandongrotesque-regular-webfont.woff2
Requested by: Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e39bce70fe64a7be07b93e4ff13b4f5ccdf59c6f9e0d128d7f5e273f29bba204

Request headers

Origin: https://www.newseasonsmarket.com
Referer: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 19:55:34 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
last-modified: Mon, 02 Aug 2021 16:00:11 GMT
server: nginx
age: 1865320
etag: "6108168b-6cd0"
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: https://www.newseasonsmarket.com
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 27856
x-amz-cf-id: NnezZ13v5ryatO7XWmX2eljwXwWDtLrOoIa3CX6aWi1CGc9LbsCkYg==
expires: Thu, 09 Sep 2021 19:55:34 GMT

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 61ms
20ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=101989&conversion=20&campaign_id=0&m=1&sifi_tuid=59016

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLHSJ3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: FqCqnJ6z2N0xYOEDb0jh
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cirt_v2.min.js Show response
media-cdn.ipredictive.com/js/ 16 KB
6 KB 96ms
22ms Script
application/javascript 13.32.120.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media-cdn.ipredictive.com/js/cirt_v2.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLHSJ3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.120.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-120-62.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4308b770a8f544c1fc4487836df776d7a8a4170b0947e45c9b748369846ee115

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 15:40:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2016 03:48:58 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:tpu/gid:20/mode:33188/mtime:1466480833/atime:1466480865/md5:06959ee0164f60e0f6954610590aff8e/ctime:1466480833
Age: 66248
ETag: W/"06959ee0164f60e0f6954610590aff8e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: MYv-MM3w7UJ6MIKPpw7KRlktSnh_XRjbfzD_mQks5K8CwQykrS8zbQ==

GET
H/1.1 200
OK / Show response
newseasons.netmng.com/ 276 B
1 KB 158ms
20ms Script
text/javascript 193.0.160.49
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://newseasons.netmng.com/?aid=5365&siclientid=
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.0.160.49 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: fc065b675d4593fb9a2f7265469bd48657017fa9189374ebb6b12fdfeaf4a28b

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:14 GMT
Last-Modified: Mon, 30 Aug 2021 10:04:14 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Expires: Mon, 30 Aug 2021 10:04:14 GMT

GET /
secfld.vmmpxl.com/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: Mm17VoWJU84UTrp5rQJCjYJ/IOcq7JLGHITjhMdLnUkrzKApMAAov7PT4+vlgpKnbVuv7Q0elZeabV6XxoZByw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 01 Sep 2021 10:04:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 38ms
9ms Script
application/x-javascript 2600:9000:223c:5c00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5c00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:20:49 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 09:20:39 GMT
server: Jetty(9.3.29.v20201019)
age: 2605
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-P2
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: pGhttEbkyeL526B6W0BWExf4HPvpE__omYCZSxW3x5LrkpQPjFMxNQ==
expires: Wed, 01 Sep 2021 10:20:49 GMT

GET
H2 200 conversion
jadserve.postrelease.com/ 43 B
427 B 303ms
100ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/conversion?ntv_pixel_id=5bb5767a5d5a45a1aafd7a4c12b0d552&ntv_pixel_value=[optional_float]&ord=[cache_buster]
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 rt.gif
jadserve.postrelease.com/ 43 B
426 B 295ms
97ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/rt.gif?ntv_tg=e8cff7bd83404c93b30d1a84121e1795&ord=[cache_buster]
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=947297063&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newseasonsmarket.com%2F&ul=en-us&de=UTF-8&dt=New%20Seasons%20Market%20New%20Seasons%20Market%20%7C%20Grocery%20Stores%20in%20the%20Portland%20Metro%20area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=336222676&gjid=1869981829&cid=1763140592.1630490655&tid=UA-24685851-1&_gid=1118244157.1630490655&_r=1&gtm=2wg8u0PLHSJ3&z=355469494

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newseasonsmarket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=947297063&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.newseasonsmarket.com%2F&ul=en-us&de=UTF-8&dt=New%20Seasons%20Market%20New%20Seasons%20Market%20%7C%20Grocery%20Stores%20in%20the%20Portland%20Metro%20area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Scrolling&ea=%2F&el=Percentage%20Baseline&_u=aEDAAAABAAAAAC~&jid=&gjid=&cid=1763140592.1630490655&tid=UA-24685851-1&_gid=1118244157.1630490655&gtm=2wg8u0PLHSJ3&z=408288597

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 20:48:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47739
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/I2HEGJOMNZHW7IKBWOY3FS/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

10ms
10ms

Script
application/javascript

2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: X7H8MMPX5WFXA520
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: xGc9S8mduswjIqyXNMlFXzdoOZOxNg0LRFjDe4C8oPYlpl3WxL3L2+3UrXKHjSaRBd41njhJebg=
Last-Modified: Mon, 19 Jul 2021 22:23:14 GMT
Server: AmazonS3
Date: Wed, 01 Sep 2021 10:04:14 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Wed, 01 Sep 2021 10:04:14 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
719 B

10ms
9ms

Script
application/javascript

2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 646B3B18FD6BFC2A
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: qGk98ZWIiheNdtQZIlY1WAm2EQ/5udBaTnZMZ9/a28PX/cnhkqbHdI2ALa8fb4tQM3Fxjxng/FA=
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Wed, 01 Sep 2021 10:04:14 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Wed, 01 Sep 2021 10:04:14 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ/ 0
773 B 256ms
244ms Script
text/javascript 2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 7wkPifij3sRWEVVeQ8elVUQnVzEDb49H
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 09D3VT5HBE05635A
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: 9omV7HAxsbSM2B0SBFddbB/YXjt7FOyH1J8ugsBjI96owojf6DA7LWcFUXIvrotLzvExBtfco+w=
Last-Modified: Tue, 31 Aug 2021 17:31:04 GMT
Server: AmazonS3
Date: Wed, 01 Sep 2021 10:04:15 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 241030337_1161136024408160_2156132143573605691_nfull.jpg
www.newseasonsmarket.com/wp-content/uploads/sb-instagram-feed-images/ 100 KB
100 KB 191ms
191ms Image
image/jpeg 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newseasonsmarket.com/wp-content/uploads/sb-instagram-feed-images/241030337_1161136024408160_2156132143573605691_nfull.jpg
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-23-106.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: c9144a6274f568e7fdb0c4ffdf2d01ee86145f098fd7cec09cbfceb321b8a701

Request headers

:path: /wp-content/uploads/sb-instagram-feed-images/241030337_1161136024408160_2156132143573605691_nfull.jpg
pragma: no-cache
cookie: sessionid=566926174; _gcl_au=1.1.908882889.1630490654; AWSALB=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; AWSALBCORS=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; _ga=GA1.2.1763140592.1630490655; _gid=GA1.2.1118244157.1630490655; _gat_UA-24685851-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 00:03:23 GMT
server: nginx
etag: W/"612ec34b-18e9d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000 public
set-cookie: AWSALB=1uR5R5QLeVn08y2Eod8J4qB98ssHowWqzweARJu00E3drPgBy2rcWtjEHsCGhpSDYuAlT1FT7pdJbjMYiC8jG/ltjZtlW6JPHcbMqCxla50wauRNY7jSe4Pcc3jJ; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/ AWSALBCORS=1uR5R5QLeVn08y2Eod8J4qB98ssHowWqzweARJu00E3drPgBy2rcWtjEHsCGhpSDYuAlT1FT7pdJbjMYiC8jG/ltjZtlW6JPHcbMqCxla50wauRNY7jSe4Pcc3jJ; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/; SameSite=None; Secure
expires: Fri, 01 Oct 2021 10:04:14 GMT

GET
H2 200 240514304_375276354043631_3950269194354001393_nfull.jpg
www.newseasonsmarket.com/wp-content/uploads/sb-instagram-feed-images/ 137 KB
137 KB 360ms
359ms Image
image/jpeg 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newseasonsmarket.com/wp-content/uploads/sb-instagram-feed-images/240514304_375276354043631_3950269194354001393_nfull.jpg
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-23-106.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 95ec2b27242cfe85a1f63c174c41144ef933473f38efcbce2b24a081e83e6fa2

Request headers

:path: /wp-content/uploads/sb-instagram-feed-images/240514304_375276354043631_3950269194354001393_nfull.jpg
pragma: no-cache
cookie: sessionid=566926174; _gcl_au=1.1.908882889.1630490654; AWSALB=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; AWSALBCORS=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; _ga=GA1.2.1763140592.1630490655; _gid=GA1.2.1118244157.1630490655; _gat_UA-24685851-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
content-encoding: gzip
last-modified: Fri, 27 Aug 2021 15:45:42 GMT
server: nginx
etag: W/"612908a6-22364"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000 public
set-cookie: AWSALB=STzEQyGsaXB+pk+sxAcTE72Fko5znVIm1HMgCZpvQDy/jWaZ3eKjA42/uB/CoIg9rkdkS7IGiYbR06C1p8po13XS7MBewmuwsHu1VY9CsuZ32qwfx9NJIa7Qop9M; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/ AWSALBCORS=STzEQyGsaXB+pk+sxAcTE72Fko5znVIm1HMgCZpvQDy/jWaZ3eKjA42/uB/CoIg9rkdkS7IGiYbR06C1p8po13XS7MBewmuwsHu1VY9CsuZ32qwfx9NJIa7Qop9M; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/; SameSite=None; Secure
expires: Fri, 01 Oct 2021 10:04:14 GMT

GET
H2 200 240626837_2902044620124068_4071153944897843459_nfull.jpg
www.newseasonsmarket.com/wp-content/uploads/sb-instagram-feed-images/ 100 KB
101 KB 356ms
356ms Image
image/jpeg 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newseasonsmarket.com/wp-content/uploads/sb-instagram-feed-images/240626837_2902044620124068_4071153944897843459_nfull.jpg
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-23-106.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b38fbe25477dd4b16cab2b521dc82cdfaa018fdf80f8ce6be9c2b62a220aecb0

Request headers

:path: /wp-content/uploads/sb-instagram-feed-images/240626837_2902044620124068_4071153944897843459_nfull.jpg
pragma: no-cache
cookie: sessionid=566926174; _gcl_au=1.1.908882889.1630490654; AWSALB=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; AWSALBCORS=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; _ga=GA1.2.1763140592.1630490655; _gid=GA1.2.1118244157.1630490655; _gat_UA-24685851-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
content-encoding: gzip
last-modified: Fri, 27 Aug 2021 00:44:12 GMT
server: nginx
etag: W/"6128355c-190d1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000 public
set-cookie: AWSALB=g8kjzIUoj6f8zRsvs3PNPpCe1fAU0KZ1BlsSdwf89QeStmSEPBhQ4JmvUFSMlQ8iNwz+EqQPLoCNJLcPsa7siU3m3FJrK0pJqtsJivcxLlJAKWbo0FV78pBQA7GP; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/ AWSALBCORS=g8kjzIUoj6f8zRsvs3PNPpCe1fAU0KZ1BlsSdwf89QeStmSEPBhQ4JmvUFSMlQ8iNwz+EqQPLoCNJLcPsa7siU3m3FJrK0pJqtsJivcxLlJAKWbo0FV78pBQA7GP; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/; SameSite=None; Secure
expires: Fri, 01 Oct 2021 10:04:14 GMT

GET
H2 200 hvd_fonts_-_brandongrotesque-medium-webfont.woff2
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/font/BrandonGrotesqueMed/ 28 KB
28 KB 8ms
8ms Font
font/woff2 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/font/BrandonGrotesqueMed/hvd_fonts_-_brandongrotesque-medium-webfont.woff2
Requested by: Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 24730f735f3d08baf555c3179d7b889d54f6314619fee6b534f7727f4e9bde3a

Request headers

Origin: https://www.newseasonsmarket.com
Referer: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 19:55:36 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
last-modified: Mon, 02 Aug 2021 16:00:11 GMT
server: nginx
age: 1865318
etag: "6108168b-6f20"
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: https://www.newseasonsmarket.com
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 28448
x-amz-cf-id: mgZA_0518MlWg5fxMCNyVxEqvlOORG-DULTz0OSlQV60yqvgesfWmA==
expires: Thu, 09 Sep 2021 19:55:36 GMT

GET
H2 402 me Show response
geoip-js.com/geoip/v2.1/city/ 93 B
367 B 96ms
65ms XHR
application/vnd.maxmind.com-error+json 2606:4700::6812:aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fwww.newseasonsmarket.com

Requested by

Host: js.maxmind.com
URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js?ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c8f585f6eb6a9e8760ab07a76ea5e5c4d0b55631ed86d393e345594242e939e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/vnd.maxmind.com-error+json; charset=UTF-8; version=2.1
access-control-allow-origin: *
cf-ray: 687dac60986a4e56-FRA
content-length: 93

GET
H2 200 modules.189ddfe225c89657c20d.js Show response
script.hotjar.com/ 221 KB
59 KB 28ms
28ms Script
application/javascript 18.66.112.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.189ddfe225c89657c20d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-713954.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 436029
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59569
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 08:56:36 GMT
etag: "00ab92e1048f75ffd0466b24cae7a3f0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -GwQ_EVYK-1xT2ztznLLP0GZiTyV4e_644T3X-QGEF3xkP-QfRk8Aw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-24685851-1&cid=1763140592.1630490655&jid=336222676&gjid=1869981829&_gid=1118244157.1630490655&_u=YEBAAAAAAAAAAC~&z=1563450700

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 01 Sep 2021 10:04:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.newseasonsmarket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame B211 486 B
616 B 34ms
33ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F

Requested by

Host: 5295329.fls.doubleclick.net
URL: https://5295329.fls.doubleclick.net/activityi;dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d2c76c08fce084b0072e5dca3a701cc989082320b725c5f5c5b467bafcf46a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5295329.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://5295329.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Sep 2021 10:04:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 383
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.89cd5bf4.js Show response
s.pinimg.com/ct/lib/ 49 KB
17 KB 112ms
111ms Script
application/javascript 2a02:26f0:6c00:28c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "6deee3ea7ecc4a5d9687c1bd57018c16"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 1d160246-2.16.186.183
accept-ranges: bytes
content-length: 17418
access-control-expose-headers: X-CDN

GET
H3-29 200 1183289702022049 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 49ms
49ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1183289702022049?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5931f83231f201f4e8fb1570ff5f1a60f8061b241f5347dd5a6f91848e30966d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: XNRjkv49jM1KDpSJIuwiFbWFab5xItE4TPM3avY9pWHM2PkcKHBkNgeixXxfPPirUFSxa0E9VJ/ATuTAz6MmyA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 01 Sep 2021 10:04:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK Cookie set ca.html Show response
20826659p.rfihub.com/ Frame A0DA 3 KB
4 KB 102ms
27ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826659p.rfihub.com/ca.html?ver=9&rb=42379&ca=20826659&_o=42379&_t=20826659&pe=https%3A%2F%2Fwww.newseasonsmarket.com%2F&pf=&ra=634130190986208
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7b31974247717ecb13819540c4e3b4cd4dd56d719cf0bab64413bfcd1a0cc9d5

Request headers

Host: 20826659p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newseasonsmarket.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.newseasonsmarket.com/

Response headers

Date: Wed, 01 Sep 2021 10:04:14 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAJvFyGtoZmxgYmlgZgokDFah8U-h8V-h8X-h8ScxofJnofEXofFXofE3ofF3ofE_oetnQeXfQuNvYkUzjxvN_Wj8RcKo_EdofADq51TfMAEAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 26 Sep 2022 10:04:14 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMjI2NwASxhbmQnyGuqFVFSVhBpWFqcWu4VK8hmbGBiaWBmamJhaWpgDmdqIoNAAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 26 Sep 2022 10:04:14 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMjI2NwASxhbmQnyGuqFVFSVhBpWFqcWu4QBJlrueJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2942
Server: Jetty(9.3.29.v20201019)

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-24685851-1&cid=1763140592.1630490655&jid=336222676&_u=YEBAAAAAAAAAAC~&z=96548207

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
33ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-24685851-1&cid=1763140592.1630490655&jid=336222676&_u=YEBAAAAAAAAAAC~&z=96548207

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
ad.ipredictive.com/d/rt/ 631 B
1 KB 409ms
100ms Image
image/jpeg 34.197.168.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?uuid=fc48e498-a5c0-47f0-8d63-976b399d42e6&rtsite_id=16067&sdk_src=js&ts=1630490655&rr=832100146504035&sdkv=1.0.0-beta&res=1600x1200&cookie=1&ref=&dloc=https%3A%2F%2Fwww.newseasonsmarket.com%2F&ds=1&xp_pdf=0&xp_qt=0&xp_realp=0&xp_wma=0&xp_dir=0&xp_fla=0&xp_java=0&xp_gears=0&xp_ag=0&event=pageview&ev_pageview=%7B%22url%22%3A%22https%3A%2F%2Fwww.newseasonsmarket.com%2F%22%2C%22title%22%3A%22New%20Seasons%20Market%20New%20Seasons%20Market%20%7C%20Grocery%20Stores%20in%20the%20Portland%20Metro%20area%22%7D
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.168.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-168-203.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:14 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 631
X-CI-RTID: f69ef183-0b0b-11ec-b86e-0725a569d5ac
Content-Type: image/jpeg

GET
H/1.1 200
OK pixel
ad.ipredictive.com/d/rt/ 631 B
1 KB 408ms
100ms Image
image/jpeg 34.197.168.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?uuid=fc48e498-a5c0-47f0-8d63-976b399d42e6&rtsite_id=16067&sdk_src=js&ts=1630490655&rr=5422680366335773&sdkv=1.0.0-beta&res=1600x1200&cookie=1&ref=&dloc=https%3A%2F%2Fwww.newseasonsmarket.com%2F&ds=1&xp_pdf=0&xp_qt=0&xp_realp=0&xp_wma=0&xp_dir=0&xp_fla=0&xp_java=0&xp_gears=0&xp_ag=0&event=pageview&ev_pageview=%7B%22url%22%3A%22https%3A%2F%2Fwww.newseasonsmarket.com%2F%22%2C%22title%22%3A%22New%20Seasons%20Market%20New%20Seasons%20Market%20%7C%20Grocery%20Stores%20in%20the%20Portland%20Metro%20area%22%7D
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.168.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-168-203.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:14 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 631
X-CI-RTID: f69eca26-0b0b-11ec-b3db-d50e441e0dc9
Content-Type: image/jpeg

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 3BA8 2 KB
1 KB 22ms
21ms Document
text/html 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-713954.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newseasonsmarket.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.newseasonsmarket.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: nUXGMV8HhyUlCeyYs2TWjZG2LW3x4c4HYiTihn4v0ClVQSnYm-jULg==
age: 3923264

GET
H2 200 dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame E0F9 194 B
931 B 68ms
44ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CIWol4LD3fICFeaCUQodLkIDsQ;src=5295329;type=gen1;cat=viewt0;ord=566926174;gtm=2wg8u0;auiddc=908882889.1630490654;ps=1;~oref=https%3A%2F%2Fwww.newseasonsmarket.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Sep 2021 10:04:14 GMT
expires: Wed, 01 Sep 2021 10:04:14 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 I2HEGJOMNZHW7IKBWOY3FS Show response
d.adroll.com/consent/check/ 393 B
860 B 109ms
33ms Script
application/javascript 34.253.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/I2HEGJOMNZHW7IKBWOY3FS?arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&_s=10ece4e24ce204231340577bfeeb3a06&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 70f86594c1bd498b04f7f52d216c05cf3bf85e5bead965155d1e172fbc02c936

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:14 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 393
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1183289702022049&ev=PageView&dl=https%3A%2F%2Fwww.newseasonsmarket.com%2F&rl=&if=false&ts=1630490654897&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630490654896.731529666&it=1630490654805&coo=false&rqm=GET

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Sep 2021 10:04:14 GMT

GET
H2 200 admin-ajax.php Show response
www.newseasonsmarket.com/wp-admin/ 986 B
1 KB 657ms
656ms XHR
text/html 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newseasonsmarket.com/wp-admin/admin-ajax.php?action=get-homepage-feature&lat=45.512&lng=-122.679

Requested by

Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-23-106.us-west-2.compute.amazonaws.com

Software

nginx / PHP/7.2.24-1+ubuntu18.04.1+deb.sury.org+1

Resource Hash

e38a5eaf130b485b5fb93d8ae43bb692a838ffdae8874e50bccb6e697801a917

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://newleaf.com/
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: sessionid=566926174; _gcl_au=1.1.908882889.1630490654; AWSALB=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; AWSALBCORS=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; _ga=GA1.2.1763140592.1630490655; _gid=GA1.2.1118244157.1630490655; _gat_UA-24685851-1=1; _hjid=267df954-4322-4e54-9812-60b7d0617ed8; _hjFirstSeen=1; _fbp=fb.1.1630490654896.731529666
:path: /wp-admin/admin-ajax.php?action=get-homepage-feature&lat=45.512&lng=-122.679
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.newseasonsmarket.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
server: nginx
x-powered-by: PHP/7.2.24-1+ubuntu18.04.1+deb.sury.org+1
x-frame-options: SAMEORIGIN ALLOW-FROM https://newleaf.com/
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: AWSALB=h9qPiXDqm/rKNaxv7dpTOqzoLogEeOJsJu3ZMcimzxfMANXhfgMUm8yDiEWkFCkmiQJyev823k1pw/iQu80FOtoUi1vdCfZla31opZAPkMGbMF807etecWax0Sqg; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/ AWSALBCORS=h9qPiXDqm/rKNaxv7dpTOqzoLogEeOJsJu3ZMcimzxfMANXhfgMUm8yDiEWkFCkmiQJyev823k1pw/iQu80FOtoUi1vdCfZla31opZAPkMGbMF807etecWax0Sqg; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/; SameSite=None; Secure PHPSESSID=990bb9a2380f82e758fc671a2a94b930; path=/
x-robots-tag: noindex
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 admin-ajax.php Show response
www.newseasonsmarket.com/wp-admin/ 5 KB
2 KB 709ms
708ms XHR
text/html 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newseasonsmarket.com/wp-admin/admin-ajax.php?action=get-homepage-touts&lat=45.512&lng=-122.679

Requested by

Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-23-106.us-west-2.compute.amazonaws.com

Software

nginx / PHP/7.2.24-1+ubuntu18.04.1+deb.sury.org+1

Resource Hash

6df1f7dea1fc86c97c013c49cf12203b9488e88e8d62459d5535e716a09adedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://newleaf.com/
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: sessionid=566926174; _gcl_au=1.1.908882889.1630490654; AWSALB=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; AWSALBCORS=P0VwMTMORmM4FRE2ccktl5kmdEBFOZWfjqL+KxxknHJ3xSLiLfkRjd/B5GTUJPGJoRCQ5TISCH9qyxIznUcAW17xKj7NvbvL7FtXIe9017XHutFOuGmfpoekek9P; _ga=GA1.2.1763140592.1630490655; _gid=GA1.2.1118244157.1630490655; _gat_UA-24685851-1=1; _hjid=267df954-4322-4e54-9812-60b7d0617ed8; _hjFirstSeen=1; _fbp=fb.1.1630490654896.731529666; geolat=45.512
:path: /wp-admin/admin-ajax.php?action=get-homepage-touts&lat=45.512&lng=-122.679
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.newseasonsmarket.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
server: nginx
x-powered-by: PHP/7.2.24-1+ubuntu18.04.1+deb.sury.org+1
x-frame-options: SAMEORIGIN ALLOW-FROM https://newleaf.com/
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: AWSALB=RNCUQ79k3e0Zv4LvieR8qZKMo4Q376e29eVb1r6u/k6A06YIj20trEXO0f0qJQW7csgPZjbfvd0YwjeHSvnoBcfMPQxFIbgJclqN10rMfcnLfQx+FeXygwNR4qgu; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/ AWSALBCORS=RNCUQ79k3e0Zv4LvieR8qZKMo4Q376e29eVb1r6u/k6A06YIj20trEXO0f0qJQW7csgPZjbfvd0YwjeHSvnoBcfMPQxFIbgJclqN10rMfcnLfQx+FeXygwNR4qgu; Expires=Wed, 08 Sep 2021 10:04:14 GMT; Path=/; SameSite=None; Secure PHPSESSID=95ca46b1e41a7558effa865a98f149db; path=/
x-robots-tag: noindex
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK / Show response
newseasons.netmng.com/ 4 KB
6 KB 23ms
22ms Script
text/javascript 193.0.160.49
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://newseasons.netmng.com/?aid=5365&siclientid=&cch
Requested by: Host: newseasons.netmng.com
URL: https://newseasons.netmng.com/?aid=5365&siclientid=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.0.160.49 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 0dd49b1386bf0255c2560867e7193eefcb41f16476631cc5a58b98eac32b49ea

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:14 GMT
Last-Modified: Mon, 30 Aug 2021 10:04:14 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Expires: Mon, 30 Aug 2021 10:04:14 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 465 B
729 B 153ms
67ms XHR
application/json 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614404030485&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1630490654921
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 792e4dbf8e3acd066dfc77d0d11cb0685c3c094825e0a10f6a14a2896433ec54

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newseasonsmarket.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU1XSmtNbVJpWWpFdE0yRTFaUzAwWkRreExUaGtZVGt0T1RVellqSTJaV0kwWm1KaA
x-pinterest-rid: 5126196516056522
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
content-length: 343
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
82 B 156ms
72ms Image
image/gif 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614404030485&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.newseasonsmarket.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1630490654922
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1491034379403448
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
339 B 141ms
71ms Image
image/gif 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614404030485&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.newseasonsmarket.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1630490654923
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1188810488501686
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame A0DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3NTgxOTYyMjM3MDIyMzM4Nw==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOPb9sOxm2eJumVqOuEmUj4&google_cver=1

42 B
1 KB

73ms
21ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOPb9sOxm2eJumVqOuEmUj4&google_cver=1
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:15 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOPb9sOxm2eJumVqOuEmUj4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame A0DA
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=1875819622370223387
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1875819622370223387

43 B
1 KB

32ms
15ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1875819622370223387

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 297da5c7-9c68-4688-af58-152a736ef1ef
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e09c22f0-16f5-47b5-a1ee-8b6950c78d84
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1875819622370223387
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame A0DA
Redirect Chain

https://stags.bluekai.com/site/4722?id=1875819622370223387&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

42 B
1 KB

18ms
18ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:15 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Date: Wed, 01 Sep 2021 10:04:15 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame A0DA 0
239 B 129ms
31ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1875819622370223387
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame A0DA
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1875819622370223387&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1875819622370223387&redir=

42 B
945 B

39ms
39ms

Image
image/gif

52.30.200.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1875819622370223387&redir=

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.200.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-200-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v015-046276664.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: DhfWSXzsSpU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v015-00e874e8f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 9oocg02eQu0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1875819622370223387&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A0DA
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819622370223387&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819622370223387&forward=&C=1

43 B
1006 B

32ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819622370223387&forward=&C=1
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 10:04:15 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819622370223387&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Wed, 01 Sep 2021 10:04:15 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame A0DA 0
445 B 33ms
9ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~84c296ca4cae9f73fbcc48363a3cd4cd34be98f5&nwid=10000648372&sigv=1

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame A0DA 42 B
416 B 62ms
20ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=1875819622370223387
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 10:04:14 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame A0DA 43 B
191 B 241ms
169ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1875819622370223387

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Sep 2021 10:04:15 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame A0DA
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819622370223387&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819622370223387&img=1&__user_check__=1&sync_id=f6800316-0b0b-11ec-8106-14e583300306

43 B
548 B

19ms
18ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819622370223387&img=1&__user_check__=1&sync_id=f6800316-0b0b-11ec-8106-14e583300306
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 75
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 01 Sep 2021 10:04:14 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=1875819622370223387&img=1&__user_check__=1&sync_id=f6800316-0b0b-11ec-8106-14e583300306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 116
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame A0DA 43 B
183 B 289ms
95ms Image
image/gif 2600:1f18:612b:4200:3aa:8894:1069:c551
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=1875819622370223387&r=sWPIPY6QeTxi
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:3aa:8894:1069:c551 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame A0DA 43 B
238 B 73ms
22ms Image
image/gif 18.158.92.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1875819622370223387
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.92.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-92-16.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame A0DA 0
338 B 107ms
32ms Image
text/plain 54.171.152.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1875819622370223387
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.152.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-152-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1630490655
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame A0DA
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=1875819622370223387&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1875819622370223387&expires=30

43 B
344 B

24ms
24ms

Image
image/gif

3.64.144.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1875819622370223387&expires=30
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.144.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-144-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1875819622370223387&expires=30
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame A0DA
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=1875819622370223387&bid=omt9pi0
https://ps.eyeota.net/match/bounce/?uid=1875819622370223387&bid=omt9pi0

70 B
440 B

76ms
60ms

Image
image/gif

18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=1875819622370223387&bid=omt9pi0
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:18 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=1875819622370223387&bid=omt9pi0
Date: Wed, 01 Sep 2021 10:04:18 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame A0DA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YS9QIAAEIMeuOgBg
https://p.rfihub.com/cm?in=1&pub=21653&userid=YS9QIAAEIMeuOgBg&_test=YS9QIAAEIMeuOgBg

42 B
1 KB

42ms
20ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YS9QIAAEIMeuOgBg&_test=YS9QIAAEIMeuOgBg
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:16 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630490656.284052,VS0,VE0
x-served-by: cache-fra19125-FRA
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YS9QIAAEIMeuOgBg&_test=YS9QIAAEIMeuOgBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame A0DA 46 B
696 B 1153ms
88ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1875819622370223387

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Wed, 01 Sep 2021 10:04:16 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Wed, 01 Sep 2021 10:04:16 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame A0DA 0
105 B 321ms
24ms Image
text/plain 3.120.90.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.90.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-90-180.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

pixel
fcmatch.youtube.com/ Frame A0DA
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1875819622370223387&referrer=https%3A%2F%2Fwww.newseasonsmarket.com%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=e45d8483-6453-4234-9568-a91f5c206b9a%3A1630490656.21&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3De45d8483-6453-4234-9568-a91f5c206b9a...
https://idsync.rlcdn.com/501709.gif?partner_uid=e45d8483-6453-4234-9568-a91f5c206b9a%3A1630490656.21
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQWhUSmhhUU1PQXRUQ2xta0piT21BcVJuTllDdzRKSGUtVDNZZzNHcUd6SQ==&google_cm&gdpr=1&gdpr_consent=CPLPDEMPLPDN_ADABCENBoCsAP_AAH_AA...
https://fcmatch.google.com/pixel?google_gm=AMnCDoofuMMwUwPT7YijtIWIAhaD6b_u2NIITo55KcrokZmhPJuqua-ZuC62szznvDHOplNHIM5WUgBst_FczOro_aLVNrXzTocHIFgV7dzmX0873f2IZZkzhbEUSmcsq5CsuORbtMRn6yb-wO0HdLHVXt...
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoofuMMwUwPT7YijtIWIAhaD6b_u2NIITo55KcrokZmhPJuqua-ZuC62szznvDHOplNHIM5WUgBst_FczOro_aLVNrXzTocHIFgV7dzmX0873f2IZZkzhbEUSmcsq5CsuORbtMRn6yb-wO0HdLHVX...

170 B
546 B

69ms
50ms

Image
image/png

2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoofuMMwUwPT7YijtIWIAhaD6b_u2NIITo55KcrokZmhPJuqua-ZuC62szznvDHOplNHIM5WUgBst_FczOro_aLVNrXzTocHIFgV7dzmX0873f2IZZkzhbEUSmcsq5CsuORbtMRn6yb-wO0HdLHVXtIfve-8Qw

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:16 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:16 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoofuMMwUwPT7YijtIWIAhaD6b_u2NIITo55KcrokZmhPJuqua-ZuC62szznvDHOplNHIM5WUgBst_FczOro_aLVNrXzTocHIFgV7dzmX0873f2IZZkzhbEUSmcsq5CsuORbtMRn6yb-wO0HdLHVXtIfve-8Qw
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame A0DA 43 B
109 B 1373ms
143ms Image
image/gif 3.93.127.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=1875819622370223387
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.127.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-127-70.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20826659p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:16 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

sync Show response
live.rezync.com/ Frame CB64
Redirect Chain

https://20820827p.rfihub.com/ca.html?ver=9&rb=39985&ca=20820827&_o=39985&_t=20820827&pe=https%3A%2F%2Fwww.newseasonsmarket.com%2F&pf=&ra=6466610792721297
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=89963278be525df10d09c83dbc6148a2&k=site&ver=9&pe=https%3A%2F%2Fwww.newseasonsmarket.com%2F&pf=

42 B
509 B

1246ms
172ms

Document
image/gif

13.32.121.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=89963278be525df10d09c83dbc6148a2&k=site&ver=9&pe=https%3A%2F%2Fwww.newseasonsmarket.com%2F&pf=
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-105.fra60.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /sync?c=16b6410431b6374e780104abb0443ca8&p=89963278be525df10d09c83dbc6148a2&k=site&ver=9&pe=https%3A%2F%2Fwww.newseasonsmarket.com%2F&pf=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newseasonsmarket.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.newseasonsmarket.com/

Response headers

content-type: image/gif
content-length: 42
date: Wed, 01 Sep 2021 10:04:16 GMT
server: lighttpd/1.4.33
set-cookie: sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjp7IiBiIjoiTmpFeVpqVTRPR1l0TURNMU55MDBPVGd6TFRrMU4yRXRORGczWW1NelptVTJPV1V3T2pFMk16QTBPVEEyTlRZdU1qST0ifX0.FBDhoA.Ps_R9q0umM_unKJgX_Tii6p3-ZA; Expires=Mon, 28-Feb-2022 10:04:16 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Gfe7BKy0niF2bmIN--S1EcB8j07sl81wp-M0WzrqxSH0lAKMvQBk9Q==

Redirect headers

Date: Wed, 01 Sep 2021 10:04:15 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAJvFyGtoZmxgYmlgZgokDFah8U-h8V-h8X-h8ScxofJnofEXofFXofE3ofF3ofE_oetnQeXfQuNvYkUzjxvN_Wj8RcKo_EdofADq51TfMAEAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 26 Sep 2022 10:04:15 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMjI2NwASxhbmQnyGuqFVFSVhBpWFqcWu4VK8hmbGBiaWBmamJhaWpgDmdqIoNAAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 26 Sep 2022 10:04:15 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMjI2NwASxhbmQnyGuqFVFSVhBpWFqcWu4QBJlrueJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=89963278be525df10d09c83dbc6148a2&k=site&ver=9&pe=https%3A%2F%2Fwww.newseasonsmarket.com%2F&pf=
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H/1.1 200
OK cm
p.rfihub.com/ 42 B
990 B 73ms
20ms Image
image/gif 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=40519&in=1&userid=dwdifzcdchx5o
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:15 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

502
Bad Gateway

/
gcm.netmng.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=netmng&google_cm&google_sc&google_hm=ZHdkaWZ6Y2RjaHg1bw==&vid=dwdifzcdchx5o
https://gcm.netmng.com/?id=&vid=dwdifzcdchx5o&google_gid=CAESELxkHwwmiG9uK4s0y9xpOT0&google_cver=1

0
0

2148ms
17ms

Image
text/html

193.0.160.49
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcm.netmng.com/?id=&vid=dwdifzcdchx5o&google_gid=CAESELxkHwwmiG9uK4s0y9xpOT0&google_cver=1
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.0.160.49 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://gcm.netmng.com/?id=&vid=dwdifzcdchx5o&google_gid=CAESELxkHwwmiG9uK4s0y9xpOT0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=640&dpuuid=dwdifzcdchx5o
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=dwdifzcdchx5o

42 B
945 B

35ms
35ms

Image
image/gif

52.30.200.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=dwdifzcdchx5o

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.200.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-200-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-027873a7d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: WqKGFhTeTBQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v015-02e259e58.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: U6jw3XUsQl8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=dwdifzcdchx5o
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ 42 B
341 B 79ms
22ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxMTQmdGw9NDMyMDA=&piggybackCookie=dwdifzcdchx5o
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:756
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=72&code=dwdifzcdchx5o
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D72%26code%3Ddwdifzcdchx5o

43 B
827 B

19ms
18ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D72%26code%3Ddwdifzcdchx5o

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ac9ff3c9-0395-4ed1-b64a-9ed4532c09e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8c109840-a859-4ac9-84fb-966b1d34896f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D72%26code%3Ddwdifzcdchx5o
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/mapuid?member=6928&user=dwdifzcdchx5o
https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Ddwdifzcdchx5o

43 B
828 B

58ms
34ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Ddwdifzcdchx5o

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5af657e7-cb8f-48bd-8767-5794ecdc1160
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9f4218e6-0a62-4842-b17f-959fae4f4396
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Ddwdifzcdchx5o
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK mapuid
secure.adnxs.com/ 43 B
945 B 65ms
22ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/mapuid?member=9373&user=dwdifzcdchx5o

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 90412830-bea1-42e2-b38a-4a86a061873f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 /
loadm.exelator.com/load/ 0
324 B 3159ms
44ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=330&buid=dwdifzcdchx5o&j=0
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 13209
tags.bluekai.com/site/ 62 B
420 B 171ms
169ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/13209?id=dwdifzcdchx5o
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://ce.lijit.com/merge?pid=15&3pid=dwdifzcdchx5o&cb=1630490654
https://ce.lijit.com/merge?pid=15&3pid=dwdifzcdchx5o&cb=1630490654&dnr=1

0
433 B

16ms
16ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=15&3pid=dwdifzcdchx5o&cb=1630490654&dnr=1
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:16 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:16 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=15&3pid=dwdifzcdchx5o&cb=1630490654&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55948/
Redirect Chain

https://pixel.advertising.com/ups/55948/sync?uid=dwdifzcdchx5o&_origin=1
https://pixel.advertising.com/ups/55948/sync?uid=dwdifzcdchx5o&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55948/sync?uid=dwdifzcdchx5o&_origin=1&apid=UPf74df5fc-0b0b-11ec-8f0b-06a17173c662

0
1 KB

326ms
26ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55948/sync?uid=dwdifzcdchx5o&_origin=1&apid=UPf74df5fc-0b0b-11ec-8f0b-06a17173c662

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:16 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55948/sync?uid=dwdifzcdchx5o&_origin=1&apid=UPf74df5fc-0b0b-11ec-8f0b-06a17173c662
date: Wed, 01 Sep 2021 10:04:16 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=14&user_id=dwdifzcdchx5o&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=14&user_id=dwdifzcdchx5o&expires=30

43 B
343 B

24ms
23ms

Image
image/gif

3.64.144.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=14&user_id=dwdifzcdchx5o&expires=30
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.144.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-144-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=14&user_id=dwdifzcdchx5o&expires=30
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072967&val=dwdifzcdchx5o
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=dwdifzcdchx5o

43 B
61 B

44ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=dwdifzcdchx5o
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=dwdifzcdchx5o
date: Wed, 01 Sep 2021 10:04:15 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/
Redirect Chain

https://ps.eyeota.net/match?bid=6bmpi0v&uid=dwdifzcdchx5o
https://ps.eyeota.net/match/bounce/?bid=6bmpi0v&uid=dwdifzcdchx5o

70 B
440 B

26ms
26ms

Image
image/gif

18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=6bmpi0v&uid=dwdifzcdchx5o
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:18 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?bid=6bmpi0v&uid=dwdifzcdchx5o
Date: Wed, 01 Sep 2021 10:04:18 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 usermatch.gif
beacon.krxd.net/ 0
337 B 33ms
32ms Image
text/plain 54.171.152.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=ignitionone&partner_uid=dwdifzcdchx5o
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.152.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-152-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1630490655
x-served-by: beacon-n010-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET

/
tradedesk2waycm.netmng.com/cm/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=su9xcof&ttd_tpi=1&ttd_puid=-1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=su9xcof&ttd_tpi=1&ttd_puid=-1
https://tradedesk2waycm.netmng.com/cm/?buid=-1&id=22075fe1-47e5-40d2-98e1-f60ea3da4f3d

0
0

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3117&partner_device_id=dwdifzcdchx5o
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3117&partner_device_id=dwdifzcdchx5o

95 B
425 B

22ms
21ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3117&partner_device_id=dwdifzcdchx5o

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3117&partner_device_id=dwdifzcdchx5o
date: Wed, 01 Sep 2021 10:04:15 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

2XQNIR3ICZFI5PPTEHOKGH.js Show response
s.adroll.com/pixel/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ/
Redirect Chain

https://d.adroll.com/pixel/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&pv=99216...
https://s.adroll.com/pixel/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ/2XQNIR3ICZFI5PPTEHOKGH.js

14 KB
5 KB

209ms
209ms

Script
text/javascript

2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ/2XQNIR3ICZFI5PPTEHOKGH.js
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f7bb4ca08c35293429cc85db44f2772cfac7a6938ddcdcdbf36d05c4461b7b3

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: U_BD7zWYNbgN55yBQ8zdQwPsVSvwQ.6e
Content-Encoding: gzip
ETag: "c4a0f0f4aa2537ea2620bce4f3cfd0b8"
x-amz-request-id: KF50J4JS7CWQKD9X
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4176
x-amz-id-2: RA9erIHQA6Mx1f8UoC9MIVjQp7Zhe9xBShI2YiJDaiNpKlPYIEmerPsSlO3UrSQ8luskm6f2Z7Y=
Last-Modified: Wed, 14 Jul 2021 10:21:45 GMT
Server: AmazonS3
Date: Wed, 01 Sep 2021 10:04:15 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *newseasonsmarket.com*
date: Wed, 01 Sep 2021 10:04:14 GMT
x-segment-eid: 2XQNIR3ICZFI5PPTEHOKGH
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ/2XQNIR3ICZFI5PPTEHOKGH.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: newseasonsmarket.com
x-pixel-eid: LA3L6LTENFH25KOVXYYVKJ
x-segment-name: 98fad36c
x-advertisable-eid: I2HEGJOMNZHW7IKBWOY3FS
content-length: 0
x-conversion-currency

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
197 B 1142ms
66ms XHR
text/plain 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:16 GMT
referrer-policy: origin
x-cdn: fastly
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1081790429728217
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 814782878633507 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/814782878633507?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0bdd50e05a32eab9aae0b7f1d15c24532ba032ed7cfc702e3bba562a69e6764

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6Tn3d+VRpNrZye0cvQv3o81wG8fPTru9TeYDIlQnt1kx81c+VpSrPHCjgWOubVgkOnZ8xxGrLm+TVcdVSdP8Cw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 01 Sep 2021 10:04:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 LA3L6LTENFH25KOVXYYVKJ
d.adroll.com/onp/I2HEGJOMNZHW7IKBWOY3FS/ 42 B
533 B 34ms
34ms Image
image/gif 34.253.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/onp/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&pv=99216798511.80453&ev=t%3Dtop%26f%3D0
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
x-advertisable-eid: I2HEGJOMNZHW7IKBWOY3FS
content-length: 42

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&expiration=1662026655

43 B
944 B

32ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&expiration=1662026655
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 10:04:15 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&expiration=1662026655
pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 139
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&expires=365

0
239 B

32ms
31ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&expires=365
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&expires=365
pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/onevideo/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://pixel.advertising.com/ups/55980/sync?uid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

1073ms
23ms

Image
text/plain

18.197.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:16 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 167
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI

0
477 B

376ms
95ms

Image
text/plain

64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:15 GMT
Cache-Control: no-cache
X-TraceId: 8105da5223db1b002c7200fd5028f2c4
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI
pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
547 B

302ms
17ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:14 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:383
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI

0
221 B

302ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 1295

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI
pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://eb2.3lift.com/xuid?mid=4714&xuid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

24ms
24ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Wed, 01 Sep 2021 10:04:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
291 B

7ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://x.bidswitch.net/sync?dsp_id=44&user_id=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI

43 B
145 B

36ms
36ms

Image
image/gif

3.64.144.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=44&user_id=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.144.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-144-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=44&user_id=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI
pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 96
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://ib.adnxs.com/setuid?entity=172&code=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI

43 B
1020 B

53ms
53ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:15 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9381a1ca-0ca0-435a-8801-bd18a83808a0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=172&code=MmVlYjlhZDFjNmI1YzI1YWUxMWQwMzRhZjQ1OTg1MmI
pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 93
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 51ms
49ms Image
image/gif 34.253.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H3-29

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS
https://us-u.openx.net/w/1.0/sd?id=537103138&val=2eeb9ad1c6b5c25ae11d034af459852b

43 B
61 B

22ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=2eeb9ad1c6b5c25ae11d034af459852b
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=2eeb9ad1c6b5c25ae11d034af459852b
pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 87
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973&arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&advertisable=I2HEGJOMNZHW7IKBWOY3FS&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=Luua0ca1wlrhHQNK9FmFKw
https://d.adroll.com/cm/g/in

42 B
535 B

33ms
33ms

Image
image/gif

34.253.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 9ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=814782878633507&ev=PageView&dl=https%3A%2F%2Fwww.newseasonsmarket.com%2F&rl=&if=false&ts=1630490655314&cd[segment_eid]=2XQNIR3ICZFI5PPTEHOKGH%2CP7UBNPTUARACVL2TKK5RZ4&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=29&fbp=fb.1.1630490654896.731529666&it=1630490654805&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 01 Sep 2021 10:04:15 GMT

GET
H3-29

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/
https://www.facebook.com/tr/?redirect=0

44 B
88 B

6ms
6ms

Ping
image/gif

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/?redirect=0

Requested by

Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 01 Sep 2021 10:04:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:15 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
location: /tr/?redirect=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: 0

GET
H2 200 NSM_web_feature-peaches_9-1-21.jpg
www.newseasonsmarket.com/wp-content/uploads/2021/08/ 319 KB
320 KB 189ms
188ms Image
image/jpeg 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newseasonsmarket.com/wp-content/uploads/2021/08/NSM_web_feature-peaches_9-1-21.jpg
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-23-106.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 35d1a925318217cdd04a7eefe6a2a073cb08905668e8942430fef40a645fdfba

Request headers

:path: /wp-content/uploads/2021/08/NSM_web_feature-peaches_9-1-21.jpg
pragma: no-cache
cookie: sessionid=566926174; _gcl_au=1.1.908882889.1630490654; _ga=GA1.2.1763140592.1630490655; _gid=GA1.2.1118244157.1630490655; _gat_UA-24685851-1=1; _hjid=267df954-4322-4e54-9812-60b7d0617ed8; _hjFirstSeen=1; _fbp=fb.1.1630490654896.731529666; geolat=45.512; geolng=-122.679; __adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973; _pin_unauth=dWlkPU1XSmtNbVJpWWpFdE0yRTFaUzAwWkRreExUaGtZVGt0T1RVellqSTJaV0kwWm1KaA; __ar_v4=%7CI2HEGJOMNZHW7IKBWOY3FS%3A20210901%3A1%7CLA3L6LTENFH25KOVXYYVKJ%3A20210901%3A1%7C2XQNIR3ICZFI5PPTEHOKGH%3A20210901%3A1; AWSALB=h9qPiXDqm/rKNaxv7dpTOqzoLogEeOJsJu3ZMcimzxfMANXhfgMUm8yDiEWkFCkmiQJyev823k1pw/iQu80FOtoUi1vdCfZla31opZAPkMGbMF807etecWax0Sqg; AWSALBCORS=h9qPiXDqm/rKNaxv7dpTOqzoLogEeOJsJu3ZMcimzxfMANXhfgMUm8yDiEWkFCkmiQJyev823k1pw/iQu80FOtoUi1vdCfZla31opZAPkMGbMF807etecWax0Sqg; PHPSESSID=990bb9a2380f82e758fc671a2a94b930
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 22:44:31 GMT
server: nginx
etag: W/"612d5f4f-4fc4e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000 public
set-cookie: AWSALB=Mnqb2VsHXjoBlYIvMoblWCgL92AKZB3mdnzurXGb4567Stl5fOyIzfmvb/uk6PPScUp/xs4uGm9RtVhD0sI/5/E/2K1Lf52D6Xt7lhTHmrVsDEyPqmbMVDmfXto3; Expires=Wed, 08 Sep 2021 10:04:15 GMT; Path=/ AWSALBCORS=Mnqb2VsHXjoBlYIvMoblWCgL92AKZB3mdnzurXGb4567Stl5fOyIzfmvb/uk6PPScUp/xs4uGm9RtVhD0sI/5/E/2K1Lf52D6Xt7lhTHmrVsDEyPqmbMVDmfXto3; Expires=Wed, 08 Sep 2021 10:04:15 GMT; Path=/; SameSite=None; Secure
expires: Fri, 01 Oct 2021 10:04:15 GMT

GET
H2 200 dots.svg
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/img/borders/ 3 KB
909 B 8ms
7ms Image
image/svg+xml 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/img/borders/dots.svg
Requested by: Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c2b332919454dc239f1e74a62be48eee111c8335dece457ebb6dabdab9d7604

Request headers

Referer: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 18:48:35 GMT
content-encoding: gzip
last-modified: Mon, 02 Aug 2021 16:00:11 GMT
server: nginx
age: 1869340
etag: W/"6108168b-a50"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: HCMLMBu3ufOmDJmdvcctWbdDTBAOtTkNF-ONPIj0iqMHNPPynoNrXw==
expires: Thu, 09 Sep 2021 18:48:35 GMT

GET
H2 200 NSM_Foodie.woff
cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/font/NSMFoodie/ 104 KB
104 KB 9ms
9ms Font
font/woff 2600:9000:2240:9000:f:4d5a:3340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/lib/font/NSMFoodie/NSM_Foodie.woff
Requested by: Host: cdn.newseasonsmarket.com
URL: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:9000:f:4d5a:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 417a317957a3fda1ea058825eddfb46520f71a15c92b0e1b8a48f70504d05dee

Request headers

Origin: https://www.newseasonsmarket.com
Referer: https://cdn.newseasonsmarket.com/wp-content/themes/newseasons/style.css?etag=1&ver=1629860370
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 01:24:38 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
last-modified: Mon, 02 Aug 2021 16:00:11 GMT
server: nginx
age: 1845577
etag: "6108168b-19ed8"
x-cache: Hit from cloudfront
content-type: font/woff
access-control-allow-origin: https://www.newseasonsmarket.com
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 106200
x-amz-cf-id: LEdAaVT6pWqg7LHodsTuQKseKhljIA_VL4GC4kK5kGFSH9dPsMaeAw==
expires: Fri, 10 Sep 2021 01:24:38 GMT

GET
H2 200 NSM_web_sub_instacart_9-1-21.jpg
www.newseasonsmarket.com/wp-content/uploads/2021/08/ 79 KB
78 KB 309ms
307ms Image
image/jpeg 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newseasonsmarket.com/wp-content/uploads/2021/08/NSM_web_sub_instacart_9-1-21.jpg
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-23-106.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b419b6c9ea89b466db9496de855da113ee212bf421db536e10a3a684c3866363

Request headers

:path: /wp-content/uploads/2021/08/NSM_web_sub_instacart_9-1-21.jpg
pragma: no-cache
cookie: sessionid=566926174; _gcl_au=1.1.908882889.1630490654; _ga=GA1.2.1763140592.1630490655; _gid=GA1.2.1118244157.1630490655; _gat_UA-24685851-1=1; _hjid=267df954-4322-4e54-9812-60b7d0617ed8; _hjFirstSeen=1; _fbp=fb.1.1630490654896.731529666; geolat=45.512; geolng=-122.679; __adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973; _pin_unauth=dWlkPU1XSmtNbVJpWWpFdE0yRTFaUzAwWkRreExUaGtZVGt0T1RVellqSTJaV0kwWm1KaA; __ar_v4=%7CI2HEGJOMNZHW7IKBWOY3FS%3A20210901%3A1%7CLA3L6LTENFH25KOVXYYVKJ%3A20210901%3A1%7C2XQNIR3ICZFI5PPTEHOKGH%3A20210901%3A1; AWSALB=RNCUQ79k3e0Zv4LvieR8qZKMo4Q376e29eVb1r6u/k6A06YIj20trEXO0f0qJQW7csgPZjbfvd0YwjeHSvnoBcfMPQxFIbgJclqN10rMfcnLfQx+FeXygwNR4qgu; AWSALBCORS=RNCUQ79k3e0Zv4LvieR8qZKMo4Q376e29eVb1r6u/k6A06YIj20trEXO0f0qJQW7csgPZjbfvd0YwjeHSvnoBcfMPQxFIbgJclqN10rMfcnLfQx+FeXygwNR4qgu; PHPSESSID=95ca46b1e41a7558effa865a98f149db
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 21:20:08 GMT
server: nginx
etag: W/"61256288-13a31"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000 public
set-cookie: AWSALB=NMoQfM3oi7+xqW0evV8nBhvwLEwnllKL5UWsz23Ftycg9nqUCTdCV7cX+IYgHUqC60eYskfwWtc7RMQt9UEFNioJmpwr6HNmMF+CJDs9FErqSdt7wtkZ9AAUNT7U; Expires=Wed, 08 Sep 2021 10:04:15 GMT; Path=/ AWSALBCORS=NMoQfM3oi7+xqW0evV8nBhvwLEwnllKL5UWsz23Ftycg9nqUCTdCV7cX+IYgHUqC60eYskfwWtc7RMQt9UEFNioJmpwr6HNmMF+CJDs9FErqSdt7wtkZ9AAUNT7U; Expires=Wed, 08 Sep 2021 10:04:15 GMT; Path=/; SameSite=None; Secure
expires: Fri, 01 Oct 2021 10:04:15 GMT

GET
H2 200 NSM_sub_recycling_8-25-21.jpg
www.newseasonsmarket.com/wp-content/uploads/2021/08/ 118 KB
118 KB 309ms
308ms Image
image/jpeg 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newseasonsmarket.com/wp-content/uploads/2021/08/NSM_sub_recycling_8-25-21.jpg
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-23-106.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6eee92334e630934d607af21cf949ac6ed5aa1730abc645b06c0178d4ad516ed

Request headers

:path: /wp-content/uploads/2021/08/NSM_sub_recycling_8-25-21.jpg
pragma: no-cache
cookie: sessionid=566926174; _gcl_au=1.1.908882889.1630490654; _ga=GA1.2.1763140592.1630490655; _gid=GA1.2.1118244157.1630490655; _gat_UA-24685851-1=1; _hjid=267df954-4322-4e54-9812-60b7d0617ed8; _hjFirstSeen=1; _fbp=fb.1.1630490654896.731529666; geolat=45.512; geolng=-122.679; __adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973; _pin_unauth=dWlkPU1XSmtNbVJpWWpFdE0yRTFaUzAwWkRreExUaGtZVGt0T1RVellqSTJaV0kwWm1KaA; __ar_v4=%7CI2HEGJOMNZHW7IKBWOY3FS%3A20210901%3A1%7CLA3L6LTENFH25KOVXYYVKJ%3A20210901%3A1%7C2XQNIR3ICZFI5PPTEHOKGH%3A20210901%3A1; AWSALB=RNCUQ79k3e0Zv4LvieR8qZKMo4Q376e29eVb1r6u/k6A06YIj20trEXO0f0qJQW7csgPZjbfvd0YwjeHSvnoBcfMPQxFIbgJclqN10rMfcnLfQx+FeXygwNR4qgu; AWSALBCORS=RNCUQ79k3e0Zv4LvieR8qZKMo4Q376e29eVb1r6u/k6A06YIj20trEXO0f0qJQW7csgPZjbfvd0YwjeHSvnoBcfMPQxFIbgJclqN10rMfcnLfQx+FeXygwNR4qgu; PHPSESSID=95ca46b1e41a7558effa865a98f149db
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 23:05:17 GMT
server: nginx
etag: W/"612429ad-1d877"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000 public
set-cookie: AWSALB=/W9vfMVsYLqzlS5UdaUH5+B4cOUuKCaz3g/asDUS84In7CUKhzrnnbLCOcYEyVXFDHXqeAZaV9ginoSU0qLwrG8nXyDi+i3RLIbCxGhXuwooH87ps4hoyVz7tzxR; Expires=Wed, 08 Sep 2021 10:04:15 GMT; Path=/ AWSALBCORS=/W9vfMVsYLqzlS5UdaUH5+B4cOUuKCaz3g/asDUS84In7CUKhzrnnbLCOcYEyVXFDHXqeAZaV9ginoSU0qLwrG8nXyDi+i3RLIbCxGhXuwooH87ps4hoyVz7tzxR; Expires=Wed, 08 Sep 2021 10:04:15 GMT; Path=/; SameSite=None; Secure
expires: Fri, 01 Oct 2021 10:04:15 GMT

GET
H2 200 NSM-hiring_web-sub_7-7-21.jpg
www.newseasonsmarket.com/wp-content/uploads/2021/06/ 90 KB
90 KB 309ms
308ms Image
image/jpeg 44.240.23.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newseasonsmarket.com/wp-content/uploads/2021/06/NSM-hiring_web-sub_7-7-21.jpg
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.23.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-23-106.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: bda4075f6dfe48702a9e0190444f02842ad451e1042e112fecd0037ff55f5bba

Request headers

:path: /wp-content/uploads/2021/06/NSM-hiring_web-sub_7-7-21.jpg
pragma: no-cache
cookie: sessionid=566926174; _gcl_au=1.1.908882889.1630490654; _ga=GA1.2.1763140592.1630490655; _gid=GA1.2.1118244157.1630490655; _gat_UA-24685851-1=1; _hjid=267df954-4322-4e54-9812-60b7d0617ed8; _hjFirstSeen=1; _fbp=fb.1.1630490654896.731529666; geolat=45.512; geolng=-122.679; __adroll_fpc=3ca567719c50339773cf2142b0195b1a-1630490654973; _pin_unauth=dWlkPU1XSmtNbVJpWWpFdE0yRTFaUzAwWkRreExUaGtZVGt0T1RVellqSTJaV0kwWm1KaA; __ar_v4=%7CI2HEGJOMNZHW7IKBWOY3FS%3A20210901%3A1%7CLA3L6LTENFH25KOVXYYVKJ%3A20210901%3A1%7C2XQNIR3ICZFI5PPTEHOKGH%3A20210901%3A1; AWSALB=RNCUQ79k3e0Zv4LvieR8qZKMo4Q376e29eVb1r6u/k6A06YIj20trEXO0f0qJQW7csgPZjbfvd0YwjeHSvnoBcfMPQxFIbgJclqN10rMfcnLfQx+FeXygwNR4qgu; AWSALBCORS=RNCUQ79k3e0Zv4LvieR8qZKMo4Q376e29eVb1r6u/k6A06YIj20trEXO0f0qJQW7csgPZjbfvd0YwjeHSvnoBcfMPQxFIbgJclqN10rMfcnLfQx+FeXygwNR4qgu; PHPSESSID=95ca46b1e41a7558effa865a98f149db
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newseasonsmarket.com
referer: https://www.newseasonsmarket.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:15 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 23:08:35 GMT
server: nginx
etag: W/"60dba7f3-167e9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000 public
set-cookie: AWSALB=PliYw0XPeO/4pczDh42Fo1In8E8PYaJHILt+NURKpf7fXAxPY2uT8DjgfmeRgCWHctoucyp9Qj93wLGr2MfOlaxktEy2AeKjsUuSr9vO/aYSOIoq6VKeZLVWtvuc; Expires=Wed, 08 Sep 2021 10:04:15 GMT; Path=/ AWSALBCORS=PliYw0XPeO/4pczDh42Fo1In8E8PYaJHILt+NURKpf7fXAxPY2uT8DjgfmeRgCWHctoucyp9Qj93wLGr2MfOlaxktEy2AeKjsUuSr9vO/aYSOIoq6VKeZLVWtvuc; Expires=Wed, 08 Sep 2021 10:04:15 GMT; Path=/; SameSite=None; Secure
expires: Fri, 01 Oct 2021 10:04:15 GMT

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 22ms
21ms Script
application/javascript 151.101.13.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: www.newseasonsmarket.com
URL: https://www.newseasonsmarket.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: H89KM1RV4S7TFTBC
x-cache: HIT
content-length: 11781
x-amz-id-2: 2X4DcPAuUiE6Foymon7Mxx0ETD5vM2d6Ih31P/Gs/3u8xfRvjERnC1m/KQrm7GW45yv3YDNKCwU=
x-served-by: cache-fra19169-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1630490662.710914,VS0,VE0
date: Wed, 01 Sep 2021 10:04:21 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1690

GET
H2 200 p Show response
i.simpli.fi/ 746 B
2 KB 17ms
17ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=101989&conversion=20&campaign_id=0&m=1&sifi_tuid=59016

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

b237a679220213bad6ba090e017133e0985652e09efeeaf303e0a7fc751bc40c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=E139BAD690E84F0C8F5E4B222AB36EBA

43 B
182 B

98ms
94ms

Image
image/gif

2600:1f18:612b:4200:3aa:8894:1069:c551
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=E139BAD690E84F0C8F5E4B222AB36EBA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:3aa:8894:1069:c551 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:21 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=E139BAD690E84F0C8F5E4B222AB36EBA
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 31 Aug 2021 10:04:21 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=E139BAD690E84F0C8F5E4B222AB36EBA
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E139BAD690E84F0C8F5E4B222AB36EBA

95 B
414 B

23ms
21ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E139BAD690E84F0C8F5E4B222AB36EBA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:21 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E139BAD690E84F0C8F5E4B222AB36EBA
date: Wed, 01 Sep 2021 10:04:21 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=E139BAD690E84F0C8F5E4B222AB36EBA
https://um.simpli.fi/aa_px?sk=164950903896000130622

43 B
409 B

15ms
15ms

Image
image/gif

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164950903896000130622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 31 Aug 2021 10:04:21 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:21 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://um.simpli.fi/aa_px?sk=164950903896000130622
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 64ms
15ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 31 Aug 2021 10:04:21 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=E139BAD690E84F0C8F5E4B222AB36EBA

0
0

73ms
22ms

Image
text/html

13.32.121.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=E139BAD690E84F0C8F5E4B222AB36EBA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-108.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=E139BAD690E84F0C8F5E4B222AB36EBA
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 31 Aug 2021 10:04:21 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 64ms
16ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 31 Aug 2021 10:04:21 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 19ms
14ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 31 Aug 2021 10:04:21 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=E139BAD690E84F0C8F5E4B222AB36EBA;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=E139BAD690E84F0C8F5E4B222AB36EBA;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=6161421057984777275

0
0

23ms
22ms

Image
text/html

13.32.121.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=6161421057984777275
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-108.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:21 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=6161421057984777275
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=E139BAD690E84F0C8F5E4B222AB36EBA&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=E139BAD690E84F0C8F5E4B222AB36EBA&j=0&xl8blockcheck=1

0
755 B

34ms
34ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=E139BAD690E84F0C8F5E4B222AB36EBA&j=0&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 01 Sep 2021 10:04:21 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=E139BAD690E84F0C8F5E4B222AB36EBA&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 19ms
15ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 31 Aug 2021 10:04:21 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=E139BAD690E84F0C8F5E4B222AB36EBA

0
421 B

410ms
99ms

Image
text/plain

3.228.45.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=E139BAD690E84F0C8F5E4B222AB36EBA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.45.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-45-187.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 01 Sep 2021 10:04:21 GMT

Redirect headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=E139BAD690E84F0C8F5E4B222AB36EBA
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 31 Aug 2021 10:04:21 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=E139BAD690E84F0C8F5E4B222AB36EBA

62 B
745 B

163ms
160ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=E139BAD690E84F0C8F5E4B222AB36EBA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:21 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 624d
Content-Type: image/gif

Redirect headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=E139BAD690E84F0C8F5E4B222AB36EBA
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 31 Aug 2021 10:04:21 GMT

GET
H2

200

tpid=E139BAD690E84F0C8F5E4B222AB36EBA
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=E139BAD690E84F0C8F5E4B222AB36EBA
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=E139BAD690E84F0C8F5E4B222AB36EBA

49 B
742 B

40ms
40ms

Image
image/gif

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=E139BAD690E84F0C8F5E4B222AB36EBA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.156
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=E139BAD690E84F0C8F5E4B222AB36EBA
cache-control: no-cache
x-server: 10.45.28.162
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=E139BAD690E84F0C8F5E4B222AB36EBA
https://ce.lijit.com/merge?pid=2&3pid=E139BAD690E84F0C8F5E4B222AB36EBA&dnr=1

0
433 B

21ms
18ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=E139BAD690E84F0C8F5E4B222AB36EBA&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=E139BAD690E84F0C8F5E4B222AB36EBA&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=E139BAD690E84F0C8F5E4B222AB36EBA

0
42 B

23ms
19ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=E139BAD690E84F0C8F5E4B222AB36EBA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:21 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=E139BAD690E84F0C8F5E4B222AB36EBA
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 31 Aug 2021 10:04:21 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1630490661707&cv=7&fst=1630490661707&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1054249724&cv=7&fst=1630490661707&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1054249724&cv=7&fst=1630490661707&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1054249724&cv=7&fst=1630490661707&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
154 B

23ms
23ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1054249724&cv=7&fst=1630490661707&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JVAvYeLEMKzN7_UPn9-VmA0&cid=CAQSKQCNIrLM-pNUWU-YlADs2GJCuyrFg5Rdgl8ogMQ9d-hIP_Ww8Kic4_y8&random=947878827&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1054249724&cv=7&fst=1630490661707&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JVAvYeLEMKzN7_UPn9-VmA0&cid=CAQSKQCNIrLM-pNUWU-YlADs2GJCuyrFg5Rdgl8ogMQ9d-hIP_Ww8Kic4_y8&random=947878827&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=E139BAD690E84F0C8F5E4B222AB36EBA
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=E139BAD690E84F0C8F5E4B222AB36EBA&__user_check__=1&sync_id=fa9565a9-0b0b-11ec-9d51-191344880206

43 B
548 B

18ms
18ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=E139BAD690E84F0C8F5E4B222AB36EBA&__user_check__=1&sync_id=fa9565a9-0b0b-11ec-9d51-191344880206
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 10:04:21 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 17
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 01 Sep 2021 10:04:21 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=E139BAD690E84F0C8F5E4B222AB36EBA&__user_check__=1&sync_id=fa9565a9-0b0b-11ec-9d51-191344880206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 128
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=E139BAD690E84F0C8F5E4B222AB36EBA
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE139BAD690E84F0C8F5E4B222AB36EBA

43 B
1 KB

52ms
52ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE139BAD690E84F0C8F5E4B222AB36EBA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:21 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 872ac86f-7c80-41a4-a32a-19494f292299
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 10:04:21 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 168f0f58-0d74-4864-a3fc-1a831b8b37d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE139BAD690E84F0C8F5E4B222AB36EBA
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=E139BAD690E84F0C8F5E4B222AB36EBA&expires=365

0
239 B

34ms
32ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=E139BAD690E84F0C8F5E4B222AB36EBA&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=E139BAD690E84F0C8F5E4B222AB36EBA&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 31 Aug 2021 10:04:21 GMT

GET
H3-29

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=E139BAD690E84F0C8F5E4B222AB36EBA
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=E139BAD690E84F0C8F5E4B222AB36EBA

43 B
61 B

22ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=E139BAD690E84F0C8F5E4B222AB36EBA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:21 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=E139BAD690E84F0C8F5E4B222AB36EBA
date: Wed, 01 Sep 2021 10:04:21 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEMhcd3tC4-1kPAuEcZKI_ac&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E139BAD690E84F0C8F5E4B222AB36EBA
https://um.simpli.fi/g_match?id=

0
320 B

15ms
15ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:21 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 31 Aug 2021 10:04:21 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK NRJS-102e95dc2c9c8c3a36a Show response
bam.nr-data.net/1/ 57 B
278 B 440ms
110ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-102e95dc2c9c8c3a36a?a=603050602&v=1210.e2a3f80&to=MgRTZERSCkRQBRBQWQtOcFNCWgtZHhYFXlNICV5dUw%3D%3D&rst=9574&ck=1&ref=https://www.newseasonsmarket.com/&ap=575&be=1793&fe=9540&dc=2548&perf=%7B%22timing%22:%7B%22of%22:1630490652161,%22n%22:0,%22f%22:407,%22dn%22:408,%22dne%22:453,%22c%22:453,%22s%22:466,%22ce%22:820,%22rq%22:820,%22rp%22:1782,%22rpe%22:1789,%22dl%22:1785,%22di%22:2547,%22ds%22:2547,%22de%22:2548,%22dc%22:9540,%22l%22:9540,%22le%22:9545%7D,%22navigation%22:%7B%7D%7D&fp=2482&fcp=2482&at=HkNQEgxIGUo%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=iso-8859-1

GET
H2 200 LA3L6LTENFH25KOVXYYVKJ
d.adroll.com/onp/I2HEGJOMNZHW7IKBWOY3FS/ 42 B
534 B 33ms
33ms Image
image/gif 34.253.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/onp/I2HEGJOMNZHW7IKBWOY3FS/LA3L6LTENFH25KOVXYYVKJ?arrfrr=https%3A%2F%2Fwww.newseasonsmarket.com%2F&xid_ch=f&pv=99216798511.80453&ev=t%3Dtop%26f%3D10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 10:04:25 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
x-advertisable-eid: I2HEGJOMNZHW7IKBWOY3FS
content-length: 42

POST
H/1.1 200
OK NRJS-102e95dc2c9c8c3a36a Show response
bam.nr-data.net/events/1/ 24 B
191 B 110ms
109ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-102e95dc2c9c8c3a36a?a=603050602&v=1210.e2a3f80&to=MgRTZERSCkRQBRBQWQtOcFNCWgtZHhYFXlNICV5dUw%3D%3D&rst=19582&ck=1&ref=https://www.newseasonsmarket.com/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.newseasonsmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.newseasonsmarket.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secfld.vmmpxl.com
URL: https://secfld.vmmpxl.com/?bkt=72977

Domain: tradedesk2waycm.netmng.com
URL: https://tradedesk2waycm.netmng.com/cm/?buid=-1&id=22075fe1-47e5-40d2-98e1-f60ea3da4f3d

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.newseasonsmarket.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://media-cdn.ipredictive.com/js/cirt_v2.min.js(Line 1) Message: https://ad.ipredictive.com/d/rt/pixel?uuid=fc48e498-a5c0-47f0-8d63-976b399d42e6&rtsite_id=16067&sdk_src=js&ts=1630490655&rr=832100146504035&sdkv=1.0.0-beta&res=1600x1200&cookie=1&ref=&dloc=https%3A%2F%2Fwww.newseasonsmarket.com%2F&ds=1&xp_pdf=0&xp_qt=0&xp_realp=0&xp_wma=0&xp_dir=0&xp_fla=0&xp_java=0&xp_gears=0&xp_ag=0&event=pageview&ev_pageview=%7B%22url%22%3A%22https%3A%2F%2Fwww.newseasonsmarket.com%2F%22%2C%22title%22%3A%22New%20Seasons%20Market%20New%20Seasons%20Market%20%7C%20Grocery%20Stores%20in%20the%20Portland%20Metro%20area%22%7D
console-api	log	URL: https://media-cdn.ipredictive.com/js/cirt_v2.min.js(Line 1) Message: https://ad.ipredictive.com/d/rt/pixel?uuid=fc48e498-a5c0-47f0-8d63-976b399d42e6&rtsite_id=16067&sdk_src=js&ts=1630490655&rr=5422680366335773&sdkv=1.0.0-beta&res=1600x1200&cookie=1&ref=&dloc=https%3A%2F%2Fwww.newseasonsmarket.com%2F&ds=1&xp_pdf=0&xp_qt=0&xp_realp=0&xp_wma=0&xp_dir=0&xp_fla=0&xp_java=0&xp_gears=0&xp_ag=0&event=pageview&ev_pageview=%7B%22url%22%3A%22https%3A%2F%2Fwww.newseasonsmarket.com%2F%22%2C%22title%22%3A%22New%20Seasons%20Market%20New%20Seasons%20Market%20%7C%20Grocery%20Stores%20in%20the%20Portland%20Metro%20area%22%7D
console-api	debug	URL: https://media-cdn.ipredictive.com/js/cirt_v2.min.js(Line 1) Message: img loaded url = https://ad.ipredictive.com/d/rt/pixel?uuid=fc48e498-a5c0-47f0-8d63-976b399d42e6&rtsite_id=16067&sdk_src=js&ts=1630490655&rr=832100146504035&sdkv=1.0.0-beta&res=1600x1200&cookie=1&ref=&dloc=https%3A%2F%2Fwww.newseasonsmarket.com%2F&ds=1&xp_pdf=0&xp_qt=0&xp_realp=0&xp_wma=0&xp_dir=0&xp_fla=0&xp_java=0&xp_gears=0&xp_ag=0&event=pageview&ev_pageview=%7B%22url%22%3A%22https%3A%2F%2Fwww.newseasonsmarket.com%2F%22%2C%22title%22%3A%22New%20Seasons%20Market%20New%20Seasons%20Market%20%7C%20Grocery%20Stores%20in%20the%20Portland%20Metro%20area%22%7D
console-api	debug	URL: https://media-cdn.ipredictive.com/js/cirt_v2.min.js(Line 1) Message: img loaded url = https://ad.ipredictive.com/d/rt/pixel?uuid=fc48e498-a5c0-47f0-8d63-976b399d42e6&rtsite_id=16067&sdk_src=js&ts=1630490655&rr=5422680366335773&sdkv=1.0.0-beta&res=1600x1200&cookie=1&ref=&dloc=https%3A%2F%2Fwww.newseasonsmarket.com%2F&ds=1&xp_pdf=0&xp_qt=0&xp_realp=0&xp_wma=0&xp_dir=0&xp_fla=0&xp_java=0&xp_gears=0&xp_ag=0&event=pageview&ev_pageview=%7B%22url%22%3A%22https%3A%2F%2Fwww.newseasonsmarket.com%2F%22%2C%22title%22%3A%22New%20Seasons%20Market%20New%20Seasons%20Market%20%7C%20Grocery%20Stores%20in%20the%20Portland%20Metro%20area%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://newleaf.com/
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20820827p.rfihub.com
20826659p.rfihub.com
5295329.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.ipredictive.com
ads.yahoo.com
adservice.google.com
adservice.google.de
aep.mxptint.net
bam.nr-data.net
bcp.crwdcntrl.net
beacon.krxd.net
bidagent.xad.com
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdn.newseasonsmarket.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
ct.pinterest.com
d.adroll.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
fcmatch.google.com
fcmatch.youtube.com
fei.pro-market.net
gcm.netmng.com
geoip-js.com
googleads.g.doubleclick.net
hello.myfonts.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
jadserve.postrelease.com
js-agent.newrelic.com
js.maxmind.com
live.rezync.com
loadm.exelator.com
media-cdn.ipredictive.com
mpp.mxptint.net
newseasons.netmng.com
newseasonsmarket.com
p.rfihub.com
partners.tremorhub.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
ps.eyeota.net
pubads.g.doubleclick.net
r.turn.com
s.adroll.com
s.pinimg.com
script.hotjar.com
secfld.vmmpxl.com
secure.adnxs.com
simage2.pubmatic.com
simplifi.partners.tremorhub.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.bfmio.com
sync.intentiq.com
sync.outbrain.com
sync.search.spotxchange.com
sync.taboola.com
tags.bluekai.com
tradedesk2waycm.netmng.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mnixpixel.com
www.newseasonsmarket.com
x.bidswitch.net
x.dlx.addthis.com
secfld.vmmpxl.com
tradedesk2waycm.netmng.com
104.111.215.191
13.32.120.62
13.32.121.105
13.32.121.108
141.226.228.48
142.250.185.226
142.250.186.134
151.101.13.27
151.101.14.49
159.253.128.183
162.247.242.18
169.50.137.179
172.217.18.98
172.217.23.98
18.156.0.31
18.158.92.16
18.184.216.10
18.197.99.6
18.209.200.15
18.66.112.109
18.66.112.111
18.66.97.53
185.33.220.241
185.64.189.110
185.64.190.80
185.94.180.125
193.0.160.128
193.0.160.49
199.232.80.84
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
206.81.5.96
216.52.2.39
2600:1901:0:8eee::
2600:1f18:612b:4200:3aa:8894:1069:c551
2600:9000:223c:5c00:1:76cf:fe80:93a1
2600:9000:2240:9000:f:4d5a:3340:93a1
2606:4700::6810:135e
2606:4700::6810:252f
2606:4700::6811:f449
2606:4700::6812:aef
2a00:1288:80:800::7001
2a00:1450:4001:801::2004
2a00:1450:4001:801::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c09::9a
2a02:26f0:6c00:28c::1931
2a02:26f0:6c00::210:bac8
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.120.90.180
3.228.45.187
3.64.144.49
3.93.127.70
34.197.168.203
34.253.133.188
34.254.143.3
34.98.64.218
35.227.248.159
35.244.174.68
37.252.172.249
38.67.14.225
38.68.201.139
44.240.23.106
52.209.129.133
52.30.200.197
52.55.91.197
54.171.152.112
64.202.112.95
69.173.144.165
76.223.111.18
0275adb25bfaff83e5f44c38ee268b6d9802dda2622d2346bc04372cea65cdce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d2c76c08fce084b0072e5dca3a701cc989082320b725c5f5c5b467bafcf46a2
0dd49b1386bf0255c2560867e7193eefcb41f16476631cc5a58b98eac32b49ea
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
24730f735f3d08baf555c3179d7b889d54f6314619fee6b534f7727f4e9bde3a
2549f0e0b120c2975616dc642161929bbf3f47ee4a51df0e49af7342e557f070
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
25ea523d2867c1c5a6e150aa0b4df05d77a1a97c5256061dfbfc32d45743be79
2c8f585f6eb6a9e8760ab07a76ea5e5c4d0b55631ed86d393e345594242e939e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fe5fb2d025e0a2a028376783078622313bb93ec4a64cae7a8f6c0463507b2b1
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
35d1a925318217cdd04a7eefe6a2a073cb08905668e8942430fef40a645fdfba
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3dabf1ddfd0663d2f76e02f60df57575cffbdbee8a1025126055f8908691bd16
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
417a317957a3fda1ea058825eddfb46520f71a15c92b0e1b8a48f70504d05dee
4308b770a8f544c1fc4487836df776d7a8a4170b0947e45c9b748369846ee115
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b44faa96de6df1206b804761538ee09fa32530ad34e694dbf24d1b99f8d46f8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
51804a9e6fd0c37bee93765d653d2eb975e30cd4a110ad29e43d1853e1d0fd1e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
570aae8bc07b32bbaa600bb6f4248b3f2cd3131e82e8baecbdf4ccfb77ebaa7a
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
5931f83231f201f4e8fb1570ff5f1a60f8061b241f5347dd5a6f91848e30966d
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5c2b332919454dc239f1e74a62be48eee111c8335dece457ebb6dabdab9d7604
6df1f7dea1fc86c97c013c49cf12203b9488e88e8d62459d5535e716a09adedf
6eee92334e630934d607af21cf949ac6ed5aa1730abc645b06c0178d4ad516ed
6f7bb4ca08c35293429cc85db44f2772cfac7a6938ddcdcdbf36d05c4461b7b3
70f86594c1bd498b04f7f52d216c05cf3bf85e5bead965155d1e172fbc02c936
789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4
792e4dbf8e3acd066dfc77d0d11cb0685c3c094825e0a10f6a14a2896433ec54
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7b31974247717ecb13819540c4e3b4cd4dd56d719cf0bab64413bfcd1a0cc9d5
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d
9042deecce18d2dab675d21a95831a696327f912a19f3e608689bac5965af78d
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
95ec2b27242cfe85a1f63c174c41144ef933473f38efcbce2b24a081e83e6fa2
96f1d145e94ac9465613acda7593d4070f6b50e6ad9a58d8154413a57ea0d935
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
98ae4288a7547837ed8e809fd9f3f65ae608250874aad5dcc09f9e8bdc466219
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ade9e8a4c54d9d3466d219dfbd5941f4f54a175b9da86ccc2cfa000458c619ff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b237a679220213bad6ba090e017133e0985652e09efeeaf303e0a7fc751bc40c
b38fbe25477dd4b16cab2b521dc82cdfaa018fdf80f8ce6be9c2b62a220aecb0
b419b6c9ea89b466db9496de855da113ee212bf421db536e10a3a684c3866363
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bda4075f6dfe48702a9e0190444f02842ad451e1042e112fecd0037ff55f5bba
c02a2fa7cfd620d8e266d1134f16f2b47813d1718f879a8fd56a130f71b6cdb6
c9144a6274f568e7fdb0c4ffdf2d01ee86145f098fd7cec09cbfceb321b8a701
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e38a5eaf130b485b5fb93d8ae43bb692a838ffdae8874e50bccb6e697801a917
e39bce70fe64a7be07b93e4ff13b4f5ccdf59c6f9e0d128d7f5e273f29bba204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4230b9972f82da961aae519e85ccf8699f3a30a111ec835a926dffbe526f0e7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bdd50e05a32eab9aae0b7f1d15c24532ba032ed7cfc702e3bba562a69e6764
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f60e861eb5ab95e8ab6bc24639e268ee0753b6a006689a08b82c42b87586417c
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f76c4ebb4c6b858478fdfcd505ece8050ad64b0bda348e710beb3f2f8b6e87c3
f7d249255cb20736bc87b3399d5a5ae40ff9363f759d759042d04ccca863e47b
fc065b675d4593fb9a2f7265469bd48657017fa9189374ebb6b12fdfeaf4a28b
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd7eff8dea755b65036efa1df7b8c0e334a0dac4ea16f5ecd1b2ccdf3198db48
fe3cd6e84a6d7193b9640c96ec1aa2c4dbf8211e52f44df5f4dabda72d1d4097
fef8247223ba9416f62689683488147b54ae56fbd8cfbb72327453b7126aabcd

www.newseasonsmarket.com Open in urlscan Pro 44.240.23.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

167 Requests

99 %HTTPS

32 %IPv6

63 Domains

88 Subdomains

72 IPs

7 Countries

2301 kBTransfer

4293 kBSize

0 Cookies

16 Outgoing links

Page URL History

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newseasonsmarket.com Open in urlscan Pro
44.240.23.106 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

99 %
HTTPS

32 %
IPv6

63
Domains

88
Subdomains

72
IPs

7
Countries

2301 kB
Transfer

4293 kB
Size

0
Cookies

167 HTTP transactions
0 data transactions