www.gls-us.com Open in urlscan Pro
216.101.115.41 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gls-us.com/support/expresspay
Submission: On February 07 via manual (February 7th 2023, 10:44:13 pm UTC) from US — Scanned from US

Summary HTTP 85 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 37 IPs in 1 countries across 36 domains to perform 85 HTTP transactions. The main IP is 216.101.115.41, located in United States and belongs to GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US. The main domain is www.gls-us.com. The Cisco Umbrella rank of the primary domain is 92887.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on June 8th 2022. Valid for: a year.

This is the only time www.gls-us.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	216.101.115.41 216.101.115.41	30443 (GOLDEN-ST...) (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
12	13.110.32.185 13.110.32.185	14340 (SALESFORCE) (SALESFORCE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.106.49 108.138.106.49	16509 (AMAZON-02) (AMAZON-02)
1	52.85.61.83 52.85.61.83	16509 (AMAZON-02) (AMAZON-02)
1	35.238.246.121 35.238.246.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.192.2.80 23.192.2.80	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.164.96.87 18.164.96.87	16509 (AMAZON-02) (AMAZON-02)
1	108.138.128.18 108.138.128.18	16509 (AMAZON-02) (AMAZON-02)
1	199.15.214.243 199.15.214.243	15224 (OMNITURE) (OMNITURE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9d	15169 (GOOGLE) (GOOGLE)
2	13.110.62.53 13.110.62.53	14340 (SALESFORCE) (SALESFORCE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
1	130.211.195.250 130.211.195.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
21 23	34.171.234.26 34.171.234.26	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:1fbc:eb5:e253:bacb	14618 (AMAZON-AES) (AMAZON-AES)
1 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	13.225.214.117 13.225.214.117	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:21d... 2600:9000:21da:fa00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:251... 2600:9000:2510:a000:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.91 18.164.96.91	16509 (AMAZON-02) (AMAZON-02)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	63.251.28.233 63.251.28.233	26558 (FREEWHEEL) (FREEWHEEL)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
4 4	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1 2	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
1 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
1	44.197.12.195 44.197.12.195	14618 (AMAZON-AES) (AMAZON-AES)
1	104.81.136.162 104.81.136.162	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.21.61.176 52.21.61.176	14618 (AMAZON-AES) (AMAZON-AES)
1 2	63.251.86.49 63.251.86.49	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1 2	192.35.249.137 192.35.249.137	11742 (SPOTX-IAD) (SPOTX-IAD)
1 2	68.67.179.89 68.67.179.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
85	37

27 216.101.115.41 (United States)

ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US)

www.gls-us.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.110.32.185 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ncg0-iad3.na124-ia2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-83.ewr53.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.238.246.121 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.246.238.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.2.80 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-2-80.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-18.jfk50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.15.214.243 (United States)

ASN15224 (OMNITURE, US)

841-zvm-252.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.62.53 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg1-c5-iad4.la1-c1-ia4.salesforceliveagent.com

d.la1-c1-ia4.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.195.250 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.195.211.130.bc.googleusercontent.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 34.171.234.26 (Council Bluffs, United States) 21 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:1fbc:eb5:e253:bacb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.117 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-117.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:fa00:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2510:a000:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-91.jfk50.r.cloudfront.net

sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.12.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-12-195.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.81.136.162 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-136-162.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.61.176 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-61-176.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.49 (Woodbridge, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.137 (Ashburn, United States) 1 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.89 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	gls-us.com www.gls-us.com — Cisco Umbrella Rank: 92887	415 KB
25	simpli.fi 21 redirects tag.simpli.fi — Cisco Umbrella Rank: 4016 i.simpli.fi — Cisco Umbrella Rank: 3359 um.simpli.fi — Cisco Umbrella Rank: 767	14 KB
12	force.com service.force.com — Cisco Umbrella Rank: 3256	42 KB
6	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	2 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	44 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	64 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2143 pbid.pro-market.net — Cisco Umbrella Rank: 7006	1 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 620 script.hotjar.com — Cisco Umbrella Rank: 815 vars.hotjar.com — Cisco Umbrella Rank: 855	72 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 417	511 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 660	912 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353	892 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 349	831 B
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 874	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 885	835 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	492 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1446	2 KB
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 1246 sync1.intentiq.com — Cisco Umbrella Rank: 3356	1 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 457 d.agkn.com — Cisco Umbrella Rank: 661	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 412	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 329	729 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	562 B
2	salesforceliveagent.com d.la1-c1-ia4.salesforceliveagent.com — Cisco Umbrella Rank: 13010	5 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3037	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	157 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 308	772 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 167	537 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 718	633 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 496	454 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1582	421 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 629	652 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 872	439 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6016	183 B
1	mktoresp.com 841-zvm-252.mktoresp.com — Cisco Umbrella Rank: 368033	121 B
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 7782	398 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 777	49 KB
85	36

	Domain	Requested by
27	www.gls-us.com	www.gls-us.com
23	um.simpli.fi	21 redirects
12	service.force.com	www.gls-us.com service.force.com
5	cdn.jsdelivr.net	www.gls-us.com
4	cm.g.doubleclick.net	4 redirects
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	px.ads.linkedin.com	1 redirects
2	idsync.rlcdn.com	2 redirects
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	eb2.3lift.com	1 redirects
2	www.google.com	www.gls-us.com
2	d.la1-c1-ia4.salesforceliveagent.com	service.force.com
2	munchkin.marketo.net	www.gls-us.com munchkin.marketo.net
2	www.googletagmanager.com	www.gls-us.com www.googletagmanager.com
1	pixel.rubiconproject.com
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	pippio.com	1 redirects
1	stags.bluekai.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	ads.stickyadstv.com
1	image2.pubmatic.com
1	sync1.intentiq.com
1	sync.intentiq.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	i.simpli.fi	tag.simpli.fi
1	stats.g.doubleclick.net	www.google-analytics.com
1	841-zvm-252.mktoresp.com	munchkin.marketo.net
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	tag.simpli.fi	www.googletagmanager.com
1	cdn.callrail.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	unpkg.com	www.gls-us.com
85	45

This site contains links to these domains. Also see Links.

Domain
myfreight.gls-us.com
optout.aboutads.info

Subject Issuer	Validity	Valid
*.gls-us.com AlphaSSL CA - SHA256 - G2	`2022-06-08` - `2023-07-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.na124.force.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-25` - `2023-04-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
swappy.callrail.com Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
la1-c1-ia4.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-09-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.gls-us.com/support/expresspay
Frame ID: A9340BF1785A87D0F4BD247C02529694
Requests: 79 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.gls-us.com/support/expresspay
Frame ID: 39252C5DDBE390C8D535A93A5EA4D183
Requests: 6 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 683897CA2766565934C7BFD7607055F8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Make an Easy Online Payment - Express Pay - GLS

Detected technologies

Salesforce Service Cloud (Live chat) Expand

Overall confidence: 100%
Detected patterns

service\.force\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

85
Requests

75 %
HTTPS

27 %
IPv6

36
Domains

45
Subdomains

37
IPs

1
Countries

874 kB
Transfer

2478 kB
Size

58
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://myfreight.gls-us.com/XR0000.PGM
Title: LTL

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/?c=2&lang=EN
Title: Do Not Sell My Personal Info

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=7526D80201DB4C199F786406F03D03A9&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7526D80201DB4C199F786406F03D03A9&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 65

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=7526D80201DB4C199F786406F03D03A9

Request Chain 66

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7526D80201DB4C199F786406F03D03A9 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7526D80201DB4C199F786406F03D03A9

Request Chain 67

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7526D80201DB4C199F786406F03D03A9 HTTP 302
https://d.agkn.com/pixel/10751/?che=1675809847649&ip=104.237.193.28&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213350604420013707440 HTTP 302
https://um.simpli.fi/aa_px?sk=213350604420013707440 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 68

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7526D80201DB4C199F786406F03D03A9 HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7526D80201DB4C199F786406F03D03A9&ckls=true&ci=RZoMByA8UK&nc=false&trid=660030857

Request Chain 69

https://um.simpli.fi/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7526D80201DB4C199F786406F03D03A9

Request Chain 70

https://um.simpli.fi/freewheel HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7526D80201DB4C199F786406F03D03A9

Request Chain 71

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=7526D80201DB4C199F786406F03D03A9;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=7526D80201DB4C199F786406F03D03A9;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NDcxNzk5NTI3MTYxMjM1NDIzMQ== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEGeaBi3V0EdEKoN0uHMVhHQ&google_cver=1

Request Chain 72

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=7526D80201DB4C199F786406F03D03A9&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=7526D80201DB4C199F786406F03D03A9&j=0&xl8blockcheck=1

Request Chain 73

https://um.simpli.fi/yahoo HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7526D80201DB4C199F786406F03D03A9 HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7526D80201DB4C199F786406F03D03A9&verify=true

Request Chain 74

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=7526D80201DB4C199F786406F03D03A9

Request Chain 75

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=7526D80201DB4C199F786406F03D03A9

Request Chain 76

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7526D80201DB4C199F786406F03D03A9 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7526D80201DB4C199F786406F03D03A9

Request Chain 77

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=7526D80201DB4C199F786406F03D03A9 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=7526D80201DB4C199F786406F03D03A9&dnr=1

Request Chain 78

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=7526D80201DB4C199F786406F03D03A9 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNzUyNkQ4MDIwMURCNEMxOTlGNzg2NDA2RjAzRDAzQTkQABoNCLeoi58GEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=e3ac4fa80a1047e398f88df87204f831aa2a3b189a43f822dc2b4a60b237e35c791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e3ac4fa80a1047e398f88df87204f831aa2a3b189a43f822dc2b4a60b237e35c791426b5417dce21&rand=03168937 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e3ac4fa80a1047e398f88df87204f831aa2a3b189a43f822dc2b4a60b237e35c791426b5417dce21&rand=03168937&expected_cookie=e0ef91c5-fc2b-4d34-af77-92ff014c6227

Request Chain 79

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1675809847269&cv=7&fst=1675809847269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=285692686&cv=7&fst=1675809847269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=N9TiY9CMGq6PoPMP44Sj6Ac&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=285692686&cv=7&fst=1675809847269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=N9TiY9CMGq6PoPMP44Sj6Ac&cid=CAQSKQDUE5ymw6Ahy3TK4vgFuLuuPMZneKPtuS5YH5dUVRRuPTOE_NF5XoCd&random=728671189

Request Chain 80

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=7526D80201DB4C199F786406F03D03A9 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=7526D80201DB4C199F786406F03D03A9&__user_check__=1&sync_id=ee665c17-a738-11ed-8a78-160633e80503

Request Chain 81

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=7526D80201DB4C199F786406F03D03A9 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7526D80201DB4C199F786406F03D03A9

Request Chain 82

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7526D80201DB4C199F786406F03D03A9&expires=365

Request Chain 83

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7526D80201DB4C199F786406F03D03A9 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7526D80201DB4C199F786406F03D03A9

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEN6VUUb17EClwC7IJa2AHuo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7526D80201DB4C199F786406F03D03A9 HTTP 302
https://um.simpli.fi/g_match?id=

85 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request expresspay Show response
www.gls-us.com/support/ 32 KB
9 KB 593ms
88ms Document
text/html 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

db69f5d5af3992f04ae1b7fd9eec30d564ea29a2a6f84f2a9eabe1e39d30999c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Encoding: gzip
Content-Length: 8956
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Feb 2023 22:44:05 GMT
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK theme.css
www.gls-us.com/content/assets/ 171 KB
35 KB 83ms
80ms Stylesheet
text/css 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/content/assets/theme.css?v=112

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

d495ef09283d70625ffd51e08a5006d6d996325a016747b4948d2f8c42078acb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Last-Modified: Fri, 14 Oct 2022 08:07:23 GMT
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:05 GMT
ETag: "1d8dfa3fd52c48b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK conversionlogger.js Show response
www.gls-us.com/kentico.resource/abtest/kenticoabtestlogger/en-us/ 343 B
997 B 238ms
84ms Script
application/javascript 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/kentico.resource/abtest/kenticoabtestlogger/en-us/conversionlogger.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

2265b24c6c664adb0a0e0b6aa4c48253baa63fea987e99f539b9d2817934540a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Content-Length: 355
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logger.js Show response
www.gls-us.com/kentico.resource/activities/kenticoactivitylogger/ 698 B
1 KB 82ms
81ms Script
application/javascript 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/kentico.resource/activities/kenticoactivitylogger/logger.js?pageIdentifier=166

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

aae6ffcf2e0f998f22bca9ab8f418b9e390c5f82db00c014c0924f2559dada2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Content-Length: 516
X-XSS-Protection: 1; mode=block

GET
H2 200 vue.global.prod.js Show response
unpkg.com/vue@3.2.37/dist/ 126 KB
49 KB 96ms
40ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue@3.2.37/dist/vue.global.prod.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a9d2d709b6390ec07fb774f94bc9d0119297a15479e7a8d60a82e8ce017de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:05 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 21291922
last-modified: Mon, 06 Jun 2022 12:07:24 GMT
fly-request-id: 01G4WF7Z7ADTG5WBTEAS9AK8G8-chi
server: cloudflare
etag: W/"1f6be-wWXxwTplxyUvnIpIJJ8e9+FVhXY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 795fa5efd892294c-ORD

GET
H2 200 index.iife.min.js Show response
cdn.jsdelivr.net/npm/vue-demi@0.13.1/lib/ 1 KB
826 B 97ms
34ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue-demi@0.13.1/lib/index.iife.min.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fdc0a5877ac4e7ed8be2cb4f6a17115734edd3a79e0820deac538f6c07b84ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Feb 2023 22:44:05 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 8531088
x-jsd-version: 0.13.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 699
x-served-by: cache-fra-eddf8230052-FRA, cache-chi-klot8100139-CHI
x-jsd-version-type: version
etag: W/"5f6-25nyGAhiRtbEsqwJhvDE2CZtuho"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 index.iife.min.js Show response
cdn.jsdelivr.net/npm/@vuelidate/core@2.0.0-alpha.41/dist/ 9 KB
3 KB 112ms
50ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@vuelidate/core@2.0.0-alpha.41/dist/index.iife.min.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c2acee832ee1095b57fb94dede0f60a27894a0566727f99cf175e91f82317664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Feb 2023 22:44:05 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 3000474
x-jsd-version: 2.0.0-alpha.41
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3347
x-served-by: cache-fra-eddf8230061-FRA, cache-chi-klot8100139-CHI
x-jsd-version-type: version
etag: W/"24cd-ahTeLS5nPqBT7789V3Ox6GzzPd4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 index.iife.min.js Show response
cdn.jsdelivr.net/npm/@vuelidate/validators@2.0.0-alpha.29/dist/ 10 KB
3 KB 111ms
49ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@vuelidate/validators@2.0.0-alpha.29/dist/index.iife.min.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

818dd3ad17a1f15f770b07fb834f04a61a92352115b8635fbe3f665d1d9a00b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Feb 2023 22:44:05 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1768837
x-jsd-version: 2.0.0-alpha.29
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3230
x-served-by: cache-fra-eddf8230094-FRA, cache-chi-klot8100139-CHI
x-jsd-version-type: version
etag: W/"27cd-GKt/T8tOci2bjo27oHUXxHN151c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vue-datepicker.iife.min.js Show response
cdn.jsdelivr.net/npm/@vuepic/vue-datepicker@3.2.1/dist/ 136 KB
34 KB 87ms
25ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@vuepic/vue-datepicker@3.2.1/dist/vue-datepicker.iife.min.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0171cbca873ab73c1ed13e5edf7653c66f5a865d77223ef6f17d8def49a63c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Feb 2023 22:44:05 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 5928211
x-jsd-version: 3.2.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34304
x-served-by: cache-fra-eddf8230086-FRA, cache-chi-klot8100139-CHI
x-jsd-version-type: version
etag: W/"21efe-uT7YT99wLQpJhI1ms9uvIy6t4EA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.css
cdn.jsdelivr.net/npm/@vuepic/vue-datepicker@3.2.2/dist/ 14 KB
3 KB 112ms
51ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@vuepic/vue-datepicker@3.2.2/dist/main.css

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b10cdab1c4cf58130b46359f4338d5941778e480d3af00cbb2137f4fdc8e880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Feb 2023 22:44:05 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 3000475
x-jsd-version: 3.2.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2902
x-served-by: cache-fra-eddf8230081-FRA, cache-chi-klot8100139-CHI
x-jsd-version-type: version
etag: W/"39a4-fo79EW8xxMn2785svaMhqshFCko"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK HtmlToPrint.js Show response
www.gls-us.com/Content/assets/components/ 3 KB
2 KB 235ms
85ms Script
application/javascript 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/Content/assets/components/HtmlToPrint.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

a58c023bd744ae4d4f45f76f8ba6a814fde216cb56387558d375153efd81ced7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Last-Modified: Mon, 11 Jul 2022 09:35:53 GMT
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:05 GMT
ETag: "1d895099d13e8f1"
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 1214
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK AccordionForm.js Show response
www.gls-us.com/Content/assets/components/ 275 B
1015 B 234ms
83ms Script
application/javascript 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/Content/assets/components/AccordionForm.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

ff2f0b16e606f77c3d61831e7f0d7664f71e2b903cb4f63ed486469324ab0bd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Last-Modified: Mon, 11 Jul 2022 09:35:53 GMT
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:05 GMT
ETag: "1d895099d13e393"
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 280
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK systemPageComponents.min.css
www.gls-us.com/_content/Kentico.Content.Web.Rcl/Content/Bundles/Public/ 7 KB
3 KB 232ms
87ms Stylesheet
text/css 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/_content/Kentico.Content.Web.Rcl/Content/Bundles/Public/systemPageComponents.min.css

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

8862a8cbd94cdd50815caba50c0c55ed05fd3db33fda1d81ad888d7b2d69744c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Last-Modified: Fri, 06 May 2022 14:10:26 GMT
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:05 GMT
ETag: "1d86153087ca87f"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 2263
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 173ms
38ms Script
application/x-javascript 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:26:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding: gzip
Age: 1063
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8452
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:26:22 GMT

GET
H/1.1 200
OK logo-primary.svg
www.gls-us.com/content/assets/images/ 1 KB
2 KB 445ms
110ms Image
image/svg+xml 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gls-us.com/content/assets/images/logo-primary.svg

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

5a746e2710ff0087708ef0c03d817458c72b4aa667b1080593053fba97604ded

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:11 GMT
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d87a8dd03bfa92"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 1298
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.svg
www.gls-us.com/content/assets/images/ 2 KB
2 KB 334ms
78ms Image
image/svg+xml 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gls-us.com/content/assets/images/logo.svg

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

9dba94c32746b5f4d413fa67ba4e33e68c13fc706152e2173508d3c5ce5a2459

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:11 GMT
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d87a8dd03bf8ae"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 1838
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon-user-login.svg
www.gls-us.com/content/assets/images/ 954 B
2 KB 397ms
112ms Image
image/svg+xml 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gls-us.com/content/assets/images/icon-user-login.svg

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

eedef2483e96671f0f4579e056f0773a037de727e88f8cdca94a48de810e2cf6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:11 GMT
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d87a8dd03bfc3a"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 954
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-3.5.1.js Show response
www.gls-us.com/_content/Kentico.Content.Web.Rcl/Scripts/ 87 KB
40 KB 151ms
151ms Script
application/javascript 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/_content/Kentico.Content.Web.Rcl/Scripts/jquery-3.5.1.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Last-Modified: Wed, 29 Jun 2022 08:31:57 GMT
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:05 GMT
ETag: "1d88b92b1aee104"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.unobtrusive-ajax.js Show response
www.gls-us.com/_content/Kentico.Content.Web.Rcl/Scripts/ 3 KB
2 KB 79ms
78ms Script
application/javascript 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/_content/Kentico.Content.Web.Rcl/Scripts/jquery.unobtrusive-ajax.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

862332b1f10ae54eab88552241f32ea9419b26be160fc3c1d7b9f50381d40c1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Last-Modified: Wed, 29 Jun 2022 15:48:52 GMT
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:05 GMT
ETag: "1d88bcfbb0b40df"
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 1444
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK systemFormComponents.min.js Show response
www.gls-us.com/_content/Kentico.Content.Web.Rcl/Content/Bundles/Public/ 58 KB
25 KB 155ms
155ms Script
application/javascript 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/_content/Kentico.Content.Web.Rcl/Content/Bundles/Public/systemFormComponents.min.js

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

78f94aee3ab9895d5707a499d1ad149d80f627ce7193975c228f95f1f23c1cd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Last-Modified: Fri, 06 May 2022 14:10:26 GMT
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:05 GMT
ETag: "1d86153087c53cd"
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 24665
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK theme.js Show response
www.gls-us.com/content/assets/ 300 KB
103 KB 165ms
163ms Script
application/javascript 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/content/assets/theme.js?v=112

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

1062b0095ac7774b41526d66e8bb14b9739bd6582db15b9f8b964e6d453d7283

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Last-Modified: Fri, 14 Oct 2022 08:07:27 GMT
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:05 GMT
ETag: "1d8dfa3ffb67808"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 238 KB
81 KB 162ms
72ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PJF5DMF

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a982e2f87a6363e57624a99c35e7f54866bc46343b4e5f15d81c99a2bf7da39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82476
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 22:44:06 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 5 KB
2 KB 38ms
37ms Script
application/x-javascript 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:34:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding: gzip
Age: 566
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 1918
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:34:39 GMT

GET
H/1.1 200
OK icon-close.svg
www.gls-us.com/content/assets/images/ 251 B
930 B 220ms
75ms Image
image/svg+xml 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gls-us.com/content/assets/images/icon-close.svg

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/content/assets/theme.css?v=112

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

9624e2224866bafdb30dfbdc96f12f9e588654ca440fcd073b4a5dcbd69978e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/content/assets/theme.css?v=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:11 GMT
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d87a8dd03bff7b"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 251
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Newson-Regular.woff2
www.gls-us.com/content/assets/fonts/ 34 KB
35 KB 229ms
156ms Font
font/woff2 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/content/assets/fonts/Newson-Regular.woff2

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/content/assets/theme.css?v=112

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

d69bf0e0bfc2dcae1954dcdd6517531a67dd5fcf4149c12ae1e9c29a87183ce5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gls-us.com/content/assets/theme.css?v=112
Origin: https://www.gls-us.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:10 GMT
Date: Tue, 07 Feb 2023 22:44:05 GMT
ETag: "1d87a8dcfa3eed4"
Content-Type: font/woff2
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 34772
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Newson-Bold.woff2
www.gls-us.com/content/assets/fonts/ 35 KB
36 KB 155ms
79ms Font
font/woff2 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/content/assets/fonts/Newson-Bold.woff2

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/content/assets/theme.css?v=112

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

4f248531a79da11f93cba41f57921e2cdbf6df7fecd6e8614a6f548a7e603689

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gls-us.com/content/assets/theme.css?v=112
Origin: https://www.gls-us.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:10 GMT
Date: Tue, 07 Feb 2023 22:44:05 GMT
ETag: "1d87a8dcfa3e544"
Content-Type: font/woff2
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 35908
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK log Show response
www.gls-us.com/kentico.abtest/pagevisitconversionlogger/ 0
767 B 220ms
76ms XHR
text/plain 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/kentico.abtest/pagevisitconversionlogger/log

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/kentico.resource/abtest/kenticoabtestlogger/en-us/conversionlogger.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gls-us.com/support/expresspay
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:06 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/plain
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK entrySharedApp.js Show response
www.gls-us.com/Content/assets/apps/ 5 KB
3 KB 275ms
77ms Script
application/javascript 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/Content/assets/apps/entrySharedApp.js?v=112

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

00247314d77331acf016b56543d739045e6510e8e10dda88e5802745e65b984d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gls-us.com/support/expresspay
Origin: https://www.gls-us.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Last-Modified: Fri, 14 Oct 2022 08:05:21 GMT
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d8dfa3b498a281"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK entryContentApp.js Show response
www.gls-us.com/Content/assets/apps/ 350 KB
69 KB 295ms
81ms Script
application/javascript 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/Content/assets/apps/entryContentApp.js?v=112

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

36a686b314face6bedc81c871e4f76b6b31ae4f7cc8d93afb772b623088b373f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gls-us.com/support/expresspay
Origin: https://www.gls-us.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Last-Modified: Fri, 13 Jan 2023 18:32:21 GMT
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d9277d5f711ea9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon-home.svg
www.gls-us.com/content/assets/images/ 415 B
1 KB 276ms
77ms Image
image/svg+xml 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gls-us.com/content/assets/images/icon-home.svg

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/content/assets/theme.css?v=112

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

aa5f224e3d31d6f841b186333c96137098958f7e772ac435b2e61a242051d04f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/content/assets/theme.css?v=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:11 GMT
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d87a8dd03bfe1f"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 415
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon-angle-left.svg
www.gls-us.com/content/assets/images/ 267 B
946 B 274ms
75ms Image
image/svg+xml 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gls-us.com/content/assets/images/icon-angle-left.svg

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/content/assets/theme.css?v=112

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

837f9c741c8b19dacf1a5037dae074c2fd8d8c88db232bc7ad5a88f7e6afe02e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/content/assets/theme.css?v=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:10 GMT
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d87a8dcfa3680b"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 267
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Newson-Medium.woff2
www.gls-us.com/content/assets/fonts/ 35 KB
36 KB 273ms
152ms Font
font/woff2 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/content/assets/fonts/Newson-Medium.woff2

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/content/assets/theme.css?v=112

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

3c731075a8d23fe3eeb9661a4e24ee57b0f009f3ffa6331b6949f52ef30e93b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gls-us.com/content/assets/theme.css?v=112
Origin: https://www.gls-us.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Mon, 06 Jun 2022 19:18:49 GMT
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d879da3ff03fec"
Content-Type: font/woff2
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 36204
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 9 KB
4 KB 38ms
38ms Stylesheet
text/css 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:27:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding: gzip
Age: 989
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 4027
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:27:36 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 20 KB
6 KB 77ms
38ms Script
application/x-javascript 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:28:52 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:11:18 GMT
Content-Encoding: gzip
Age: 914
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 5913
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:28:52 GMT

GET
H/1.1 200
OK footer-arrow-left.svg
www.gls-us.com/content/assets/images/ 416 B
1 KB 371ms
113ms Image
image/svg+xml 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gls-us.com/content/assets/images/footer-arrow-left.svg

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/content/assets/theme.css?v=112

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

a521214ee3a62a40f3dc1dad4bc62f85f2c8dcb8d8afd359ac5d046dfeb1ea78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/content/assets/theme.css?v=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:10 GMT
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d87a8dcfa368a0"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 416
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK footer-arrow-right.svg
www.gls-us.com/content/assets/images/ 665 B
1 KB 79ms
79ms Image
image/svg+xml 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gls-us.com/content/assets/images/footer-arrow-right.svg

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/content/assets/theme.css?v=112

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

c78e602158395d7ffef52bba544354cdef27291c4c833ff022afc6d28a3a6e8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/content/assets/theme.css?v=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:10 GMT
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d87a8dcfa36b99"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 665
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK log Show response
www.gls-us.com/kentico.activities/kenticoactivitylogger/ 0
875 B 361ms
111ms XHR
text/plain 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gls-us.com/kentico.activities/kenticoactivitylogger/log

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/kentico.resource/activities/kenticoactivitylogger/logger.js?pageIdentifier=166

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gls-us.com/support/expresspay
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: same-origin
Date: Tue, 07 Feb 2023 22:44:06 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/plain
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
X-XSS-Protection: 1; mode=block

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 111 KB
44 KB 214ms
65ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-566TD96

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJF5DMF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

169810c87bb118af2b493d0a3fc799d03b98094d18d79b2a232dff4f2d911ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44329
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 22:44:06 GMT

GET
H2 200 hotjar-1598552.js Show response
static.hotjar.com/c/ 8 KB
4 KB 234ms
53ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1598552.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJF5DMF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

524205f905ae00fcf7627d819ddb22bf2af9e5e1b6e5f840ad341d97406915ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 22:44:06 GMT
via: 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 59
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/e47bfe0a6f7ba6cb3ef8e6d374f7641d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: p6WPSzYkLgB93a8-XSBGt5DDdkkRiefxpXogJr0rUXiTgCJunS8rFw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 184ms
41ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJF5DMF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 21:32:20 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4306
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 07 Feb 2023 23:32:20 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/417420702/888e4930382eba2fa518/12/ 32 B
398 B 201ms
61ms Script
text/javascript 52.85.61.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/417420702/888e4930382eba2fa518/12/swap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJF5DMF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-83.ewr53.r.cloudfront.net
Software: /
Resource Hash: d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-runtime: 0.009512
date: Tue, 07 Feb 2023 22:44:06 GMT
via: 1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: VESwKMEAUHmcox__RDJaNYg89RWVo-XXjcp_dlJqIpJ-mg-zVcZEhg==
x-request-id: d5c01f55-4354-46ba-a930-09dc6a4569c6

GET
H2 200 e449e150-9ed6-0139-b38c-06a60fe5fe77 Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 171ms
32ms Script
application/javascript 35.238.246.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/e449e150-9ed6-0139-b38c-06a60fe5fe77

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJF5DMF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.238.246.121 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

121.246.238.35.bc.googleusercontent.com

Software

Resource Hash

010d92d10dfe7b321a5b165da4d0fc141e2dd2947081ac6bbe80c05d26490276

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 07 Feb 2023 22:44:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: F0GsLS2MNwzBvZ4u4n0B
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 212ms
53ms Script
application/x-javascript 23.192.2.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.2.80 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-2-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:44:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 62ms
59ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CVE931NL0S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJF5DMF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9740ac62275ca106c31a2ea7ee3725dd1bae4003691009e6c43f352a1ef190e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78236
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Feb 2023 22:44:06 GMT

GET
H/1.1 200
OK esw.html Show response
service.force.com/embeddedservice/5.0/ Frame 3925 194 B
1 KB 51ms
41ms Document
text/html 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.gls-us.com/support/expresspay

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html;charset=UTF-8
Date: Tue, 07 Feb 2023 22:44:06 GMT
Expires: Wed, 08 Feb 2023 22:44:06 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon-chevron-down.svg
www.gls-us.com/content/assets/images/ 260 B
939 B 77ms
76ms Image
image/svg+xml 216.101.115.41
GOLDEN-STATE-OVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gls-us.com/content/assets/images/icon-chevron-down.svg

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/content/assets/theme.css?v=112

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

216.101.115.41 , United States, ASN30443 (GOLDEN-STATE-OVERNIGHT-DELIVERY-SERVICE-INC, US),

Reverse DNS

Software

Resource Hash

6d90afbec85e4230eee4ab7e93dc87821122dc0b806a7eae027f9bb6510361aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gls-us.com/content/assets/theme.css?v=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 07 Jun 2022 16:44:11 GMT
Date: Tue, 07 Feb 2023 22:44:06 GMT
ETag: "1d87a8dd03bfe84"
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
Accept-Ranges: bytes
Content-Length: 260
X-XSS-Protection: 1; mode=block

POST
H2 204 collect
www.google-analytics.com/g/ 0
144 B 53ms
52ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CVE931NL0S&gtm=45je3260&_p=1586373770&cid=742531083.1675809847&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675809846&sct=1&seg=0&dl=https%3A%2F%2Fwww.gls-us.com%2Fsupport%2Fexpresspay&dt=Make%20an%20Easy%20Online%20Payment%20-%20Express%20Pay%20-%20GLS&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CVE931NL0S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gls-us.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK eswFrame.min.js Show response
service.force.com/embeddedservice/5.0/ Frame 3925 5 KB
2 KB 38ms
38ms Script
application/x-javascript 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.gls-us.com/support/expresspay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:28:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding: gzip
Age: 924
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 2002
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:28:42 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 59ms
59ms Script
application/x-javascript 23.192.2.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.2.80 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-2-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:44:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Thu, 18 May 2023 22:44:06 GMT

GET
H2 200 modules.2fa327feea603eb929af.js Show response
script.hotjar.com/ 260 KB
67 KB 171ms
53ms Script
application/javascript 18.164.96.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.2fa327feea603eb929af.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1598552.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-87.jfk50.r.cloudfront.net

Software

Resource Hash

5c23a5defeb7ac3d42dd317373b0dc42a7797555981b2dd80ee4a29013417bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 49500
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68048
last-modified: Tue, 07 Feb 2023 08:58:18 GMT
etag: "681cdc7ac90e7eb90a7a6b1feaa2a12d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: NRz7QA9CD_vnAZ0-KyGlGigXIy0CsZPwGV6KOlFfQq0PspqhovzeNw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 54ms
54ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1586373770&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gls-us.com%2Fsupport%2Fexpresspay&ul=en-us&de=UTF-8&dt=Make%20an%20Easy%20Online%20Payment%20-%20Express%20Pay%20-%20GLS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAAABQAAAAC~&jid=103522628&gjid=950055129&cid=742531083.1675809847&tid=UA-15829371-1&_gid=1385018161.1675809847&_r=1&_slc=1&gtm=45He3260n81PJF5DMF&z=841844995

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gls-us.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK session.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 3925 2 KB
1 KB 45ms
37ms Script
application/x-javascript 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:26:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:10:20 GMT
Content-Encoding: gzip
Age: 1063
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 882
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:26:23 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 3925 2 KB
1 KB 44ms
37ms Script
application/x-javascript 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:26:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Content-Encoding: gzip
Age: 1063
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 779
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:26:23 GMT

GET
H2 200 box-e031119f9e9e307a08fa610f85dbfb52.html Show response
vars.hotjar.com/ Frame 6838 2 KB
1 KB 153ms
41ms Document
text/html 108.138.128.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1598552.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.128.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-128-18.jfk50.r.cloudfront.net

Software

Resource Hash

f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 380040
cache-control: max-age=31536000
content-encoding: br
content-length: 1034
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:10:06 GMT
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
x-amz-cf-id: w8Fm93Fzt2_1VokBxwEkHWWthHgrVCuI41DeA4BeAAQr6L1iTdOAXQ==
x-amz-cf-pop: JFK50-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H/1.0 200
OK visitWebPage
841-zvm-252.mktoresp.com/webevents/ 43 B
121 B 366ms
80ms Ping
image/gif 199.15.214.243
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://841-zvm-252.mktoresp.com/webevents/visitWebPage?_mchNc=1675809846798&_mchCn=&_mchId=841-ZVM-252&_mchTk=_mch-gls-us.com-1675809846797-16462&_mchHo=www.gls-us.com&_mchPo=&_mchRu=%2Fsupport%2Fexpresspay&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.15.214.243 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: BigIP /
Resource Hash: cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 43
Server: BigIP

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
347 B 150ms
47ms XHR
text/plain 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-15829371-1&cid=742531083.1675809847&jid=103522628&gjid=950055129&_gid=1385018161.1675809847&_u=aADAAAAAQAAAAC~&z=1953569429

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Feb 2023 22:44:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gls-us.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK chasitor.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 3925 23 KB
6 KB 45ms
44ms Script
application/x-javascript 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

a7e8abd4dcc9719d23079401b24327ee4107da3cd84e9178a8ba24debdf8adf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:28:53 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 12 Dec 2022 23:24:50 GMT
Content-Encoding: gzip
Age: 913
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 5212
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:28:53 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la1-c1-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/ 21 KB
4 KB 209ms
44ms Script
text/javascript 13.110.62.53
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c1-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D500000007Qte&EmbeddedServiceConfig.configName=CS_Chat_Cases&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.62.53 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg1-c5-iad4.la1-c1-ia4.salesforceliveagent.com

Software

Resource Hash

8ef01600e610b9b5f946a4dc2cdac2a85f39baf8ca8376a872c449a525c71d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 19 KB
5 KB 47ms
46ms Script
application/x-javascript 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:27:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding: gzip
Age: 988
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 4540
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:27:38 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer: https://service.force.com/
Origin: https://www.gls-us.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H/1.1 200
OK Settings.jsonp Show response
d.la1-c1-ia4.salesforceliveagent.com/chat/rest/Visitor/ 346 B
676 B 155ms
39ms Script
text/javascript 13.110.62.53
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c1-ia4.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5733t000000blJJ]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5723t000000XZAH&org_id=00D500000007Qte&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.62.53 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg1-c5-iad4.la1-c1-ia4.salesforceliveagent.com

Software

Resource Hash

d1f730346756d3c3daee271893f6a3030ab49c33f4fe6d18d1ffe790fed27295

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 8 KB
3 KB 40ms
39ms Script
application/x-javascript 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:28:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding: gzip
Age: 924
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 2469
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:28:42 GMT

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 3925 473 B
743 B 37ms
37ms Script
application/x-javascript 13.110.32.185
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.185 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.na124-ia2.force.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.gls-us.com/support/expresspay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:31:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding: gzip
Age: 742
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 231
X-XSS-Protection: 1; mode=block
Expires: Wed, 08 Feb 2023 22:31:44 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 145ms
57ms Image
image/gif 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-15829371-1&cid=742531083.1675809847&jid=103522628&_u=aADAAAAAQAAAAC~&z=638648533

Requested by

Host: www.gls-us.com
URL: https://www.gls-us.com/support/expresspay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 750 B
1 KB 126ms
35ms Script
application/javascript 130.211.195.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=319885&cb=sifi_att_42656._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/e449e150-9ed6-0139-b38c-06a60fe5fe77

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

130.211.195.250 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

250.195.211.130.bc.googleusercontent.com

Software

Resource Hash

e0540336fe7fee67275d314a3ed34d3a76c4347be12701a04c5a87ca7d7c27dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=7526D80201DB4C199F786406F03D03A9&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7526D80201DB4C199F786406F03D03A9&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

48ms
48ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7526D80201DB4C199F786406F03D03A9&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 07 Feb 2023 22:44:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=7526D80201DB4C199F786406F03D03A9&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date: Tue, 07 Feb 2023 22:44:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=7526D80201DB4C199F786406F03D03A9

43 B
183 B

236ms
43ms

Image
image/gif

2600:1f18:612b:4280:1fbc:eb5:e253:bacb
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=7526D80201DB4C199F786406F03D03A9
Protocol: H2
Server: 2600:1f18:612b:4280:1fbc:eb5:e253:bacb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 07 Feb 2023 22:44:07 GMT
server: Apache-Coyote/1.1
content-type: image/gif

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=7526D80201DB4C199F786406F03D03A9
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 06 Feb 2023 22:44:07 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7526D80201DB4C199F786406F03D03A9
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7526D80201DB4C199F786406F03D03A9

95 B
435 B

51ms
50ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7526D80201DB4C199F786406F03D03A9

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7526D80201DB4C199F786406F03D03A9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7526D80201DB4C199F786406F03D03A9
https://d.agkn.com/pixel/10751/?che=1675809847649&ip=104.237.193.28&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213350604420013707440
https://um.simpli.fi/aa_px?sk=213350604420013707440
https://um.simpli.fi/empty.gif

43 B
361 B

33ms
32ms

Image
image/gif

34.171.234.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.171.234.26 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

26.234.171.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7526D80201DB4C199F786406F03D03A9
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7526D80201DB4C199F786406F03D03A9&ckls=true&ci=RZoMByA8UK&nc=false&trid=660030857

43 B
637 B

203ms
69ms

Image
image/gif

18.164.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7526D80201DB4C199F786406F03D03A9&ckls=true&ci=RZoMByA8UK&nc=false&trid=660030857
Protocol: H2
Server: 18.164.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-91.jfk50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
via: 1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
x-amz-cf-id: XfEPtZQ2KHAGSfJM4IN3dN1N_0g1oYpZKbcFOd6plNcX0EA1qy_MMA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
via: 1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7526D80201DB4C199F786406F03D03A9&ckls=true&ci=RZoMByA8UK&nc=false&trid=660030857
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
content-length: 43
x-amz-cf-id: DpGLCbJwu6sDwlBsaBC9Zu0xshAYnu8RhoFfXMLm4LbGI1ngGDKPFQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://um.simpli.fi/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7526D80201DB4C199F786406F03D03A9

42 B
439 B

241ms
41ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7526D80201DB4C199F786406F03D03A9
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 22:44:07 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7526D80201DB4C199F786406F03D03A9
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 06 Feb 2023 22:44:07 GMT

GET
H/1.1

200

user-registering
ads.stickyadstv.com/
Redirect Chain

https://um.simpli.fi/freewheel
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7526D80201DB4C199F786406F03D03A9

43 B
652 B

412ms
46ms

Image
image/gif

63.251.28.233
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7526D80201DB4C199F786406F03D03A9
Protocol: HTTP/1.1
Server: 63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 22:44:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1675809848062011-134

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7526D80201DB4C199F786406F03D03A9
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 06 Feb 2023 22:44:07 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=7526D80201DB4C199F786406F03D03A9;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=7526D80201DB4C199F786406F03D03A9;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NDcxNzk5NTI3MTYxMjM1NDIzMQ==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEGeaBi3V0EdEKoN0uHMVhHQ&google_cver=1

43 B
397 B

50ms
38ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEGeaBi3V0EdEKoN0uHMVhHQ&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEGeaBi3V0EdEKoN0uHMVhHQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=7526D80201DB4C199F786406F03D03A9&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=7526D80201DB4C199F786406F03D03A9&j=0&xl8blockcheck=1

0
767 B

55ms
52ms

Image
text/plain

34.229.3.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=7526D80201DB4C199F786406F03D03A9&j=0&xl8blockcheck=1
Protocol: H2
Server: 34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-3-43.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=7526D80201DB4C199F786406F03D03A9&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain

https://um.simpli.fi/yahoo
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7526D80201DB4C199F786406F03D03A9
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7526D80201DB4C199F786406F03D03A9&verify=true

0
121 B

48ms
47ms

Image
text/plain

3.218.90.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55964/sync?uid=7526D80201DB4C199F786406F03D03A9&verify=true

Protocol

Server

3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-90-66.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55964/sync?uid=7526D80201DB4C199F786406F03D03A9&verify=true
date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=7526D80201DB4C199F786406F03D03A9

0
421 B

203ms
45ms

Image
text/plain

44.197.12.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=7526D80201DB4C199F786406F03D03A9
Protocol: HTTP/1.1
Server: 44.197.12.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-12-195.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 07 Feb 2023 22:44:07 GMT

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=7526D80201DB4C199F786406F03D03A9
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 06 Feb 2023 22:44:07 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=7526D80201DB4C199F786406F03D03A9

62 B
454 B

269ms
117ms

Image
image/gif

104.81.136.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=7526D80201DB4C199F786406F03D03A9
Protocol: H2
Server: 104.81.136.162 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-81-136-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 07 Feb 2023 22:44:07 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=7526D80201DB4C199F786406F03D03A9
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 06 Feb 2023 22:44:07 GMT

GET
H2

200

tpid=7526D80201DB4C199F786406F03D03A9
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7526D80201DB4C199F786406F03D03A9
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7526D80201DB4C199F786406F03D03A9

49 B
545 B

67ms
65ms

Image
image/gif

52.21.61.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7526D80201DB4C199F786406F03D03A9
Protocol: H2
Server: 52.21.61.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-61-176.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.43.104
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7526D80201DB4C199F786406F03D03A9
cache-control: no-cache
x-server: 10.40.45.100
content-length: 0
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=7526D80201DB4C199F786406F03D03A9
https://ce.lijit.com/merge?pid=2&3pid=7526D80201DB4C199F786406F03D03A9&dnr=1

43 B
679 B

47ms
44ms

Image
image/gif

63.251.86.49
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=7526D80201DB4C199F786406F03D03A9&dnr=1
Protocol: HTTP/1.1
Server: 63.251.86.49 Woodbridge, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 22:44:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 22:44:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=7526D80201DB4C199F786406F03D03A9&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=7526D80201DB4C199F786406F03D03A9
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNzUyNkQ4MDIwMURCNEMxOTlGNzg2NDA2RjAzRDAzQTkQABoNCLeoi58GEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=e3ac4fa80a1047e398f88df87204f831aa2a3b189a43f822dc2b4a60b237e35c791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e3ac4fa80a1047e398f88df87204f831aa2a3b189a43f822dc2b4a60b237e35c791426b5417dce21&rand=03168937
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e3ac4fa80a1047e398f88df87204f831aa2a3b189a43f822dc2b4a60b237e35c791426b5417dce21&rand=03168937&expected_cookie=e0ef91c5-fc2b-4d34-af77-92ff014c6227

0
143 B

60ms
59ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e3ac4fa80a1047e398f88df87204f831aa2a3b189a43f822dc2b4a60b237e35c791426b5417dce21&rand=03168937&expected_cookie=e0ef91c5-fc2b-4d34-af77-92ff014c6227
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:07 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DE4F9B19988A4046A651227DFD6CD429 Ref B: CHGEDGE1905 Ref C: 2023-02-07T22:44:08Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0I+K1S64QgXZHz2PElQ==

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2242F7EEDA044CEEAC1C5B9B880CE654 Ref B: CHGEDGE1905 Ref C: 2023-02-07T22:44:08Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /db_sync?pid=10339&puuid=e3ac4fa80a1047e398f88df87204f831aa2a3b189a43f822dc2b4a60b237e35c791426b5417dce21&rand=03168937&expected_cookie=e0ef91c5-fc2b-4d34-af77-92ff014c6227
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0I+K0Kdt5Op/hslcRiA==

GET
H2

200

/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1675809847269&cv=7&fst=1675809847269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=285692686&cv=7&fst=1675809847269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=285692686&cv=7&fst=1675809847269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
154 B

66ms
65ms

Image
image/gif

2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1026675585/?random=285692686&cv=7&fst=1675809847269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=N9TiY9CMGq6PoPMP44Sj6Ac&cid=CAQSKQDUE5ymw6Ahy3TK4vgFuLuuPMZneKPtuS5YH5dUVRRuPTOE_NF5XoCd&random=728671189

Protocol

Server

2607:f8b0:4006:80c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=285692686&cv=7&fst=1675809847269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=N9TiY9CMGq6PoPMP44Sj6Ac&cid=CAQSKQDUE5ymw6Ahy3TK4vgFuLuuPMZneKPtuS5YH5dUVRRuPTOE_NF5XoCd&random=728671189
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=7526D80201DB4C199F786406F03D03A9
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=7526D80201DB4C199F786406F03D03A9&__user_check__=1&sync_id=ee665c17-a738-11ed-8a78-160633e80503

43 B
419 B

50ms
47ms

Image
image/gif

192.35.249.137
SPOTX-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=7526D80201DB4C199F786406F03D03A9&__user_check__=1&sync_id=ee665c17-a738-11ed-8a78-160633e80503
Protocol: H2
Server: 192.35.249.137 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:07 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 358
content-length: 43

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
location: /partner?adv_id=7797&uid=7526D80201DB4C199F786406F03D03A9&__user_check__=1&sync_id=ee665c17-a738-11ed-8a78-160633e80503
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 359
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=7526D80201DB4C199F786406F03D03A9
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7526D80201DB4C199F786406F03D03A9

43 B
1 KB

44ms
43ms

Image
image/gif

68.67.179.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7526D80201DB4C199F786406F03D03A9

Protocol

HTTP/1.1

Server

68.67.179.89 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 22:44:07 GMT
AN-X-Request-Uuid: 3155f737-ad2f-4815-97fa-f53113e057c7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 22:44:07 GMT
AN-X-Request-Uuid: 906c9953-8a1f-4437-af2c-854181f975ea
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7526D80201DB4C199F786406F03D03A9
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7526D80201DB4C199F786406F03D03A9&expires=365

42 B
772 B

231ms
46ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7526D80201DB4C199F786406F03D03A9&expires=365
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7526D80201DB4C199F786406F03D03A9&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 06 Feb 2023 22:44:07 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7526D80201DB4C199F786406F03D03A9
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7526D80201DB4C199F786406F03D03A9

43 B
180 B

41ms
35ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7526D80201DB4C199F786406F03D03A9
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7526D80201DB4C199F786406F03D03A9
date: Tue, 07 Feb 2023 22:44:07 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEN6VUUb17EClwC7IJa2AHuo&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7526D80201DB4C199F786406F03D03A9
https://um.simpli.fi/g_match?id=

0
320 B

32ms
31ms

Image
text/plain

34.171.234.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

34.171.234.26 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

26.234.171.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:44:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 06 Feb 2023 22:44:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:44:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gls-us.com/	1970-01-20 11:39:45	Name: _gcl_au Value: 1.1.498793523.1675809846
www.gls-us.com/	1970-01-20 09:30:11	Name: CMSLandingPageLoaded Value: true
.simpli.fi/	1970-01-20 18:17:12	Name: suid Value: 7526D80201DB4C199F786406F03D03A9
.force.com/	1970-01-20 18:15:45	Name: BrowserId_sec Value: 7aTv0ac4Ee2ny13pVt2DHQ
.gls-us.com/	1970-01-20 19:06:09	Name: _ga_CVE931NL0S Value: GS1.1.1675809846.1.0.1675809846.0.0.0
.gls-us.com/	1970-01-20 19:06:09	Name: _ga Value: GA1.2.742531083.1675809847
.gls-us.com/	1970-01-20 09:31:36	Name: _gid Value: GA1.2.1385018161.1675809847
.gls-us.com/	1970-01-20 09:30:09	Name: _gat_UA-15829371-1 Value: 1
.gls-us.com/	1970-01-20 19:06:09	Name: _mkto_trk Value: id:841-ZVM-252&token:_mch-gls-us.com-1675809846797-16462
.gls-us.com/	1970-01-20 18:15:45	Name: _hjSessionUser_1598552 Value: eyJpZCI6IjZjZjg3MmJiLTk4Y2EtNTYzMC1iZDBlLWRmZmUxOTllZmViYSIsImNyZWF0ZWQiOjE2NzU4MDk4NDY5ODYsImV4aXN0aW5nIjpmYWxzZX0=
.gls-us.com/	1970-01-20 09:30:11	Name: _hjFirstSeen Value: 1
www.gls-us.com/	1970-01-20 09:30:09	Name: _hjIncludedInSessionSample Value: 0
.gls-us.com/	1970-01-20 09:30:11	Name: _hjSession_1598552 Value: eyJpZCI6IjBmZGExYjM3LTcyZWQtNDNhZC1iNjE1LWY0NTQzOGUzYzgxNyIsImNyZWF0ZWQiOjE2NzU4MDk4NDcwMjAsImluU2FtcGxlIjpmYWxzZX0=
.gls-us.com/	1970-01-20 09:30:11	Name: _hjAbsoluteSessionInProgress Value: 0
.simpli.fi/	1970-01-20 09:40:14	Name: uid_syncd_secure Value: true
.tapad.com/	1970-01-20 10:56:33	Name: TapAd_TS Value: 1675809847632
.tapad.com/	1970-01-20 10:56:33	Name: TapAd_DID Value: 127d2a09-b290-4aab-aad5-0056b5cf1b7b
.3lift.com/	1970-01-20 11:39:45	Name: tluid Value: 2622267620549120675797
.pubmatic.com/	1970-01-20 10:13:21	Name: KRTBCOOKIE_148 Value: 19421-uid:7526D80201DB4C199F786406F03D03A9
.pubmatic.com/	1970-01-20 10:13:21	Name: PugT Value: 1675809847
.agkn.com/	1970-01-20 18:15:45	Name: ab Value: 0001%3AB%2F1U6YyQVO0nQeftpVCGTwEwpPL8trOn
.intentiq.com/	1970-01-20 19:06:09	Name: IQver Value: 1.9
.intentiq.com/	1970-01-20 19:06:09	Name: intentIQ Value: RZoMByA8UK
.tapad.com/	1970-01-20 10:56:33	Name: TapAd_3WAY_SYNCS Value:
.doubleclick.net/	1970-01-20 19:06:09	Name: IDE Value: AHWqTUnQzuDZv9Ko0gVCvypEDSnCF9lxmfEWDf1TGHtyh7SC3TMcZ13jve2zfkAM
.rlcdn.com/	1970-01-20 18:15:45	Name: rlas3 Value: SSTj13sni1pVPAok+YdZr5K4qd92LA8qRK6Npa8Xrgk=
.rlcdn.com/	1970-01-20 10:56:33	Name: pxrc Value: CLeoi58GEgUI6AcQABIFCOhHEAA=
.openx.net/	1970-01-20 18:15:45	Name: i Value: f09cbc02-6766-4b90-8a6d-b195428f1fed\|1675809847
.pro-market.net/	1970-01-20 10:13:21	Name: anHistory Value: "zuf9qq8py6k7+2+!#7%.!J#))o"
.lijit.com/	1970-01-20 18:15:45	Name: ljt_reader Value: GHn0hQZH8y4v4LsxTGyLJg9y
.spotxchange.com/	1970-01-20 10:10:29	Name: audience Value: ee665bac-a738-11ed-8a78-160633e80503
.yahoo.com/	1970-01-20 18:16:07	Name: A3 Value: d=AQABBDfU4mMCECRIcWEJMljU3egLgvAc37YFEgEBAQEl5GPsYwAAAAAA_eMAAA&S=AQAAAgFIhYYskXnab4FVPaaPImo
.exelator.com/	1970-01-20 12:22:57	Name: EE Value: "1b04ba071b48f04ef8639d19da3f6e58"
.lijit.com/	1970-01-20 18:15:45	Name: _ljtrtb_2 Value: 7526D80201DB4C199F786406F03D03A9
.agkn.com/	1970-01-20 18:15:45	Name: u Value: C\|0AAAAAAAAK3WQtwAAAAAA
.analytics.yahoo.com/	1970-01-20 18:15:45	Name: IDSYNC Value: 176k~29va
.bfmio.com/	1970-01-20 18:15:45	Name: __141_cid Value: 7526D80201DB4C199F786406F03D03A9
.bfmio.com/	1970-01-20 18:15:45	Name: __io_cid Value: 006bdbd755a80645a2689228253a4726cb576a59
.adnxs.com/	1970-01-20 11:39:45	Name: uuid2 Value: 4915659321437048791
.intentiq.com/	1970-01-20 19:06:09	Name: intentIQCDate Value: 1675809847872
.exelator.com/	1970-01-20 12:22:57	Name: ud Value: "eJxrXxzq6XKLQcEwycAkKdHA3DDJxCLNwCQ1zcLM2DLF0DIl0TjNLNXUYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAckl%252BUWb6otDgxUUpaQyLSopPBR8WZwMAobspmQ%253D%253D"
.adnxs.com/	1970-01-20 11:39:45	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2In@dV.dV!]tbPl1N!7OnM$=BXI8fRZ[Ccw]A@eUC)Si-lDjlvv>Vcx)Ak^y^^i<JFPQ]P>Z(j#iP(Md+>)fy*?XK3Ij
.rubiconproject.com/	1970-01-20 18:15:45	Name: khaos Value: LDUTWY99-4-IONB
.rubiconproject.com/	1970-01-20 18:15:45	Name: audit Value: 1\|aXQKNUWiQ+mWbSBJIE8Q4IdGcAFtm9AFq36sJebC9bLr1JKW4ws3nqlWBEU6kdmV2nrkzd1XxjeM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk+TYd76/JLocH/4V0KVDPuOZpM1oMQq0LltcrmmUmVcfbmOoyld2dg1SpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.pro-market.net/	1970-01-20 13:49:21	Name: anProfile Value: "zuf9qq8py6k7+1+1f=1+1g=1+1j=57:1+rs=s+rt=2602FFC8000100010000000000000006+s2=(rpqf5j)+vm=24-7526D80201DB4C199F786406F03D03A9:53-CAESEGeaBi3V0EdEKoN0uHMVhHQ"
.pippio.com/	1970-01-20 18:15:45	Name: did Value: GL_V1ZnYJ6A0TJ6c
.pippio.com/	1970-01-20 18:15:45	Name: didts Value: 1675809847
.pippio.com/	1970-01-20 10:56:33	Name: nnls Value:
.pippio.com/	1970-01-20 10:56:33	Name: pxrc Value: CLeoi58GEgYIgr0rEAA=
.bluekai.com/	1970-01-20 13:50:48	Name: bku Value: blx99e4DTZwReo/j
.bluekai.com/	1970-01-20 13:50:48	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEzN1MjWme901eaWxMHe1EA8HMzTBMxyBARy16xy16W89y9Avy+7
.crwdcntrl.net/	1970-01-20 15:58:55	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 15:58:55	Name: _cc_id Value: fd14b6da9da7f983913401894bea63dd
.ads.stickyadstv.com/	1970-01-20 10:13:21	Name: UID Value: 3a14baf869e0c940e724941f2d278
.ads.stickyadstv.com/	1970-01-20 09:31:36	Name: uid-bp-26865 Value: 7526D80201DB4C199F786406F03D03A9
.linkedin.com/	1970-01-20 11:39:45	Name: li_sugr Value: e0ef91c5-fc2b-4d34-af77-92ff014c6227
.linkedin.com/	1970-01-20 18:15:45	Name: bcookie Value: "v=2&eb9048ab-c56d-4aa9-8f68-fd7932817b91"
.linkedin.com/	1970-01-20 09:31:36	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2991:u=1:x=1:i=1675809848:t=1675896248:v=2:sig=AQFYw78vXBVOfCtz7YIzX0wT_wkDi1fy"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src ; font-src data:; frame-src ; img-src data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

841-zvm-252.mktoresp.com
aa.agkn.com
ads.stickyadstv.com
bcp.crwdcntrl.net
cdn.callrail.com
cdn.jsdelivr.net
ce.lijit.com
cm.g.doubleclick.net
d.agkn.com
d.la1-c1-ia4.salesforceliveagent.com
eb2.3lift.com
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
loadm.exelator.com
munchkin.marketo.net
pbid.pro-market.net
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
script.hotjar.com
service.force.com
simplifi.partners.tremorhub.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
sync1.intentiq.com
tag.simpli.fi
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
www.gls-us.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.81.136.162
107.178.246.49
107.178.254.65
108.138.106.49
108.138.128.18
13.110.32.185
13.110.62.53
13.225.214.117
130.211.195.250
142.250.176.194
142.251.40.194
18.164.96.87
18.164.96.91
192.35.249.137
199.15.214.243
216.101.115.41
23.192.2.80
2600:1901:0:8eee::
2600:1f18:612b:4280:1fbc:eb5:e253:bacb
2600:9000:21da:fa00:19:fc2c:a140:93a1
2600:9000:2510:a000:1b:6b7d:2300:93a1
2606:4700::6810:7baf
2607:f8b0:4004:c17::9d
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2004
2607:f8b0:4006:81f::2008
2607:f8b0:4006:823::200e
2620:1ec:21::14
2a04:4e42:400::485
3.218.90.66
34.171.234.26
34.229.3.43
35.190.60.146
35.238.246.121
35.244.159.8
44.197.12.195
52.21.61.176
52.223.22.214
52.85.61.83
63.251.28.233
63.251.86.49
68.67.179.89
8.28.7.83
8.43.72.98
00247314d77331acf016b56543d739045e6510e8e10dda88e5802745e65b984d
010d92d10dfe7b321a5b165da4d0fc141e2dd2947081ac6bbe80c05d26490276
0171cbca873ab73c1ed13e5edf7653c66f5a865d77223ef6f17d8def49a63c3d
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
1062b0095ac7774b41526d66e8bb14b9739bd6582db15b9f8b964e6d453d7283
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
169810c87bb118af2b493d0a3fc799d03b98094d18d79b2a232dff4f2d911ad8
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
2265b24c6c664adb0a0e0b6aa4c48253baa63fea987e99f539b9d2817934540a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
36a686b314face6bedc81c871e4f76b6b31ae4f7cc8d93afb772b623088b373f
3c731075a8d23fe3eeb9661a4e24ee57b0f009f3ffa6331b6949f52ef30e93b8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f248531a79da11f93cba41f57921e2cdbf6df7fecd6e8614a6f548a7e603689
524205f905ae00fcf7627d819ddb22bf2af9e5e1b6e5f840ad341d97406915ac
56a9d2d709b6390ec07fb774f94bc9d0119297a15479e7a8d60a82e8ce017de0
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a746e2710ff0087708ef0c03d817458c72b4aa667b1080593053fba97604ded
5c23a5defeb7ac3d42dd317373b0dc42a7797555981b2dd80ee4a29013417bc4
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6d90afbec85e4230eee4ab7e93dc87821122dc0b806a7eae027f9bb6510361aa
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
78f94aee3ab9895d5707a499d1ad149d80f627ce7193975c228f95f1f23c1cd2
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7fdc0a5877ac4e7ed8be2cb4f6a17115734edd3a79e0820deac538f6c07b84ce
818dd3ad17a1f15f770b07fb834f04a61a92352115b8635fbe3f665d1d9a00b6
837f9c741c8b19dacf1a5037dae074c2fd8d8c88db232bc7ad5a88f7e6afe02e
862332b1f10ae54eab88552241f32ea9419b26be160fc3c1d7b9f50381d40c1f
8862a8cbd94cdd50815caba50c0c55ed05fd3db33fda1d81ad888d7b2d69744c
8b10cdab1c4cf58130b46359f4338d5941778e480d3af00cbb2137f4fdc8e880
8ef01600e610b9b5f946a4dc2cdac2a85f39baf8ca8376a872c449a525c71d03
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
9624e2224866bafdb30dfbdc96f12f9e588654ca440fcd073b4a5dcbd69978e9
9740ac62275ca106c31a2ea7ee3725dd1bae4003691009e6c43f352a1ef190e5
9dba94c32746b5f4d413fa67ba4e33e68c13fc706152e2173508d3c5ce5a2459
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a521214ee3a62a40f3dc1dad4bc62f85f2c8dcb8d8afd359ac5d046dfeb1ea78
a58c023bd744ae4d4f45f76f8ba6a814fde216cb56387558d375153efd81ced7
a7e8abd4dcc9719d23079401b24327ee4107da3cd84e9178a8ba24debdf8adf8
a982e2f87a6363e57624a99c35e7f54866bc46343b4e5f15d81c99a2bf7da39e
aa5f224e3d31d6f841b186333c96137098958f7e772ac435b2e61a242051d04f
aae6ffcf2e0f998f22bca9ab8f418b9e390c5f82db00c014c0924f2559dada2b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2acee832ee1095b57fb94dede0f60a27894a0566727f99cf175e91f82317664
c78e602158395d7ffef52bba544354cdef27291c4c833ff022afc6d28a3a6e8d
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d1f730346756d3c3daee271893f6a3030ab49c33f4fe6d18d1ffe790fed27295
d495ef09283d70625ffd51e08a5006d6d996325a016747b4948d2f8c42078acb
d69bf0e0bfc2dcae1954dcdd6517531a67dd5fcf4149c12ae1e9c29a87183ce5
db69f5d5af3992f04ae1b7fd9eec30d564ea29a2a6f84f2a9eabe1e39d30999c
e0540336fe7fee67275d314a3ed34d3a76c4347be12701a04c5a87ca7d7c27dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
eedef2483e96671f0f4579e056f0773a037de727e88f8cdca94a48de810e2cf6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b
f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
ff2f0b16e606f77c3d61831e7f0d7664f71e2b903cb4f63ed486469324ab0bd2

www.gls-us.com Open in urlscan Pro 216.101.115.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

75 %HTTPS

27 %IPv6

36 Domains

45 Subdomains

37 IPs

1 Countries

874 kBTransfer

2478 kBSize

58 Cookies

2 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gls-us.com Open in urlscan Pro
216.101.115.41 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

75 %
HTTPS

27 %
IPv6

36
Domains

45
Subdomains

37
IPs

1
Countries

874 kB
Transfer

2478 kB
Size

58
Cookies

85 HTTP transactions
1 data transactions