payment.unitednaturals.com Open in urlscan Pro
76.76.21.93 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payment.unitednaturals.com/
Submission: On February 26 via automatic, source certstream-suspicious (February 26th 2023, 9:51:40 am UTC) — Scanned from DE

Summary HTTP 148 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 48 domains to perform 148 HTTP transactions. The main IP is 76.76.21.93, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is payment.unitednaturals.com.
TLS certificate: Issued by R3 on February 26th 2023. Valid for: 3 months.

This is the only time payment.unitednaturals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	76.76.21.93 76.76.21.93	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
6	13.32.121.4 13.32.121.4	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.9 52.222.236.9	16509 (AMAZON-02) (AMAZON-02)
4	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:20e... 2600:9000:20eb:9a00:1d:e8c0:cf40:21	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	18.66.97.18 18.66.97.18	16509 (AMAZON-02) (AMAZON-02)
1	52.0.64.183 52.0.64.183	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	54.231.233.97 54.231.233.97	16509 (AMAZON-02) (AMAZON-02)
25	13.224.189.113 13.224.189.113	16509 (AMAZON-02) (AMAZON-02)
3	52.203.83.237 52.203.83.237	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 2	3.74.185.105 3.74.185.105	16509 (AMAZON-02) (AMAZON-02)
1 1	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.198.123.15 18.198.123.15	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.248.76.150 3.248.76.150	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 2	52.59.64.86 52.59.64.86	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.59.191.188 52.59.191.188	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4232:851e:f269:97b5:da7b	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	104.96.129.75 104.96.129.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.250.114.170 34.250.114.170	16509 (AMAZON-02) (AMAZON-02)
1	52.31.4.222 52.31.4.222	16509 (AMAZON-02) (AMAZON-02)
1	3.135.167.46 3.135.167.46	16509 (AMAZON-02) (AMAZON-02)
148	57

22 76.76.21.93 (Walnut, United States)

ASN16509 (AMAZON-02, US)

payment.unitednaturals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.121.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-4.fra60.r.cloudfront.net

events.unitednaturals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-9.fra56.r.cloudfront.net

static.unitednaturals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:9a00:1d:e8c0:cf40:21 (United States)

ASN16509 (AMAZON-02, US)

d378si5bqq748t.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-18.fra56.r.cloudfront.net

api.unitednaturals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.64.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-64-183.compute-1.amazonaws.com

tools-api.veyl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.233.97 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

upbio.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 13.224.189.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-113.fra2.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.203.83.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-83-237.compute-1.amazonaws.com

vgs-collect-keeper.apps.verygood.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o453484.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.74.185.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-185-105.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.123.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-123-15.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.185 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.76.150 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-76-150.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.64.86 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-64-86.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.191.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-191-188.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:851e:f269:97b5:da7b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.129.75 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-129-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.114.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-114-170.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.4.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-4-222.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.135.167.46 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-167-46.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	unitednaturals.com payment.unitednaturals.com events.unitednaturals.com static.unitednaturals.com — Cisco Umbrella Rank: 420248 api.unitednaturals.com	600 KB
25	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 35749	713 KB
13	bing.com bat.bing.com — Cisco Umbrella Rank: 357	49 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 378 mug.criteo.com — Cisco Umbrella Rank: 2719 sslwidget.criteo.com — Cisco Umbrella Rank: 1776 widget.us.criteo.com — Cisco Umbrella Rank: 17226 dis.criteo.com — Cisco Umbrella Rank: 686	14 KB
7	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	4 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6149	861 B
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	865 B
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	346 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	40 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 377	4 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4542	53 KB
3	verygood.systems vgs-collect-keeper.apps.verygood.systems — Cisco Umbrella Rank: 76909	475 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 663	855 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1347	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	509 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	879 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	137 KB
2	gstatic.com fonts.gstatic.com	55 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1746	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 585	339 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2212	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4455	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 28098	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2372	183 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 668	585 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 733	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1370	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2540	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 404	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 745	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1244	162 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 338	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1888	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1236	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 571	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 518	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 313	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 563	980 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	14 KB
1	sentry.io o453484.ingest.sentry.io	324 B
1	amazonaws.com upbio.s3.amazonaws.com	19 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4041	22 KB
1	veyl.com tools-api.veyl.com	2 KB
1	cloudfront.net d378si5bqq748t.cloudfront.net	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	856 B
148	48

	Domain	Requested by
25	js.verygoodvault.com	payment.unitednaturals.com js.verygoodvault.com
22	payment.unitednaturals.com	payment.unitednaturals.com
13	bat.bing.com	payment.unitednaturals.com bat.bing.com
6	www.google.de	payment.unitednaturals.com
6	www.google.com	1 redirects payment.unitednaturals.com
6	www.googletagmanager.com	payment.unitednaturals.com static.unitednaturals.com
6	events.unitednaturals.com	payment.unitednaturals.com
5	gum.criteo.com	4 redirects static.criteo.net
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com payment.unitednaturals.com www.google-analytics.com
4	dev.visualwebsiteoptimizer.com	payment.unitednaturals.com dev.visualwebsiteoptimizer.com
3	vgs-collect-keeper.apps.verygood.systems	payment.unitednaturals.com js.verygoodvault.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	www.facebook.com	payment.unitednaturals.com
2	connect.facebook.net	payment.unitednaturals.com connect.facebook.net
2	stats.g.doubleclick.net	payment.unitednaturals.com www.google-analytics.com
2	api.unitednaturals.com	payment.unitednaturals.com
2	fonts.gstatic.com	fonts.googleapis.com payment.unitednaturals.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.criteo.net	static.unitednaturals.com
1	o453484.ingest.sentry.io	payment.unitednaturals.com
1	upbio.s3.amazonaws.com
1	browser.sentry-cdn.com	www.googletagmanager.com
1	tools-api.veyl.com	payment.unitednaturals.com
1	d378si5bqq748t.cloudfront.net	payment.unitednaturals.com
1	static.unitednaturals.com	payment.unitednaturals.com
1	fonts.googleapis.com	payment.unitednaturals.com
148	59

This site contains links to these domains. Also see Links.

Domain
www.unitednaturals.com

Subject Issuer	Validity	Valid
payment.unitednaturals.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
unitednaturals.com Amazon	`2022-08-04` - `2023-09-02`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
veyl.com Amazon RSA 2048 M01	`2023-02-21` - `2023-12-21`	10 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.verygoodvault.com Amazon	`2023-01-18` - `2024-02-16`	a year	crt.sh
vgs-collect-keeper.apps.verygood.systems R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
*.ingest.sentry.io R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-05`	2 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
itm.ivitrack.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-01`	5 months	crt.sh

This page contains 19 frames:

Primary Page: https://payment.unitednaturals.com/
Frame ID: 9577506D994EC58820F769F12DAEED35
Requests: 49 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Frame ID: 71577BD192FCF6B1B2314D5519E241F2
Requests: 3 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Frame ID: 7FC2F1062D98C6DCA3184A0F93034F25
Requests: 17 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Frame ID: 81657CEE0656B9E296E6C310F5F9E34A
Requests: 2 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Frame ID: 556EA048070CE022A5826678286C086B
Requests: 2 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Frame ID: 118534DDF23ACC7280338B8736210F3C
Requests: 2 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: 93AF2B11BC19EF687EA86ABA638C1FAA
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-404335994
Frame ID: 0B2326BD4A92AEAA39908E7808E579A7
Requests: 6 HTTP requests in this frame

Frame: https://connect.facebook.net/en_US/fbevents.js
Frame ID: DA107230F8E6D65587E6BFCC5AA30C61
Requests: 4 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/ld.js
Frame ID: 9C569F3A8496604508D60CCEC1DD9C27
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-157688124-1
Frame ID: 310ED2A4DE27DA1F2A88B6837E4029E5
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-654994687
Frame ID: 6E4C23FBCD96711B094A871B49C16843
Requests: 4 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: 4745F204ED2A6D5B475C55550ABB27B7
Requests: 3 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: 815C5E9386B5EC6CBF8709EC0FA434BE
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-404335994
Frame ID: F0060E532DE05FF97EF9A94A00FB02B8
Requests: 4 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: 527CB6EEE76643D4C64B43F912D35803
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=G-W76M3KXVGN
Frame ID: 70364C1EDF15981FE614FA79C462B026
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=payment.unitednaturals.com&origin=onetag
Frame ID: 7F0F25F603A77F9241D3F6B97F268BF3
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-j0cxVcBL0YT6eNn9ZvOfudPRkZ8sT8K8iHGbQw&expires=30
Frame ID: 37875A35061BB113ED0DFEF4656D67BC
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secure Shopping Cart - United Naturals

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

148
Requests

91 %
HTTPS

29 %
IPv6

48
Domains

59
Subdomains

57
IPs

10
Countries

2091 kB
Transfer

6658 kB
Size

55
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.unitednaturals.com/pages/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.unitednaturals.com/pages/terms-of-service
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404335994/?random=669050677&cv=11&fst=1677405095546&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&label=vQCCCPT0kcMCEPra5sAB&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&gtm_ee=1&auid=605371208.1677405096&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=pyv7Y9TWJKeuzAbUsKyAAg&sscte=1&crd=&pscrd=EkxDaEFJZ0tQc253WVF0ZlduOFppTjYtVTFFaVVBdkFyRjlINXhTa2ZSd3R3alk4bmRZbVl4T0owRkdDNFdkQTRvN2lmVDJwNjVMeHIzGldDaEFJZ0tQc253WVFqNmU5eVpTbzhLcHRFaTBBblZNZWNobS1SMl8tWm1ZNk9QQ2pZR2pHdERRNGNFQXNpVTJWcFp2dlZTU3RPRnN1Tk00NGpWbVo4NlU HTTP 302
https://www.google.com/pagead/1p-conversion/404335994/?random=669050677&cv=11&fst=1677405095546&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&label=vQCCCPT0kcMCEPra5sAB&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&gtm_ee=1&auid=605371208.1677405096&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tQc253WVF0ZlduOFppTjYtVTFFaVVBdkFyRjlINXhTa2ZSd3R3alk4bmRZbVl4T0owRkdDNFdkQTRvN2lmVDJwNjVMeHIzGldDaEFJZ0tQc253WVFqNmU5eVpTbzhLcHRFaTBBblZNZWNobS1SMl8tWm1ZNk9QQ2pZR2pHdERRNGNFQXNpVTJWcFp2dlZTU3RPRnN1Tk00NGpWbVo4NlU&is_vtc=1&ocp_id=pyv7Y9TWJKeuzAbUsKyAAg&cid=CAQSKQDUE5ymLuzMLJDrscmmajFtHza1Wo_9BpJiFx1a1WVrLGq8QlXspYHg&random=1129992180 HTTP 302
https://www.google.de/pagead/1p-conversion/404335994/?random=669050677&cv=11&fst=1677405095546&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&label=vQCCCPT0kcMCEPra5sAB&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&gtm_ee=1&auid=605371208.1677405096&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tQc253WVF0ZlduOFppTjYtVTFFaVVBdkFyRjlINXhTa2ZSd3R3alk4bmRZbVl4T0owRkdDNFdkQTRvN2lmVDJwNjVMeHIzGldDaEFJZ0tQc253WVFqNmU5eVpTbzhLcHRFaTBBblZNZWNobS1SMl8tWm1ZNk9QQ2pZR2pHdERRNGNFQXNpVTJWcFp2dlZTU3RPRnN1Tk00NGpWbVo4NlU&is_vtc=1&ocp_id=pyv7Y9TWJKeuzAbUsKyAAg&cid=CAQSKQDUE5ymLuzMLJDrscmmajFtHza1Wo_9BpJiFx1a1WVrLGq8QlXspYHg&random=1129992180&ipr=y&prhg=0

Request Chain 95

https://gum.criteo.com/sid/json?origin=onetag&domain=unitednaturals.com&sn=ChromeSyncframe&so=0&topUrl=payment.unitednaturals.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=O8Kkd3x0MC9vSVQ4VlM3UXpaeStRdFVUUjkzN0tFKzREWm44MGVxWnVITG4xTTlVcEJWZ1ZQUHRwZDZRUGptMG03Wkx2KzNPanlFWk5DRzFrSDlOeEpzSGl5YUNpMkNLWG5oVkRoOTdaT3duRCtYdHUvVmNmekwzb1k4dmh4Vk55ck4vQzJxTnl2MmE2cXpBU053NzBZcUEwZWw0VTROMDMwMHowRUhHaHliMmJOT2dvZko0UlFNSFdqSjBWdTJhVFJ6SnRHZUc2aldMQ1lvaEk1VW5QVVRZcmhDd0RoMXIrajJVdmtoc3JRbGpMOUZta2dOMkhzWHJEWkE5MElqT3k1MUQ3UnJ2Zkx2aWFJSXdCNlZJYjNLZ29UZz09fA&cppv=2

Request Chain 102

https://sslwidget.criteo.com/event?a=59443&v=5.14.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p2=e%3Ddis&adce=1&bundle=IokQiF9DNTRzTEV0SmExWEFaWEQ3QTI1blZPVEJ1QTRkN3dlbHJNTERGMk9sbkxTU2VnMUtCUXJBSkdLaUlkaiUyQkRoUWh5OG5HV3F6SmhvanVZeGdUbCUyRmNUaWpIUEFjeTh5eFZIa0ZzbTB0WSUyQmhzWGtwYTh3ZVl6dXVVVWRWR1VXSzElMkJlZE5aUjVFZGRpOWI2YmJpRTYwcGFrdFFqSElLNjdza0ZvJTJGNUk4V1dyQSUyQlklM0Q&tld=unitednaturals.com&fu=https%253A%252F%252Fpayment.unitednaturals.com%252F&dtycbr=8307 HTTP 302
https://widget.us.criteo.com/event?a=59443&v=5.14.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p2=e%3Ddis&adce=1&bundle=IokQiF9DNTRzTEV0SmExWEFaWEQ3QTI1blZPVEJ1QTRkN3dlbHJNTERGMk9sbkxTU2VnMUtCUXJBSkdLaUlkaiUyQkRoUWh5OG5HV3F6SmhvanVZeGdUbCUyRmNUaWpIUEFjeTh5eFZIa0ZzbTB0WSUyQmhzWGtwYTh3ZVl6dXVVVWRWR1VXSzElMkJlZE5aUjVFZGRpOWI2YmJpRTYwcGFrdFFqSElLNjdza0ZvJTJGNUk4V1dyQSUyQlklM0Q&tld=unitednaturals.com&fu=https%253A%252F%252Fpayment.unitednaturals.com%252F&dtycbr=8307

Request Chain 118

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-j0cxVcBL0YT6eNn9ZvOfudPRkZ8sT8K8iHGbQw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-j0cxVcBL0YT6eNn9ZvOfudPRkZ8sT8K8iHGbQw&expires=30

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RPXjDcBL0YT6eNn9ZvOfudPRkZ_pPiJmRtFMNQ&google_cm&google_hm=ay1SUFhqRGNCTDBZVDZlTm45WnZPZnVkUFJrWl9wUGlKbVJ0Rk1OUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RPXjDcBL0YT6eNn9ZvOfudPRkZ_pPiJmRtFMNQ&google_gid=CAESEKEC3551IuIIHGDxtTys8LI&google_cver=1&google_ula=913071,0

Request Chain 120

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1212369525395259813

Request Chain 128

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QLjoDcBL0YT6eNn9ZvOfudPRkZ98rRCsW5jGhQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QLjoDcBL0YT6eNn9ZvOfudPRkZ98rRCsW5jGhQ&verify=true

Request Chain 131

https://secure.adnxs.com/setuid?entity=52&code=k-hSBz2cBL0YT6eNn9ZvOfudPRkZ_BmUWIgzgvYQ&seg=130915 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-hSBz2cBL0YT6eNn9ZvOfudPRkZ_BmUWIgzgvYQ%26seg%3D130915

Request Chain 132

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-w3ij6cBL0YT6eNn9ZvOfudPRkZ8JBsqP4ga9_Q HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-w3ij6cBL0YT6eNn9ZvOfudPRkZ8JBsqP4ga9_Q&C=1

Request Chain 133

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Ma37feJgkCZEWkZN1w5E-QVdz3b-hgCb HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ma37feJgkCZEWkZN1w5E-QVdz3b-hgCb

Request Chain 135

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-mPgB9sBL0YT6eNn9ZvOfudPRkZ8avarxMX2Zqg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-mPgB9sBL0YT6eNn9ZvOfudPRkZ8avarxMX2Zqg

Request Chain 144

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WNGIpA67hvoZbEhdDTwdKDAb1vcih33m

Request Chain 145

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tQq8cAuELsFRtai2VTsnFRlIMeg0P5Gy

148 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
payment.unitednaturals.com/ 20 KB
6 KB 155ms
127ms Document
text/html 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

c4c70177fb66e2dc7c8b045d5fc783b410d478ed57d3f5c0a9607ad371630c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 26 Feb 2023 09:51:33 GMT
etag: W/"50dd-o6LUTxr0TpWu2Cd2DPMXqUrsDf0"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-id: fra1::iad1::fwsst-1677405093483-2f446adfb609

GET
H2 200 d1fdf99fa88d61b648ce.css
payment.unitednaturals.com/_next/static/css/ 5 KB
2 KB 17ms
16ms Stylesheet
text/css 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/css/d1fdf99fa88d61b648ce.css

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

73d0ab973d91badb4a5614c064410c6d7bf8ac6b7afb9e537623b7c276c2a26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::g64d2-1677405093616-0668d26c2010
age: 1596050
x-matched-path: /_next/static/css/d1fdf99fa88d61b648ce.css
etag: W/"fd065aee90974886279130408f8c6deb"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="d1fdf99fa88d61b648ce.css"

GET
H2 200 webpack-cc041712a17fe78653c7.js Show response
payment.unitednaturals.com/_next/static/chunks/ 4 KB
2 KB 13ms
13ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/webpack-cc041712a17fe78653c7.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0065c9b502f75f9fef9e258f4753ef85686a3de3a1ea0c8ae1391a1519bdbf8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::fwsst-1677405093616-fd31b4795b96
age: 1625250
x-matched-path: /_next/static/chunks/webpack-cc041712a17fe78653c7.js
etag: W/"31413c54d1cb26adc9e0eb5ed265568f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-cc041712a17fe78653c7.js"

GET
H2 200 framework-4a1163a0a5280f9fa575.js Show response
payment.unitednaturals.com/_next/static/chunks/ 128 KB
43 KB 28ms
25ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/framework-4a1163a0a5280f9fa575.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a5638758ebafa6b913fc2584a945ea6fd3230da946f3fecbd409d70ed144e93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::fwsst-1677405093643-25e5ca1aa734
age: 1625250
x-matched-path: /_next/static/chunks/framework-4a1163a0a5280f9fa575.js
etag: W/"800b3de8245bfa2c2872f50f62a4e27a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-4a1163a0a5280f9fa575.js"

GET
H2 200 main-8748fe1a2e449bff5888.js Show response
payment.unitednaturals.com/_next/static/chunks/ 61 KB
21 KB 29ms
25ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/main-8748fe1a2e449bff5888.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

cb4cfd056bb1880ed1a18dd01cca8a7917bb0e9d61acd5075ff61c66232adf0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::svkmn-1677405093643-1cc76f15774f
age: 1625250
x-matched-path: /_next/static/chunks/main-8748fe1a2e449bff5888.js
etag: W/"751270358ce5dd1554874aff2c7bfc76"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-8748fe1a2e449bff5888.js"

GET
H2 200 _app-742db82b32bc5bd70b2f.js Show response
payment.unitednaturals.com/_next/static/chunks/pages/ 2 MB
407 KB 58ms
54ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

658faa7ad4cd09a7640fb7a16b692b4534ea5df3139b5ac38181f6e650255d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::p4zj5-1677405093645-00a2577ead32
age: 1625234
x-matched-path: /_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js
etag: W/"9869447b06e5753cce07cdd4e5fe389c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-742db82b32bc5bd70b2f.js"

GET
H2 200 926-3e366c518decadcef80d.js Show response
payment.unitednaturals.com/_next/static/chunks/ 28 KB
10 KB 31ms
27ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/926-3e366c518decadcef80d.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b785f69480d3a6a5b26726b2fae085affca37d0e222a5e58e47eed34210f53be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::8lg82-1677405093645-4a57c296460d
age: 1625250
x-matched-path: /_next/static/chunks/926-3e366c518decadcef80d.js
etag: W/"a97c455328fd0c7ea4fb498a476e2ccd"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="926-3e366c518decadcef80d.js"

GET
H2 200 782-33a54801c7ae8d8602d9.js Show response
payment.unitednaturals.com/_next/static/chunks/ 5 KB
2 KB 36ms
32ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/782-33a54801c7ae8d8602d9.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

87d083e40e96085fe9ca903e6115531e26872a73fe430ed7fa1ecd872958a97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::99kbf-1677405093645-e3c5c9acd39d
age: 1625250
x-matched-path: /_next/static/chunks/782-33a54801c7ae8d8602d9.js
etag: W/"f68c2950283b1e10a3e9bba0055de8d8"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="782-33a54801c7ae8d8602d9.js"

GET
H2 200 611-b500fe6879a2753243d8.js Show response
payment.unitednaturals.com/_next/static/chunks/ 23 KB
7 KB 43ms
40ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/611-b500fe6879a2753243d8.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7c464df24df8b56fa2398b903fc1e87fcdd0e55d5c3ebae7ff171031b9208a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::54pj4-1677405093647-1d0d22a3da04
age: 1625234
x-matched-path: /_next/static/chunks/611-b500fe6879a2753243d8.js
etag: W/"5b59b288b9d8dddc562ea01e14cd1b00"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="611-b500fe6879a2753243d8.js"

GET
H2 200 896-6958eb9c2d64739725e3.js Show response
payment.unitednaturals.com/_next/static/chunks/ 10 KB
4 KB 45ms
42ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/896-6958eb9c2d64739725e3.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5408d7ba9bf988c4c32a6de9f5f25f5f3946a412d9f39031a706aa6ae8ea2449

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::k7q8f-1677405093650-3f02152faff6
age: 1625234
x-matched-path: /_next/static/chunks/896-6958eb9c2d64739725e3.js
etag: W/"5c9271905319374b5e29d5919d2cd333"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="896-6958eb9c2d64739725e3.js"

GET
H2 200 index-3091e86d12b87fdff58d.js Show response
payment.unitednaturals.com/_next/static/chunks/pages/ 43 KB
13 KB 44ms
41ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/pages/index-3091e86d12b87fdff58d.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1fe72b632606dfea100be1d6f33d03f25be24b753df7d0beec17f29b7aa53c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::srrw8-1677405093647-cecf5b6f6b45
age: 1625250
x-matched-path: /_next/static/chunks/pages/index-3091e86d12b87fdff58d.js
etag: W/"26fd6bab160ea041b4450cde22014978"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="index-3091e86d12b87fdff58d.js"

GET
H2 200 _buildManifest.js Show response
payment.unitednaturals.com/_next/static/cgh6Rk0Kg8w8ugpqnf9XB/ 2 KB
891 B 42ms
39ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/cgh6Rk0Kg8w8ugpqnf9XB/_buildManifest.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3f60b5126056c40dd3f9ca4b1353bc8e2389e378822ea9f19b532aaeca23d7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::bcw47-1677405093648-a6f5abba4450
age: 1596050
x-matched-path: /_next/static/cgh6Rk0Kg8w8ugpqnf9XB/_buildManifest.js
etag: W/"4d7df642194bc464b6a8bf752679945d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"

GET
H2 200 _ssgManifest.js Show response
payment.unitednaturals.com/_next/static/cgh6Rk0Kg8w8ugpqnf9XB/ 77 B
329 B 46ms
43ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/cgh6Rk0Kg8w8ugpqnf9XB/_ssgManifest.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::n7gpp-1677405093650-c0a4fb142a53
age: 1625250
x-matched-path: /_next/static/cgh6Rk0Kg8w8ugpqnf9XB/_ssgManifest.js
etag: "b6652df95db52feb4daf4eca35380933"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
accept-ranges: bytes
content-length: 77

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
856 B 41ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Muli:wght@400;700&display=swap

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f737184a532228d93b19ad2e026aeb229f4770e933ab129e28c6c25307c78d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 09:25:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 09:51:33 GMT

GET
H2 200 logo.svg
payment.unitednaturals.com/assets/sites/un/ 9 KB
3 KB 166ms
164ms Image
image/svg+xml 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment.unitednaturals.com/assets/sites/un/logo.svg

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a750825f4193e8135744e23c2c4afc85db8c29b852c09097655fd552a973619a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::8l8ss-1677405093737-8c501c63d68a
age: 1039823
x-matched-path: /assets/sites/un/logo.svg
etag: W/"308b9c071cf7c7e63e79310235a592c2"
x-vercel-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="logo.svg"

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 30 KB
31 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payment.unitednaturals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:56:08 GMT
x-content-type-options: nosniff
age: 262525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:56:08 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/ 24 KB
24 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/css/d1fdf99fa88d61b648ce.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payment.unitednaturals.com/
Origin: https://payment.unitednaturals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 01:04:21 GMT
x-content-type-options: nosniff
age: 290832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24884
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:49:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:04:21 GMT

OPTIONS
H2 204 record
events.unitednaturals.com/public/ Frame 0
0 518ms
295ms Preflight 13.32.121.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.unitednaturals.com/public/record
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-4.fra60.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payment.unitednaturals.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 26 Feb 2023 09:51:34 GMT
vary: Access-Control-Request-Headers
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-apigw-id: A8PCCGBIIAMFkSw=
x-amz-cf-id: 4dGsqtxvK49zi9y2XuBcKWSPJUio7HMaDpzDE723XCM-7tGWtt-OTw==
x-amz-cf-pop: FRA60-P1
x-amzn-remapped-content-length: 0
x-amzn-requestid: 0ccba0d6-8f80-4fa5-aa9d-97fd5ae76567
x-amzn-trace-id: Root=1-63fb2ba6-46650211246c9cf30ceac67c;Sampled=0
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 bundle.min.js Show response
static.unitednaturals.com/tagmanager/ 31 KB
31 KB 663ms
403ms Script
application/javascript 52.222.236.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.unitednaturals.com/tagmanager/bundle.min.js
Requested by: Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1133de1a1f3848aa953f5dc44dbc58801e5888d87557ca5090e5510527eeef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:35 GMT
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Jun 2021 19:38:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "38a0057b96be65447a4d09028cc48cce"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 31529
x-amz-cf-id: SSETaOa4wLb0El20LuYlwNkqlAARGo94m0gpF8GBA1sJb5Zd9JpD5A==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 7 KB
3 KB 74ms
21ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=519819&u=https%3A%2F%2Fpayment.unitednaturals.com%2F&f=1&r=0.29907883291877213
Requested by: Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: db7359118c0fb1b79a832df20b45e61ca13327f2500bfb677ff7814b1bb1471f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1677223471"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 prop65.js Show response
d378si5bqq748t.cloudfront.net/ 24 KB
9 KB 58ms
23ms Script
application/javascript 2600:9000:20eb:9a00:1d:e8c0:cf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d378si5bqq748t.cloudfront.net/prop65.js
Requested by: Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9a00:1d:e8c0:cf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2de22b87d1d1db91b238dafa7d4d296d26b8af9c0dc04e7f18bbc3ca8cc4454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 07:04:04 GMT
content-encoding: gzip
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified: Fri, 13 Aug 2021 02:33:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 2861250
etag: W/"01fecbd408cedabb816f77a894d9332d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: MqxX6cQwpcwkWt2hzf5Kv3FHjL-G2gs5_EI-uLLQkKw41zbT19yu2A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
46 KB 49ms
20ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NS86CHK

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdd3b5cdd1792b376bda3ff4ebfa4be17f4a0d9ffaea1fe34acdf2b081cc5671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47140
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Feb 2023 09:51:33 GMT

POST
H2 200 record Show response
events.unitednaturals.com/public/ 52 B
668 B 534ms
533ms XHR
application/json 13.32.121.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.unitednaturals.com/public/record

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-4.fra60.r.cloudfront.net

Software

Resource Hash

e70e40710e1f59cc5b8b8f67afba3bd1161b51d4e699a66713fde85f6b59ed9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 52
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 99d1baa7-8abd-4aea-976a-2a385c1130f8
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-amz-apigw-id: A8PCFF9rIAMFZ1Q=
content-length: 52
x-xss-protection: 1; mode=block
etag: W/"34-bO7IkFHLFcDqTvuRdNnalUXJUCM"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-trace-id: Root=1-63fb2ba6-4f4054527f7f815c452bf1be;Sampled=0
x-amz-cf-id: Hwp7cg1g6qLicTKMrzsGs2a1f3ycQ6plhCrckbEDBomm62i4jlf5hw==

GET
H2 200 / Show response
api.unitednaturals.com/public/products/ 11 KB
4 KB 889ms
799ms XHR
application/json 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unitednaturals.com/public/products/?country_code=US&coupon=&id=zOQ2ZQDlg
Requested by: Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: /
Resource Hash: d735ec1c58132cdeb07505c4237bba455794fb5e9384740b5bcde3b815986c96

Request headers

Accept: application/json, text/plain, */*
Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
content-encoding: gzip
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amzn-requestid: a7723157-9488-44bb-876c-0509f5fbde75
etag: W/"2b80-0pwO12bwl5ic/35S72TSrsgLqxk"
vary: Accept-Encoding
x-amzn-trace-id: Root=1-63fb2ba6-7e23745619363a5b24e8727f;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-funny: haughty hippopotamus 1.4.1
x-amz-apigw-id: A8PCBFgnoAMFv6Q=
content-length: 4017
x-amz-cf-id: M8U2mMiQrobBY6ekSgitdqqOgHPnX9Js0kEyqmm49Jr2YTCUG5utFw==

GET
H2 200 currency-convert Show response
tools-api.veyl.com/ 3 KB
2 KB 539ms
125ms XHR
application/json 52.0.64.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tools-api.veyl.com/currency-convert

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.64.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-64-183.compute-1.amazonaws.com

Software

Resource Hash

959e14671a55387cc39ef236c66109391faed412503aa9731fa1f455b5e651ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-requestid: cff9125b-3466-4866-b83d-9eba6f489ad0
x-dns-prefetch-control: off
x-amz-apigw-id: A8PCCFq0oAMF8RQ=
content-length: 1735
x-xss-protection: 1; mode=block
etag: W/"c3f-DixFrolwhvREZZ2lZf5dhfDFzt4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-trace-id: Root=1-63fb2ba6-49e273273186688e0570e6c5;Sampled=0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 97ms
24ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS86CHK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 09:12:19 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2355
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 26 Feb 2023 11:12:19 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/4.5.3/ 70 KB
22 KB 28ms
8ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/4.5.3/bundle.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS86CHK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fe5f8d4505ce040cc22d858aa7636262168e3449787dd05f75ea7050ff8ce06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 21 Jan 2019 13:03:48 GMT
server: Fastly
age: 12454379
etag: "28e5dd38e927f10c1ce94d84470a83b3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 22423
expires: Thu, 05 Oct 2023 06:18:35 GMT

GET
H3 200 tag-da6c39e713a39821a0c4553df2493592.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 174 KB
49 KB 36ms
25ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-da6c39e713a39821a0c4553df2493592.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=519819&u=https%3A%2F%2Fpayment.unitednaturals.com%2F&f=1&r=0.29907883291877213
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d1fd072e783699bfba0822512b7011c6b18d924969d4de3e4051a804f4dbce51

Request headers

Referer: https://payment.unitednaturals.com/
Origin: https://payment.unitednaturals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 24 Feb 2023 07:24:10 GMT
server: gfra1
etag: "63f8661a-c2b3"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49843

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 108ms
107ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=519819&d=payment.unitednaturals.com&u=DE7FAD0F91B6A3B2ECECFB4E9AD7330B1&h=a8785af8e90a396ada863dfb661d7635&t=false&r=0.9368255878623646

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:33 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 4 KB
2 KB 21ms
20ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=519819&settings_type=1&vn=7.0
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-da6c39e713a39821a0c4553df2493592.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 3e7985636ec6979eddc7e02f1a06a2ec67b5c51d02fec37c29a3946cbd004452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:33 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1677223471"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
216 B 49ms
48ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1507432543&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.unitednaturals.com%2F&ul=en-us&de=UTF-8&dt=Secure%20Shopping%20Cart%20-%20United%20Naturals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1070319079&gjid=1841096471&cid=1981593592.1677405094&tid=UA-133916996-1&_gid=533244735.1677405094&_r=1&_slc=1&gtm=45He32m0n81NS86CHK&z=1760231794

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.unitednaturals.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
356 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-133916996-1&cid=1981593592.1677405094&jid=1070319079&gjid=1841096471&_gid=533244735.1677405094&_u=YEBAAAAAAAAAAC~&z=499461023

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 26 Feb 2023 09:51:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.unitednaturals.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 121ms
58ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-133916996-1&cid=1981593592.1677405094&jid=1070319079&_u=YEBAAAAAAAAAAC~&z=179746038

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 61ms
34ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-133916996-1&cid=1981593592.1677405094&jid=1070319079&_u=YEBAAAAAAAAAAC~&z=179746038

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 tags
events.unitednaturals.com/public/ Frame 0
0 294ms
294ms Preflight 13.32.121.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.unitednaturals.com/public/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-4.fra60.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payment.unitednaturals.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 26 Feb 2023 09:51:34 GMT
vary: Access-Control-Request-Headers
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-apigw-id: A8PCGH4SIAMFaxA=
x-amz-cf-id: 8JdLZGH-qLHR1eMcMqrP-jQRPcc9F_H_9RBcogsepg_FMyLbisHMDw==
x-amz-cf-pop: FRA60-P1
x-amzn-remapped-content-length: 0
x-amzn-requestid: 18088e37-4585-4dc3-859c-3be47751f276
x-amzn-trace-id: Root=1-63fb2ba6-7ab2edf3517a45410c3f1fab;Sampled=0
x-cache: Miss from cloudfront
x-powered-by: Express

POST
H2 200 tags Show response
events.unitednaturals.com/public/ 4 KB
2 KB 553ms
553ms Fetch
application/json 13.32.121.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.unitednaturals.com/public/tags

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-4.fra60.r.cloudfront.net

Software

Resource Hash

dcb31a0100f3b1281a4cc6f83f700a2177360fbd5d6f15339d7031c3d937bb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 12ddeb9e-dcc5-4e39-b117-c43dde40769b
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-amz-apigw-id: A8PCJHfDoAMFXeQ=
content-length: 1191
x-xss-protection: 1; mode=block
etag: W/"10a0-/rufCr+MJaG1elTX1b5CdMU8Pv4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-trace-id: Root=1-63fb2ba7-4f705f31165823d93eb9c7b4;Sampled=0
x-amz-cf-id: SwlkQD6VhcMLIzgYU1HSTOGLKHTjYLsnMTXN2OL7__dzCmINGZr8Ag==

POST
H2 200 tags Show response
events.unitednaturals.com/public/ 2 KB
2 KB 539ms
537ms Fetch
application/json 13.32.121.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.unitednaturals.com/public/tags

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-4.fra60.r.cloudfront.net

Software

Resource Hash

5f3cb838ad6b6f1c4ca4336432280db9c5900b521ac8dcf4d52b6364a3fb4a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: ba1f9d56-7051-4d9a-81ed-fd93c1a83a9d
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-amz-apigw-id: A8PCKE32oAMFSdg=
content-length: 1018
x-xss-protection: 1; mode=block
etag: W/"7ae-LiaXcgH/7zj74qXzBGu0g63dGZI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-trace-id: Root=1-63fb2ba7-1db04e531393858f37c7e78d;Sampled=0
x-amz-cf-id: _WW8fyCX7Spz-GfxOQRq5bLvoE5PD2yElRMUavWxoeuPEJHD4DOVgg==

OPTIONS
H2 204 tags
events.unitednaturals.com/public/ Frame 0
0 300ms
300ms Preflight 13.32.121.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.unitednaturals.com/public/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-4.fra60.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payment.unitednaturals.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 26 Feb 2023 09:51:34 GMT
vary: Access-Control-Request-Headers
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-apigw-id: A8PCGG25oAMFjpQ=
x-amz-cf-id: VYcRmKADxiJuVDd1ifzIkpuF4tkVst4TeE28MBqSsrPMoXwNlXYn9Q==
x-amz-cf-pop: FRA60-P1
x-amzn-remapped-content-length: 0
x-amzn-requestid: d6cce364-0632-494b-9aeb-db6e026cd34a
x-amzn-trace-id: Root=1-63fb2ba6-43d6ceda1ed8822574394b11;Sampled=0
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 204-f21f9e03b07c9e67af33.js Show response
payment.unitednaturals.com/_next/static/chunks/ 23 KB
9 KB 21ms
20ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/204-f21f9e03b07c9e67af33.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/webpack-cc041712a17fe78653c7.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f8aee292865c8b62eb733ad3ad9df064a6a8de5cb488a5e1703e18af6a4f4f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::n7gpp-1677405094780-d2230f3d26f7
age: 1596051
x-matched-path: /_next/static/chunks/204-f21f9e03b07c9e67af33.js
etag: W/"043b19e55a565978764022d5dfe9bb5e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="204-f21f9e03b07c9e67af33.js"

GET
H2 200 310-ae9391d7164acaade460.js Show response
payment.unitednaturals.com/_next/static/chunks/ 9 KB
3 KB 17ms
17ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/310-ae9391d7164acaade460.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/webpack-cc041712a17fe78653c7.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3d6ed564bdbd0cb42833acac8cae3f99b0d690bdbd08de4950f8ab090d0babfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::54pj4-1677405094783-c605533297d8
age: 1596051
x-matched-path: /_next/static/chunks/310-ae9391d7164acaade460.js
etag: W/"bd3ddcdb45b3ff393ff2c0813d48f5da"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="310-ae9391d7164acaade460.js"

GET
H2 200 417.564f0e6dcf5957119f5b.js Show response
payment.unitednaturals.com/_next/static/chunks/ 13 KB
5 KB 12ms
12ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/_next/static/chunks/417.564f0e6dcf5957119f5b.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/webpack-cc041712a17fe78653c7.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

505a626ca0acc0bea98b2bca98ca60f4dcdf5fdb675a7805348f6c64c1c425af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::bcw47-1677405094780-a8394c3bbc57
age: 1596051
x-matched-path: /_next/static/chunks/417.564f0e6dcf5957119f5b.js
etag: W/"9512213c9d33617e819ab3190590e006"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="417.564f0e6dcf5957119f5b.js"

GET
H/1.1 200
OK 9zCHvJIYR-thumbnail.png
upbio.s3.amazonaws.com/uploads/ 19 KB
19 KB 351ms
140ms Image
image/png 54.231.233.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upbio.s3.amazonaws.com/uploads/9zCHvJIYR-thumbnail.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.233.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e249d86c3b0513ca50fa4461016fcc13123673521df9b7e6fd6ada11930ac28a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 09:51:36 GMT
Last-Modified: Mon, 05 Apr 2021 08:37:22 GMT
Server: AmazonS3
x-amz-request-id: QF699EFG3J3YYKY9
ETag: "80469b0db20e0bf5c87fca4e01dd18a1"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19537
x-amz-id-2: XDEwGXkpCBgARFlEvGt65Ssa8a3fbQlK0OlJgfhBCnBIek2SfOw7+d+TYD1J0JSzk2WMzJXTMj8=

GET
H2 200 zOQ2ZQDlg Show response
api.unitednaturals.com/public/similar-sub-product/ 2 KB
1 KB 341ms
341ms XHR
application/json 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unitednaturals.com/public/similar-sub-product/zOQ2ZQDlg?country_code=US&coupon=
Requested by: Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: /
Resource Hash: fc1c5ddf43f6688bf2b15e1acd634e22aee94bb5a08666a9a82e31f725774ad5

Request headers

Accept: application/json, text/plain, */*
Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: gzip
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amzn-requestid: e997581e-88f2-4343-af54-6867c25fdf74
etag: W/"83e-M/XQuQCKmdciTRX9sErRgu31LgE"
vary: Accept-Encoding
x-amzn-trace-id: Root=1-63fb2ba7-6fa149113ea6d5e04a4cd7a7;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-funny: haughty hippopotamus 1.4.1
x-amz-apigw-id: A8PCJHcUIAMFR8Q=
content-length: 949
x-amz-cf-id: VDD0BirdxX_UtuD4f3-SpQ2oDxEQaOv__B8FzapZddQgsEtD7sT5ZQ==

GET
H2 200 fontello.woff2
payment.unitednaturals.com/assets/fonts/fontello/font/ 4 KB
4 KB 13ms
13ms Font
font/woff2 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.unitednaturals.com/assets/fonts/fontello/font/fontello.woff2?41631538

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/css/d1fdf99fa88d61b648ce.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

cfc53c34fa5d360258dbfb740eff621130a2dccd4e7999569d568d256beb0295

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://payment.unitednaturals.com/_next/static/css/d1fdf99fa88d61b648ce.css
Origin: https://payment.unitednaturals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::54pj4-1677405094791-143b0b8cb688
age: 1596050
x-matched-path: /assets/fonts/fontello/font/fontello.woff2
etag: "43959772bbe1c93f08954ae74365c4c0"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="fontello.woff2"
accept-ranges: bytes
content-length: 3588

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.8.2/ 103 KB
34 KB 490ms
423ms Script
application/javascript 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/vgs-collect.js?sessionId=d9034f1c-ef12-4459-b50a-dbe2d43491e5&tenantId=tntn9vlplui&env=live
Requested by: Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/204-f21f9e03b07c9e67af33.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2e9fbd027b31cb9672f4b6ce7f1803727b8e5d62e17d7bc2bbe13545869c2d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Ff_HR1im8ox8VYCQdM.j8l4Yn.tyxkku
Content-Encoding: gzip
Via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 09:51:36 GMT
X-Amz-Cf-Pop: FRA2-C1
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 24 Jun 2021 20:08:04 GMT
Server: AmazonS3
ETag: W/"c5edbf8b73bd678335907e038b15d755"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: 0S6mKdYgyrz3z8Uv-yMcEGSaSzX-_rjdkSe8xEYuylu9hXB0qPYs7A==

GET
H2 200 ico-visa@2x.png
payment.unitednaturals.com/assets/images/ccs/ 3 KB
4 KB 15ms
14ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment.unitednaturals.com/assets/images/ccs/ico-visa@2x.png

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9ceea15fb8d3d0bf107573de237f8a14abf29e19d343727addc866abe50309f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::54pj4-1677405094834-17a516662548
age: 1596050
x-matched-path: /assets/images/ccs/ico-visa@2x.png
etag: "3fd4c84674a818b1873e4ffd7dd22381"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="ico-visa@2x.png"
accept-ranges: bytes
content-length: 3536

GET
H2 200 ico-master@2x.png
payment.unitednaturals.com/assets/images/ccs/ 5 KB
5 KB 15ms
14ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment.unitednaturals.com/assets/images/ccs/ico-master@2x.png

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f7dbdd3dda15d7529c9a19f47e9f12c12613d6264bff8915ecfb42d79427011d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::n7gpp-1677405094835-f2a00f2bd2c8
age: 1596050
x-matched-path: /assets/images/ccs/ico-master@2x.png
etag: "a011d60ecbf1d8434e687e6b66237986"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="ico-master@2x.png"
accept-ranges: bytes
content-length: 4816

GET
H2 200 ico-discover@2x.png
payment.unitednaturals.com/assets/images/ccs/ 3 KB
4 KB 14ms
13ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment.unitednaturals.com/assets/images/ccs/ico-discover@2x.png

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7092c0972df0d40549cd448a4e2939b0a6bc2abc23f8529f5d0b5478829e1985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::bcw47-1677405094836-c3212f3993f7
age: 1596050
x-matched-path: /assets/images/ccs/ico-discover@2x.png
etag: "0f7aaa9ce05b0f40451953b564369a14"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="ico-discover@2x.png"
accept-ranges: bytes
content-length: 3429

GET
H2 200 ico-american-express@2x.png
payment.unitednaturals.com/assets/images/ccs/ 5 KB
5 KB 13ms
13ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment.unitednaturals.com/assets/images/ccs/ico-american-express@2x.png

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

381a65f50fd1004554fd6edf3cf90f2800bc2f876b6faa91ca89bf7e811482c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::fwsst-1677405094835-0cba633d3822
age: 99902
x-matched-path: /assets/images/ccs/ico-american-express@2x.png
etag: "aacf34a263ae9a3ee81cd55c63813f57"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="ico-american-express@2x.png"
accept-ranges: bytes
content-length: 5295

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ 0
160 B 294ms
92ms XHR
text/plain 52.203.83.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vgs-collect-keeper.apps.verygood.systems/vgs

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.83.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-83-237.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://payment.unitednaturals.com
date: Sun, 26 Feb 2023 09:51:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
content-length: 0
vary: Origin

POST
H2 200 / Show response
o453484.ingest.sentry.io/api/5442337/envelope/ 41 B
324 B 71ms
17ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o453484.ingest.sentry.io/api/5442337/envelope/?sentry_key=a737fc9c77e24ad0900591ad36b8cc86&sentry_version=7

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c95b783c2c42f562a93c12c456542530258a3ea75ecf98a3329bb8fbecf842cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 26 Feb 2023 09:51:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://payment.unitednaturals.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ 0
159 B 95ms
94ms XHR
text/plain 52.203.83.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vgs-collect-keeper.apps.verygood.systems/vgs

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/_next/static/chunks/pages/_app-742db82b32bc5bd70b2f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.83.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-83-237.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://payment.unitednaturals.com
date: Sun, 26 Feb 2023 09:51:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
content-length: 0
vary: Origin

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.8.2/lib/ Frame 7157 110 KB
35 KB 415ms
415ms Document
text/html 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/vgs-collect.js?sessionId=d9034f1c-ef12-4459-b50a-dbe2d43491e5&tenantId=tntn9vlplui&env=live
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 602e5b930023c8d4e07a85a806e568690030d02584be04c91c11f1b925ff578e

Request headers

Referer: https://payment.unitednaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 26 Feb 2023 09:51:36 GMT
ETag: W/"fcb15cffd1fbbae59c4518b2036155b0"
Last-Modified: Thu, 24 Jun 2021 20:08:06 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront), 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
X-Amz-Cf-Id: uxMtgljI5-lJ7qHkgVX8PaF_yclAv5px5ZXv_zYUdH2DrE0lGgGepw==
X-Amz-Cf-Pop: FRA60-P3 FRA2-C1
X-Cache: RefreshHit from cloudfront
x-amz-version-id: YCDItM6_jctWs_.B7tMrAH3j1eAjf2Hi

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.8.2/lib/ Frame 7FC2 110 KB
34 KB 416ms
399ms Document
text/html 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/vgs-collect.js?sessionId=d9034f1c-ef12-4459-b50a-dbe2d43491e5&tenantId=tntn9vlplui&env=live
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 602e5b930023c8d4e07a85a806e568690030d02584be04c91c11f1b925ff578e

Request headers

Referer: https://payment.unitednaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 26 Feb 2023 09:51:36 GMT
ETag: W/"fcb15cffd1fbbae59c4518b2036155b0"
Last-Modified: Thu, 24 Jun 2021 20:08:06 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront), 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CyUOhefDoGEQUDxBjxAdxyTwj3OVrLrQwHRUPkPeaTTiZuuK_05vWA==
X-Amz-Cf-Pop: FRA60-P3 FRA2-C1
X-Cache: Hit from cloudfront
x-amz-version-id: YCDItM6_jctWs_.B7tMrAH3j1eAjf2Hi

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.8.2/lib/ Frame 8165 110 KB
35 KB 412ms
395ms Document
text/html 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/vgs-collect.js?sessionId=d9034f1c-ef12-4459-b50a-dbe2d43491e5&tenantId=tntn9vlplui&env=live
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 602e5b930023c8d4e07a85a806e568690030d02584be04c91c11f1b925ff578e

Request headers

Referer: https://payment.unitednaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 26 Feb 2023 09:51:36 GMT
ETag: W/"fcb15cffd1fbbae59c4518b2036155b0"
Last-Modified: Thu, 24 Jun 2021 20:08:06 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront), 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
X-Amz-Cf-Id: zvJxmTMFcbBhxk7gXxxBlaSNif0DlmaRuPLVr_QIwZ1cI2PquawTKw==
X-Amz-Cf-Pop: FRA60-P3 FRA2-C1
X-Cache: Hit from cloudfront
x-amz-version-id: YCDItM6_jctWs_.B7tMrAH3j1eAjf2Hi

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.8.2/lib/ Frame 556E 110 KB
35 KB 407ms
389ms Document
text/html 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/vgs-collect.js?sessionId=d9034f1c-ef12-4459-b50a-dbe2d43491e5&tenantId=tntn9vlplui&env=live
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 602e5b930023c8d4e07a85a806e568690030d02584be04c91c11f1b925ff578e

Request headers

Referer: https://payment.unitednaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 26 Feb 2023 09:51:36 GMT
ETag: W/"fcb15cffd1fbbae59c4518b2036155b0"
Last-Modified: Thu, 24 Jun 2021 20:08:06 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront), 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 62zs-VQavFcWm6MWZWZtpK7F5UOcfEKXHx1CMsDdqaaFOrDcTNc_IQ==
X-Amz-Cf-Pop: FRA60-P3 FRA2-C1
X-Cache: Hit from cloudfront
x-amz-version-id: YCDItM6_jctWs_.B7tMrAH3j1eAjf2Hi

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.8.2/lib/ Frame 1185 110 KB
34 KB 405ms
388ms Document
text/html 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/vgs-collect.js?sessionId=d9034f1c-ef12-4459-b50a-dbe2d43491e5&tenantId=tntn9vlplui&env=live
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 602e5b930023c8d4e07a85a806e568690030d02584be04c91c11f1b925ff578e

Request headers

Referer: https://payment.unitednaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 26 Feb 2023 09:51:36 GMT
ETag: W/"fcb15cffd1fbbae59c4518b2036155b0"
Last-Modified: Thu, 24 Jun 2021 20:08:06 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront), 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: PHIK4NRcSuXVmfL6Oh88D4hoJHdZEqTIBDd9n3sgeREfYHa46yG3kQ==
X-Amz-Cf-Pop: FRA60-P3 FRA2-C1
X-Cache: Hit from cloudfront
x-amz-version-id: YCDItM6_jctWs_.B7tMrAH3j1eAjf2Hi

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 93AF 40 KB
12 KB 85ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 26 Feb 2023 09:51:34 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FEF9B188AEE4623898652FFC7DDEE8A Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 0B23 177 KB
65 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-404335994

Requested by

Host: static.unitednaturals.com
URL: https://static.unitednaturals.com/tagmanager/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4cf4b6157be20313955db5a3e5be8a16517ea142625956ce3759412d721afefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66045
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Feb 2023 09:51:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame DA10 106 KB
28 KB 42ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 26 Feb 2023 09:51:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +k9Ss8l1hJpo0yY58HNtq2p33YibcpxEF8EfRqyTg9wtXTlDWai3ogNwfQE6S75qVl5rGPBpLboZYeiQTeZKtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame 9C56 43 KB
14 KB 95ms
34ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: static.unitednaturals.com
URL: https://static.unitednaturals.com/tagmanager/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4ff41625f9d1e150a371ac721c45aefb3be794cd4149116c86d399b34a69e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 21 Feb 2023 08:58:02 GMT
server: nginx
etag: W/"63f4879a-ac64"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Feb 2023 09:51:35 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 310E 111 KB
44 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-157688124-1

Requested by

Host: static.unitednaturals.com
URL: https://static.unitednaturals.com/tagmanager/bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e8ffdbb04c4fcd300db98f16cf0c651e546a9f602a6fc5629e225e4c0e77a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44564
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Feb 2023 09:51:35 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6E4C 130 KB
50 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-654994687

Requested by

Host: static.unitednaturals.com
URL: https://static.unitednaturals.com/tagmanager/bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00fd0a9648fd96fcf387171ce923306d15528887d87bc6bcdb6c0603e03414f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Feb 2023 09:51:35 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 4745 40 KB
12 KB 33ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 26 Feb 2023 09:51:34 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 74C527385C1B496581D87B6109142AAB Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 815C 40 KB
12 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 26 Feb 2023 09:51:34 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DCA0181B722C45CB97B15660367AEBD7 Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F006 177 KB
65 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-404335994

Requested by

Host: static.unitednaturals.com
URL: https://static.unitednaturals.com/tagmanager/bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31bac14720d2aef8116ebb345619f9e624c23aa95eeb48c3a8a9106e07f17c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66053
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Feb 2023 09:51:35 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 527C 40 KB
12 KB 43ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 26 Feb 2023 09:51:34 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2EF96A61ED7F45E0958A681DF9B9E33D Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7036 216 KB
76 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W76M3KXVGN

Requested by

Host: static.unitednaturals.com
URL: https://static.unitednaturals.com/tagmanager/bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bbbb08331a704b49d5722330df53dfdd25e31d225d01d892ceda55339880731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77953
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 Feb 2023 09:51:35 GMT

GET
H2 200 138197191225035 Show response
connect.facebook.net/signals/config/ Frame DA10 379 KB
108 KB 232ms
229ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/138197191225035?v=2.9.97&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03cc0faa7038eaf8fbbfc696b793e795dd0bfdf24980faf888195664f000192e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 26 Feb 2023 09:51:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ondn+WFBu0TavCM/rCgDCd43J7AUCklyBqQNZwsAVVDuM8m8O8odgnXyioDGlz6kXvU1jFw/wVeb5GWyeOvTTQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/654994687/ Frame 6E4C 2 KB
1 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/654994687/?random=1677405095507&cv=11&fst=1677405095507&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&auid=605371208.1677405096&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-654994687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6adf99814d85927e276911b2412a56598b3b96a01ca0ccd43ddc31f3a1f4d7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 862
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 310E 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157688124-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 09:12:19 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2356
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 26 Feb 2023 11:12:19 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/404335994/ Frame 0B23 2 KB
1 KB 70ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404335994/?random=1677405095532&cv=11&fst=1677405095532&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&auid=605371208.1677405096&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-404335994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc6c7d1563826e3687d086d63ef13aac94117b97cdd177006cc301c8e5ff063a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 863
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/404335994/ Frame 0B23 2 KB
2 KB 66ms
20ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/404335994/?random=1677405095546&cv=11&fst=1677405095546&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&label=vQCCCPT0kcMCEPra5sAB&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&gtm_ee=1&auid=605371208.1677405096&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-404335994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9f44a79b26f236828cb73bf838e85e3bd732dfa032fd2674c3d7c1e3b9a095a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1165
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 56336166.js Show response
bat.bing.com/p/action/ Frame 93AF 0
136 B 120ms
119ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56336166.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 26 Feb 2023 09:51:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B1DBE69D47B24D52977A424A0DBBDA41 Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 93AF 0
288 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56336166&Ver=2&mid=79005141-acac-4586-a1ec-70bab40f996a&sid=28272860b5bb11ed8917670ca29960b7&vid=282768b0b5bb11ed9dd5a99b19ae756f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpayment.unitednaturals.com%2F&r=&lt=11&evt=pageLoad&ifm=1&sv=1&rn=894918

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 26 Feb 2023 09:51:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C870FC8CE7E14A9CBBD8E6CF4322F3A6 Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ Frame 93AF 0
230 B 41ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56336166&Ver=2&mid=79005141-acac-4586-a1ec-70bab40f996a&sid=28272860b5bb11ed8917670ca29960b7&vid=282768b0b5bb11ed9dd5a99b19ae756f&vids=0&msclkid=N&ec=add-to-cart&el=add-to-cart&ev=0&ea=add-to-cart&en=Y&sw=1600&sh=1200&sc=24&evt=custom&ifm=1&rn=378631

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 26 Feb 2023 09:51:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 846ECA4662544681B15AEE8CCFF449AA Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25140287.js Show response
bat.bing.com/p/action/ Frame 4745 0
118 B 123ms
123ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25140287.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 26 Feb 2023 09:51:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 93AFE38A63D148E5970463E8386A0211 Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 4745 0
229 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25140287&Ver=2&mid=17e5e6a5-514b-4ceb-94b6-ea119a69d897&sid=28272860b5bb11ed8917670ca29960b7&vid=282768b0b5bb11ed9dd5a99b19ae756f&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpayment.unitednaturals.com%2F&r=&lt=5&evt=pageLoad&ifm=1&sv=1&rn=876801

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 26 Feb 2023 09:51:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 303FB1413E764FE68536609980972345 Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 56336166.js Show response
bat.bing.com/p/action/ Frame 815C 0
118 B 110ms
110ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56336166.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 26 Feb 2023 09:51:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 41E90CBE382740A5A389D4F7D622698C Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 815C 0
229 B 49ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56336166&Ver=2&mid=eba0a280-bbde-43bb-88d0-be112c8ce8ea&sid=28272860b5bb11ed8917670ca29960b7&vid=282768b0b5bb11ed9dd5a99b19ae756f&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpayment.unitednaturals.com%2F&r=&lt=3&evt=pageLoad&ifm=1&sv=1&rn=962283

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 26 Feb 2023 09:51:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 56E954FFA3E74E1CBF6E46D58E28492D Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/404335994/ Frame F006 2 KB
1 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404335994/?random=1677405095593&cv=11&fst=1677405095593&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&auid=605371208.1677405096&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-404335994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbfca0899cfde672e0fc109a6cf61d71f7cebc054afce521c0af15555fe4905d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 861
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 13017229.js Show response
bat.bing.com/p/action/ Frame 527C 0
118 B 111ms
110ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13017229.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 26 Feb 2023 09:51:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C432D531B7B84730AA5486D331CC46E3 Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 527C 0
120 B 61ms
61ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13017229&Ver=2&mid=1c177e98-7151-4143-a4a1-97ba102d4ae0&sid=28272860b5bb11ed8917670ca29960b7&vid=282768b0b5bb11ed9dd5a99b19ae756f&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpayment.unitednaturals.com%2F&r=&lt=4&evt=pageLoad&ifm=1&sv=1&rn=775461

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 26 Feb 2023 09:51:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 427673A9EF334659A2191826A0A86722 Ref B: FRA31EDGE0110 Ref C: 2023-02-26T09:51:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 7036 0
261 B 39ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W76M3KXVGN&gtm=45je32m0&_p=1938094772&cid=1981593592.1677405094&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677405095&sct=1&seg=0&dl=https%3A%2F%2Fpayment.unitednaturals.com%2F&dr=https%3A%2F%2Fpayment.unitednaturals.com%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W76M3KXVGN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.unitednaturals.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 310E 2 B
22 B 44ms
43ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1605852711&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.unitednaturals.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QAGAAUABAAAAACAAI~&jid=1529136516&gjid=2102902515&cid=1981593592.1677405094&tid=UA-157688124-1&_gid=533244735.1677405094&_r=1&gtm=457e32m0&z=681607614

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.unitednaturals.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7F0F 15 KB
6 KB 57ms
20ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=payment.unitednaturals.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://payment.unitednaturals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 09:51:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 924195
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
www.google.com/pagead/1p-user-list/654994687/ Frame 6E4C 42 B
154 B 50ms
46ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/654994687/?random=1677405095507&cv=11&fst=1677402000000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3046399233&rmt_tld=0&ipr=y

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/654994687/ Frame 6E4C 42 B
108 B 24ms
21ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/654994687/?random=1677405095507&cv=11&fst=1677402000000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3046399233&rmt_tld=1&ipr=y

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/404335994/ Frame 0B23
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404335994/?random=669050677&cv=11&fst=1677405095546&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&label=vQCCCPT0kcMCEPra5...
https://www.google.com/pagead/1p-conversion/404335994/?random=669050677&cv=11&fst=1677405095546&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&label=vQCCCPT0kcMCEPra5sAB&hn=www.googleadse...
https://www.google.de/pagead/1p-conversion/404335994/?random=669050677&cv=11&fst=1677405095546&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&label=vQCCCPT0kcMCEPra5sAB&hn=www.googleadser...

42 B
64 B

25ms
24ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/404335994/?random=669050677&cv=11&fst=1677405095546&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&label=vQCCCPT0kcMCEPra5sAB&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&gtm_ee=1&auid=605371208.1677405096&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tQc253WVF0ZlduOFppTjYtVTFFaVVBdkFyRjlINXhTa2ZSd3R3alk4bmRZbVl4T0owRkdDNFdkQTRvN2lmVDJwNjVMeHIzGldDaEFJZ0tQc253WVFqNmU5eVpTbzhLcHRFaTBBblZNZWNobS1SMl8tWm1ZNk9QQ2pZR2pHdERRNGNFQXNpVTJWcFp2dlZTU3RPRnN1Tk00NGpWbVo4NlU&is_vtc=1&ocp_id=pyv7Y9TWJKeuzAbUsKyAAg&cid=CAQSKQDUE5ymLuzMLJDrscmmajFtHza1Wo_9BpJiFx1a1WVrLGq8QlXspYHg&random=1129992180&ipr=y&prhg=0

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/404335994/?random=669050677&cv=11&fst=1677405095546&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&label=vQCCCPT0kcMCEPra5sAB&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&gtm_ee=1&auid=605371208.1677405096&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tQc253WVF0ZlduOFppTjYtVTFFaVVBdkFyRjlINXhTa2ZSd3R3alk4bmRZbVl4T0owRkdDNFdkQTRvN2lmVDJwNjVMeHIzGldDaEFJZ0tQc253WVFqNmU5eVpTbzhLcHRFaTBBblZNZWNobS1SMl8tWm1ZNk9QQ2pZR2pHdERRNGNFQXNpVTJWcFp2dlZTU3RPRnN1Tk00NGpWbVo4NlU&is_vtc=1&ocp_id=pyv7Y9TWJKeuzAbUsKyAAg&cid=CAQSKQDUE5ymLuzMLJDrscmmajFtHza1Wo_9BpJiFx1a1WVrLGq8QlXspYHg&random=1129992180&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/404335994/ Frame 0B23 42 B
108 B 50ms
47ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/404335994/?random=1677405095532&cv=11&fst=1677402000000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3353905467&rmt_tld=0&ipr=y

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/404335994/ Frame 0B23 42 B
154 B 23ms
20ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/404335994/?random=1677405095532&cv=11&fst=1677402000000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3353905467&rmt_tld=1&ipr=y

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 310E 4 B
70 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-157688124-1&cid=1981593592.1677405094&jid=1529136516&gjid=2102902515&_gid=533244735.1677405094&_u=QAGAAUAAAAAAACAAI~&z=17008719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.unitednaturals.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 26 Feb 2023 09:51:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.unitednaturals.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/404335994/ Frame F006 42 B
108 B 48ms
47ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/404335994/?random=1677405095593&cv=11&fst=1677402000000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1832491260&rmt_tld=0&ipr=y

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/404335994/ Frame F006 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/404335994/?random=1677405095593&cv=11&fst=1677402000000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fpayment.unitednaturals.com%2F&ref=https%3A%2F%2Fpayment.unitednaturals.com%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1832491260&rmt_tld=1&ipr=y

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 310E 42 B
63 B 56ms
56ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-157688124-1&cid=1981593592.1677405094&jid=1529136516&_u=QAGAAUAAAAAAACAAI~&z=1588919109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 310E 42 B
63 B 33ms
32ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-157688124-1&cid=1981593592.1677405094&jid=1529136516&_u=QAGAAUAAAAAAACAAI~&z=1588919109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7F0F
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=unitednaturals.com&sn=ChromeSyncframe&so=0&topUrl=payment.unitednaturals.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=O8Kkd3x0MC9vSVQ4VlM3UXpaeStRdFVUUjkzN0tFKzREWm44MGVxWnVITG4xTTlVcEJWZ1ZQUHRwZDZRUGptMG03Wkx2KzNPanlFWk5DRzFrSDlOeEpzSGl5YUNpMkNLWG5oVkRoOTdaT3duRCtYdHUvVmNmekwzb1k4dm...

460 B
697 B

318ms
23ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=O8Kkd3x0MC9vSVQ4VlM3UXpaeStRdFVUUjkzN0tFKzREWm44MGVxWnVITG4xTTlVcEJWZ1ZQUHRwZDZRUGptMG03Wkx2KzNPanlFWk5DRzFrSDlOeEpzSGl5YUNpMkNLWG5oVkRoOTdaT3duRCtYdHUvVmNmekwzb1k4dmh4Vk55ck4vQzJxTnl2MmE2cXpBU053NzBZcUEwZWw0VTROMDMwMHowRUhHaHliMmJOT2dvZko0UlFNSFdqSjBWdTJhVFJ6SnRHZUc2aldMQ1lvaEk1VW5QVVRZcmhDd0RoMXIrajJVdmtoc3JRbGpMOUZta2dOMkhzWHJEWkE5MElqT3k1MUQ3UnJ2Zkx2aWFJSXdCNlZJYjNLZ29UZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

742c45b9baa47c7bce5ea81fed0b896a881e1cc7ce3d2d3f6571cdf99d8861a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2558853
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=O8Kkd3x0MC9vSVQ4VlM3UXpaeStRdFVUUjkzN0tFKzREWm44MGVxWnVITG4xTTlVcEJWZ1ZQUHRwZDZRUGptMG03Wkx2KzNPanlFWk5DRzFrSDlOeEpzSGl5YUNpMkNLWG5oVkRoOTdaT3duRCtYdHUvVmNmekwzb1k4dmh4Vk55ck4vQzJxTnl2MmE2cXpBU053NzBZcUEwZWw0VTROMDMwMHowRUhHaHliMmJOT2dvZko0UlFNSFdqSjBWdTJhVFJ6SnRHZUc2aldMQ1lvaEk1VW5QVVRZcmhDd0RoMXIrajJVdmtoc3JRbGpMOUZta2dOMkhzWHJEWkE5MElqT3k1MUQ3UnJ2Zkx2aWFJSXdCNlZJYjNLZ29UZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 498345
content-length: 0
expires: 0

GET
H/1.1 200
OK application.a15fb8420d24d6cf4a07.modern.js Show response
js.verygoodvault.com/vgs-collect/2.8.2/lib/ Frame 7157 292 KB
94 KB 435ms
435ms Script
application/javascript 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b5c6c3731464514cfea7fb3fbe17c8e3aa5792c39eda56a4ff2dcd5563fc67b

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 8UZRKPi_ILDaB4lFKfKernSm5DLH2pAy
Content-Encoding: gzip
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 09:51:37 GMT
X-Amz-Cf-Pop: FRA2-C1
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 24 Jun 2021 20:08:06 GMT
Server: AmazonS3
ETag: W/"062555871a4ab607f9244cf02e448ba3"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: hZonznqeVrLD3JQHto7RELkQpXsivjlrBW0a0oknSzUkgdnt9cB6Gw==

GET
H/1.1 200
OK application.a15fb8420d24d6cf4a07.modern.js Show response
js.verygoodvault.com/vgs-collect/2.8.2/lib/ Frame 1185 292 KB
94 KB 424ms
424ms Script
application/javascript 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b5c6c3731464514cfea7fb3fbe17c8e3aa5792c39eda56a4ff2dcd5563fc67b

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 8UZRKPi_ILDaB4lFKfKernSm5DLH2pAy
Content-Encoding: gzip
Via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 09:51:37 GMT
X-Amz-Cf-Pop: FRA2-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 24 Jun 2021 20:08:06 GMT
Server: AmazonS3
ETag: W/"062555871a4ab607f9244cf02e448ba3"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: 1bZKDBqzwyHnkI7IYNHZZHz3hDMA3F3971dHNzTCcAMdMtW-e_Oc0A==

GET
H/1.1 200
OK application.a15fb8420d24d6cf4a07.modern.js Show response
js.verygoodvault.com/vgs-collect/2.8.2/lib/ Frame 556E 292 KB
94 KB 413ms
413ms Script
application/javascript 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b5c6c3731464514cfea7fb3fbe17c8e3aa5792c39eda56a4ff2dcd5563fc67b

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 8UZRKPi_ILDaB4lFKfKernSm5DLH2pAy
Content-Encoding: gzip
Via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 09:51:37 GMT
X-Amz-Cf-Pop: FRA2-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 24 Jun 2021 20:08:06 GMT
Server: AmazonS3
ETag: W/"062555871a4ab607f9244cf02e448ba3"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: Kc_KSZwoiTAO4Q5O9G1y7699wriRFK1FjtAgDoHY14MRfJJbvjT0hw==

GET
H/1.1 200
OK application.a15fb8420d24d6cf4a07.modern.js Show response
js.verygoodvault.com/vgs-collect/2.8.2/lib/ Frame 8165 292 KB
94 KB 401ms
401ms Script
application/javascript 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b5c6c3731464514cfea7fb3fbe17c8e3aa5792c39eda56a4ff2dcd5563fc67b

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 8UZRKPi_ILDaB4lFKfKernSm5DLH2pAy
Content-Encoding: gzip
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 09:51:37 GMT
X-Amz-Cf-Pop: FRA2-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 24 Jun 2021 20:08:06 GMT
Server: AmazonS3
ETag: W/"062555871a4ab607f9244cf02e448ba3"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: Jp0W6QxJVhvGcs5tmalCxKQlpFuB8apYSq5q_ZzdyZyTE-7tn2Z2eg==

GET
H/1.1 200
OK application.a15fb8420d24d6cf4a07.modern.js Show response
js.verygoodvault.com/vgs-collect/2.8.2/lib/ Frame 7FC2 292 KB
94 KB 391ms
390ms Script
application/javascript 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b5c6c3731464514cfea7fb3fbe17c8e3aa5792c39eda56a4ff2dcd5563fc67b

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 8UZRKPi_ILDaB4lFKfKernSm5DLH2pAy
Content-Encoding: gzip
Via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 09:51:37 GMT
X-Amz-Cf-Pop: FRA2-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 24 Jun 2021 20:08:06 GMT
Server: AmazonS3
ETag: W/"062555871a4ab607f9244cf02e448ba3"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: n4VCupbDME-oBT2vn3MldjJGQSrJ_goUCecfYe2HDMUB9ia2APVF1w==

GET
H2 200 /
www.facebook.com/tr/ Frame DA10 0
185 B 55ms
12ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=138197191225035&ev=AddToCart&dl=https%3A%2F%2Fpayment.unitednaturals.com%2F&rl=https%3A%2F%2Fpayment.unitednaturals.com%2F&if=true&ts=1677405095887&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&fbp=fb.1.1677405095886.1152724475&it=1677405095488&coo=false&eid=event.0.18727460728633072&rqm=GET

Requested by

Host: payment.unitednaturals.com
URL: https://payment.unitednaturals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 26 Feb 2023 09:51:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

event Show response
widget.us.criteo.com/ Frame 9C56
Redirect Chain

https://sslwidget.criteo.com/event?a=59443&v=5.14.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p2=e%3Ddis&adce=1&bundle=IokQiF9DNTRzTEV0SmExWEFa...
https://widget.us.criteo.com/event?a=59443&v=5.14.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p2=e%3Ddis&adce=1&bundle=IokQiF9DNTRzTEV0SmExWEFa...

8 KB
4 KB

349ms
113ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=59443&v=5.14.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p2=e%3Ddis&adce=1&bundle=IokQiF9DNTRzTEV0SmExWEFaWEQ3QTI1blZPVEJ1QTRkN3dlbHJNTERGMk9sbkxTU2VnMUtCUXJBSkdLaUlkaiUyQkRoUWh5OG5HV3F6SmhvanVZeGdUbCUyRmNUaWpIUEFjeTh5eFZIa0ZzbTB0WSUyQmhzWGtwYTh3ZVl6dXVVVWRWR1VXSzElMkJlZE5aUjVFZGRpOWI2YmJpRTYwcGFrdFFqSElLNjdza0ZvJTJGNUk4V1dyQSUyQlklM0Q&tld=unitednaturals.com&fu=https%253A%252F%252Fpayment.unitednaturals.com%252F&dtycbr=8307

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

33657dbaa7b3e6b2d27761a0e4a9099fce2244ae0f6b3cce4250b325600fd8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 20452980
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=59443&v=5.14.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p2=e%3Ddis&adce=1&bundle=IokQiF9DNTRzTEV0SmExWEFaWEQ3QTI1blZPVEJ1QTRkN3dlbHJNTERGMk9sbkxTU2VnMUtCUXJBSkdLaUlkaiUyQkRoUWh5OG5HV3F6SmhvanVZeGdUbCUyRmNUaWpIUEFjeTh5eFZIa0ZzbTB0WSUyQmhzWGtwYTh3ZVl6dXVVVWRWR1VXSzElMkJlZE5aUjVFZGRpOWI2YmJpRTYwcGFrdFFqSElLNjdza0ZvJTJGNUk4V1dyQSUyQlklM0Q&tld=unitednaturals.com&fu=https%253A%252F%252Fpayment.unitednaturals.com%252F&dtycbr=8307
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15076303
timing-allow-origin: *
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame 7FC2 557 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK visa.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
1 KB 22ms
8ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/visa.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: H.lNoG4vwL1ej33_03.Q4hw1WNRfkp4C
Content-Encoding: gzip
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 04:41:20 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 18617
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"bf0e3c7ebdd4f91c9ef36fefa89822e9"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: PxmPNVm7oa3mHhc360mJazzvZQi21KrCWZ3HuYDfeZy5ShsyII4AfA==

GET
H/1.1 200
OK visa-electron.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
2 KB 24ms
10ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/visa-electron.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: MgNF_FMVP1IvFHrPIq8AALFoZu_j7TtV
Content-Encoding: gzip
Via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 05:45:39 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 14950
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"c962f159de73e843c20331630bc3cd07"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 1nueW7a28Mz_6tdv17VdGvkV3ALM16-kNagRqYOp111wxT8I5xfldw==

GET
H/1.1 200
OK amex.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
1 KB 20ms
9ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/amex.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: ItVZhXC517ZMCtDQ0ErslqkZpDw4TP_K
Content-Encoding: gzip
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 03:41:07 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 22229
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"d76aac2504772a3c74494f11fd18d87f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: orHiffOJKVAZzuEUWmfK0ve4SeFLUbLElS1EeAZPS8hkHwKnGi2EzQ==

GET
H/1.1 200
OK maestro.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
4 KB 18ms
8ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/maestro.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 1_p31LpzRSjwSiLiTYV71TUVe9IpUn9e
Content-Encoding: gzip
Via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 03:45:21 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 21975
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"3625c25fe4e71c0daa524694d3b3d2e2"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 641-NiVwC3OdEwzxz3pGEKMZbfhMl4xFayRFn8sy2n12vHwITOa9PA==

GET
H/1.1 200
OK mastercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
1 KB 17ms
8ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/mastercard.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: PU9xtdz3b.d2kDLc5M1BB7mi5YpUwVDj
Content-Encoding: gzip
Via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 02:49:17 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 25340
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"8baef8cd0813bb42fe4bd99adf195035"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: ZuNE_osdrfOtzul-5uKKYK0_c_qv7ECpwS0gEyKW6M-JtIaw1yP1KA==

GET
H/1.1 200
OK unionpay.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
5 KB 29ms
8ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/unionpay.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: G6Y4bx8_pMrmOjFIicD1hgmIdROiurIv
Content-Encoding: gzip
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 07:13:08 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 9609
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"01249c1708efa3c5c18a35778f20207b"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: O1Z2lY8AJiM0l3aTX4iFT4v3r5pgHEtfRGVsbi7Disth-hFy6qFVyQ==

GET
H/1.1 200
OK meeza.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
7 KB 10ms
9ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/meeza.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: fIKvFE1HubfUWhiWGE6EdQYTnLAnJ9MH
Content-Encoding: gzip
Via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 03:53:51 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 21466
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"07e73ffeb1e07b87f158e34e9900bd96"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 0LvMfVCQWiqRT_lRXooPMZOJ0piSzbYDFHOOuJIgKmg9G3517ocyYQ==

GET
H/1.1 200
OK jcb.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
2 KB 11ms
11ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/jcb.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: QmKwMQRUu5GGnar6U1.XDYKwXr9GTt4E
Content-Encoding: gzip
Via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 07:17:40 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 9297
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"afc9c9bd9dd25718d84aa1b295e3cd4f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: Et-ath8oYdOv2dKEPCVGsaQDJjGMAPcv6Z569CnUV2q2rI9yoonTpA==

GET
H/1.1 200
OK hipercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
3 KB 10ms
10ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/hipercard.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: wESZZuki93YD2Y88rRKC5LDYBxi8XywO
Content-Encoding: gzip
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 05:14:17 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 16640
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"39424aebb87e84c688d70ebf51e5cec6"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: PVLcQwJ5DcMN9n-D4ne31d3fFXaINloGlthYB38-8JN64x2s-sN3xg==

GET
H/1.1 200
OK forbrugsforeningen.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
2 KB 9ms
8ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/forbrugsforeningen.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: iffR3o1DDLBtfD6DUK07BGzKAQQ9SkB1
Content-Encoding: gzip
Via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 08:54:02 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 3455
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"0e30901c80583be81a54ad19e75340a7"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: t2fAT9uXB-x-DVg0yfMhZOKBkWobhH7XchYxiPqtxOf-mrYAo52kHA==

GET
H/1.1 200
OK elo.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
2 KB 11ms
9ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/elo.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: SZ2jJtdJs0WLGiaIwIjXub4ID5pKkMH_
Content-Encoding: gzip
Via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
Date: Sat, 25 Feb 2023 10:15:22 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 85041
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"2819c6f92cfc42b73058a840aba885a7"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: lYfnkTeSyMSfYiT8oPEge-gEwC9ew09VItnudlHV-YEq1ginxxphUA==

GET
H/1.1 200
OK discover.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
2 KB 10ms
9ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/discover.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 47gYKG16RG7X_h0fKEEIboeS2mmCMeYz
Content-Encoding: gzip
Via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 06:33:47 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 11870
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"5bd5bab591da0ad8f328376e0f9ebe29"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: w9gZtoAyq86Lmrl3PSu9z9teEJBX8RRjZl5trXRELyUYp0rCG5xAZQ==

GET
H/1.1 200
OK diners-club.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
1 KB 11ms
10ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/diners-club.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: GmZUrCmUOwT9x.EL1h3aTKcLFhZAn.Ls
Content-Encoding: gzip
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 09:30:56 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 1240
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"39a2c40eee9103f96fab5bc8d3dbbeb8"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: x20Sp5mAOW6WNL_IUXLDUiiL3lQzaxc1yVp3nGH5Pt8jH3KupLYXlQ==

GET
H/1.1 200
OK dankort.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 7FC2 0
1 KB 10ms
9ms Other
image/svg+xml 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/dankort.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: L7PgpoDJdtbcwmCNdHkqIlTpNlkZVtdK
Content-Encoding: gzip
Via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
Date: Sun, 26 Feb 2023 05:45:41 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 14756
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"5a58f174478046c4d7105db80bb660f0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: uRGVLmCj-pt8MnGsJCDAP33POd-qFOm156SU4EU0H1fFLfgmaHo12w==

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 3787
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-j0cxVcBL0YT6eNn9ZvOfudPRkZ8sT8K8iHGbQw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-j0cxVcBL0YT6eNn9ZvOfudPRkZ8sT8K8iHGbQw&expires=30

43 B
345 B

15ms
15ms

Image
image/gif

3.74.185.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-j0cxVcBL0YT6eNn9ZvOfudPRkZ8sT8K8iHGbQw&expires=30
Protocol: H2
Server: 3.74.185.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-185-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-j0cxVcBL0YT6eNn9ZvOfudPRkZ8sT8K8iHGbQw&expires=30
date: Sun, 26 Feb 2023 09:51:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3787
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RPXjDcBL0YT6eNn9ZvOfudPRkZ_pPiJmRtFMNQ&google_cm&google_hm=ay1SUFhqRGNCTDBZVDZlTm45WnZPZnVkUFJrWl9wUGlKb...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RPXjDcBL0YT6eNn9ZvOfudPRkZ_pPiJmRtFMNQ&google_gid=CAESEKEC3551IuIIHGDxtTys8LI&google_cver=1&google_ula=913071,0

43 B
370 B

365ms
26ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RPXjDcBL0YT6eNn9ZvOfudPRkZ_pPiJmRtFMNQ&google_gid=CAESEKEC3551IuIIHGDxtTys8LI&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1502170
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RPXjDcBL0YT6eNn9ZvOfudPRkZ_pPiJmRtFMNQ&google_gid=CAESEKEC3551IuIIHGDxtTys8LI&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3787
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1212369525395259813

43 B
371 B

386ms
25ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1212369525395259813

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1185539
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 26 Feb 2023 09:51:36 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 05066089-3b42-483d-8bfb-321a875000e3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1212369525395259813
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 3787 237 B
980 B 148ms
59ms Image
image/gif 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-1auzJ8BL0YT6eNn9ZvOfudPRkZ9_yJv38NZZXg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 09:51:36 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Sun, 26 Feb 2023 09:51:36 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 3787 0
239 B 101ms
11ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-bHdMkcBL0YT6eNn9ZvOfudPRkZ-iLM7qsTQtZQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 3787 0
35 B 81ms
10ms Image
text/plain 18.198.123.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-BRfpZ8BL0YT6eNn9ZvOfudPRkZ-fWo1X8R7H3w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.123.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-123-15.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:36 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 3787 43 B
163 B 110ms
25ms Image
image/gif 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-hA8tTMBL0YT6eNn9ZvOfudPRkZ9fsGJPfKW_fw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:36 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3787 0
99 B 73ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-4eYK5cBL0YT6eNn9ZvOfudPRkZ_E7LJmVfRt8A
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:36 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13048

GET
H2 200 um
criteo-sync.teads.tv/ Frame 3787 23 B
172 B 185ms
63ms Image
image/gif 23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-JHDensBL0YT6eNn9ZvOfudPRkZ80zu1Jakp5xA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 26 Feb 2023 09:51:36 GMT
pragma: no-cache
date: Sun, 26 Feb 2023 09:51:36 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 3787 37 B
140 B 66ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-4uKkCMBL0YT6eNn9ZvOfudPRkZ8rK-YFnrKB7w&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 3787
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QLjoDcBL0YT6eNn9ZvOfudPRkZ98rRCsW5jGhQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QLjoDcBL0YT6eNn9ZvOfudPRkZ98rRCsW5jGhQ&verify=true

0
121 B

14ms
14ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QLjoDcBL0YT6eNn9ZvOfudPRkZ98rRCsW5jGhQ&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QLjoDcBL0YT6eNn9ZvOfudPRkZ98rRCsW5jGhQ&verify=true
date: Sun, 26 Feb 2023 09:51:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 3787 43 B
162 B 111ms
21ms Image
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-ETallsBL0YT6eNn9ZvOfudPRkZ9B86lqJq0QDg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:36 GMT
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
server: nginx
accept-ranges: bytes
etag: "62e27c81-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 3787 49 B
235 B 93ms
21ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-LCvV3cBL0YT6eNn9ZvOfudPRkZ9eV4unBneH_A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:36 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 3787
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-hSBz2cBL0YT6eNn9ZvOfudPRkZ_BmUWIgzgvYQ&seg=130915
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-hSBz2cBL0YT6eNn9ZvOfudPRkZ_BmUWIgzgvYQ%26seg%3D130915

43 B
1 KB

16ms
16ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-hSBz2cBL0YT6eNn9ZvOfudPRkZ_BmUWIgzgvYQ%26seg%3D130915

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 09:51:36 GMT
AN-X-Request-Uuid: 4954daf6-1867-4664-af21-53e8ebe1e42a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 09:51:36 GMT
AN-X-Request-Uuid: 1c56e1d8-e338-4171-bac4-fd446e54e57d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-hSBz2cBL0YT6eNn9ZvOfudPRkZ_BmUWIgzgvYQ%26seg%3D130915
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
r.casalemedia.com/ Frame 3787
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-w3ij6cBL0YT6eNn9ZvOfudPRkZ8JBsqP4ga9_Q
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-w3ij6cBL0YT6eNn9ZvOfudPRkZ8JBsqP4ga9_Q&C=1

43 B
328 B

25ms
25ms

Image
image/gif

104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-w3ij6cBL0YT6eNn9ZvOfudPRkZ8JBsqP4ga9_Q&C=1
Protocol: H2
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0v45oYHfFuU0j51c4%2F%2Fd9tekGXT4UjumPt4rq49zyNOrlwogEd6ZVlN1l7HUOIF%2FcgYpKx74K8z7Ze4jQT%2B3YD1PWkAGxtKgjNIrYg7SPRPYykJLDh6b9ehKGNy1NWNwks%2B"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79f7c87fdb343688-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYJf9npEB4QulgbTeYQiYaZU74YYgUHGBynIWQwi0aXZbhobmlLruCO3LbsJf6ibFxLYuSqybbcKDbB8%2BLzOubz43yhUNUvbsA4%2Fptet86ldGUrmOGWQ3Y6g4sAQARO3L3J%2B"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-w3ij6cBL0YT6eNn9ZvOfudPRkZ8JBsqP4ga9_Q&C=1
cache-control: no-cache
cf-ray: 79f7c87faad43688-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 3787
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Ma37feJgkCZEWkZN1w5E-QVdz3b-hgCb
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ma37feJgkCZEWkZN1w5E-QVdz3b-hgCb

42 B
942 B

35ms
34ms

Image
image/gif

3.248.76.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ma37feJgkCZEWkZN1w5E-QVdz3b-hgCb

Protocol

HTTP/1.1

Server

3.248.76.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-76-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0725af682.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: auU/Q3QaQ/Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v046-097336e4c.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qOUk7VdWTL8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ma37feJgkCZEWkZN1w5E-QVdz3b-hgCb
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 3787 43 B
1 KB 44ms
8ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-zuZydcBL0YT6eNn9ZvOfudPRkZ_q-TjFr4EqiQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 26 Feb 2023 09:51:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 3787
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-mPgB9sBL0YT6eNn9ZvOfudPRkZ8avarxMX2Zqg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-mPgB9sBL0YT6eNn9ZvOfudPRkZ8avarxMX2Zqg

43 B
447 B

12ms
12ms

Image
image/gif

52.59.64.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-mPgB9sBL0YT6eNn9ZvOfudPRkZ8avarxMX2Zqg
Protocol: H2
Server: 52.59.64.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-64-86.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 26 Feb 2023 09:51:37 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-mPgB9sBL0YT6eNn9ZvOfudPRkZ8avarxMX2Zqg
date: Sun, 26 Feb 2023 09:51:37 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 3787 42 B
274 B 55ms
18ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-ukSVsMBL0YT6eNn9ZvOfudPRkZ8XKxrjQEQlfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:36 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 3787 0
884 B 47ms
11ms Image
text/html 52.59.191.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-iIFufsBL0YT6eNn9ZvOfudPRkZ_HIB3Ii3klug
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.191.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-191-188.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 09:51:36 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 3787 0
145 B 456ms
115ms Image
text/plain 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-RvPtxcBL0YT6eNn9ZvOfudPRkZ85BAvYprcwRg&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 09:51:37 GMT
Cache-Control: no-cache
X-TraceId: da495935e65fd6c167ed1490dcd60ec1
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3787 42 B
585 B 117ms
15ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-_uxyMsBL0YT6eNn9ZvOfudPRkZ_ICPZNihR7HQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 26 Feb 2023 09:51:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 3787 43 B
183 B 299ms
92ms Image
image/gif 2600:1f18:612b:4232:851e:f269:97b5:da7b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-XvJndcBL0YT6eNn9ZvOfudPRkZ8V9ut0qJFOYg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:851e:f269:97b5:da7b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 26 Feb 2023 09:51:37 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 3787 43 B
153 B 67ms
21ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-yUPOmcBL0YT6eNn9ZvOfudPRkZ8ppy9YKdp-fg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 26 Feb 2023 09:51:36 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 3787 0
525 B 115ms
45ms Image
text/plain 104.96.129.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-C47BsMBL0YT6eNn9ZvOfudPRkZ_h4GGKQ921jw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.129.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-129-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 09:51:37 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sat, 25 Feb 2023 09:51:37 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 3787 43 B
220 B 252ms
30ms Image
image/gif 34.250.114.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-l0-EacBL0YT6eNn9ZvOfudPRkZ9oDzIkhmZR8A&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.114.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-114-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 26 Feb 2023 09:51:37 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3787
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WNGIpA67hvoZbEhdDTwdKDAb1vcih33m

0
339 B

164ms
31ms

Image
text/plain

52.31.4.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WNGIpA67hvoZbEhdDTwdKDAb1vcih33m
Protocol: H2
Server: 52.31.4.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-4-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Sun, 26 Feb 2023 09:51:37 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1677405097
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WNGIpA67hvoZbEhdDTwdKDAb1vcih33m
date: Sun, 26 Feb 2023 09:51:36 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 2338763
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 3787
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tQq8cAuELsFRtai2VTsnFRlIMeg0P5Gy

35 B
268 B

326ms
103ms

Image
image/gif

3.135.167.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tQq8cAuELsFRtai2VTsnFRlIMeg0P5Gy
Protocol: H2
Server: 3.135.167.46 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-167-46.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 09:51:37 GMT
x-bt-requestid: 29560b10-b5bb-11ed-b3e5-0000ac17027e
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tQq8cAuELsFRtai2VTsnFRlIMeg0P5Gy
date: Sun, 26 Feb 2023 09:51:37 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 2051604
content-length: 0

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame 7157 0
156 B 93ms
93ms XHR
text/plain 52.203.83.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vgs-collect-keeper.apps.verygood.systems/vgs

Requested by

Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.8.2/lib/application.a15fb8420d24d6cf4a07.modern.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.83.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-83-237.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Sun, 26 Feb 2023 09:51:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
content-length: 0
vary: Origin

GET
H2 200 /
www.facebook.com/tr/ Frame DA10 0
54 B 8ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=138197191225035&ev=Microdata&dl=https%3A%2F%2Fpayment.unitednaturals.com%2F&rl=https%3A%2F%2Fpayment.unitednaturals.com%2F&if=true&ts=1677405097432&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.97&r=stable&ec=1&o=30&fbp=fb.1.1677405095886.1152724475&it=1677405095488&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.unitednaturals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 26 Feb 2023 09:51:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.unitednaturals.com/	1970-01-20 10:01:04	Name: hasFiredCART_PAGE_IMPRESSION Value: true
.payment.unitednaturals.com/	1970-01-20 18:43:47	Name: _vwo_uuid_v2 Value: DE7FAD0F91B6A3B2ECECFB4E9AD7330B1\|a8785af8e90a396ada863dfb661d7635
.unitednaturals.com/	1970-01-20 12:20:45	Name: _vis_opt_s Value: 1%7C
.unitednaturals.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.unitednaturals.com/	1970-01-20 19:32:45	Name: _vwo_uuid Value: DE7FAD0F91B6A3B2ECECFB4E9AD7330B1
.unitednaturals.com/	1970-01-20 12:06:21	Name: _vwo_ds Value: 3%241677405093%3A44.50694829%3A%3A
.unitednaturals.com/	1970-01-20 09:56:46	Name: _vwo_sn Value: 0%3A1
.payment.unitednaturals.com/	1970-01-20 19:32:45	Name: _ga Value: GA1.3.1981593592.1677405094
.payment.unitednaturals.com/	1970-01-20 09:58:11	Name: _gid Value: GA1.3.533244735.1677405094
.payment.unitednaturals.com/	1970-01-20 09:56:45	Name: _gat_UA-133916996-1 Value: 1
.unitednaturals.com/	1970-01-20 12:06:21	Name: _gcl_au Value: 1.1.605371208.1677405096
.unitednaturals.com/	1970-01-20 09:58:11	Name: _uetsid Value: 28272860b5bb11ed8917670ca29960b7
.unitednaturals.com/	1970-01-20 19:18:21	Name: _uetvid Value: 282768b0b5bb11ed9dd5a99b19ae756f
.bing.com/	1970-01-20 19:18:21	Name: MUID Value: 21F3A04A114866773961B28E10E46715
.unitednaturals.com/	1970-01-20 19:32:45	Name: _ga Value: GA1.2.1981593592.1677405094
.unitednaturals.com/	1970-01-20 09:58:11	Name: _gid Value: GA1.2.533244735.1677405094
.unitednaturals.com/	1970-01-20 09:56:45	Name: _gat_gtag_UA_157688124_1 Value: 1
.unitednaturals.com/	1970-01-20 19:32:45	Name: _ga_W76M3KXVGN Value: GS1.1.1677405095.1.0.1677405095.0.0.0
.criteo.com/	1970-01-20 19:18:21	Name: uid Value: 664e5e65-4216-4fb2-adb2-c499859b83f3
.doubleclick.net/	1970-01-20 19:18:21	Name: IDE Value: AHWqTUmZZPB_tfQLMZiuo56wOjGEmRvztQR3iXNHlHKb631TcY-33XqHRpIy85-4
.unitednaturals.com/	1970-01-20 12:06:21	Name: _fbp Value: fb.1.1677405095886.1152724475
.unitednaturals.com/	1970-01-20 19:26:09	Name: cto_bundle Value: IokQiF9DNTRzTEV0SmExWEFaWEQ3QTI1blZPVEJ1QTRkN3dlbHJNTERGMk9sbkxTU2VnMUtCUXJBSkdLaUlkaiUyQkRoUWh5OG5HV3F6SmhvanVZeGdUbCUyRmNUaWpIUEFjeTh5eFZIa0ZzbTB0WSUyQmhzWGtwYTh3ZVl6dXVVVWRWR1VXSzElMkJlZE5aUjVFZGRpOWI2YmJpRTYwcGFrdFFqSElLNjdza0ZvJTJGNUk4V1dyQSUyQlklM0Q
.bidswitch.net/	1970-01-20 18:42:21	Name: tuuid Value: bc2e6618-c5d4-4965-ac91-21e7f0183bcb
.bidswitch.net/	1970-01-20 18:42:21	Name: c Value: 1677405096
.bidswitch.net/	1970-01-20 18:42:21	Name: tuuid_lu Value: 1677405096
.adnxs.com/	1970-01-20 12:06:21	Name: uuid2 Value: 3071239198229778967
.yahoo.com/	1970-01-20 18:42:42	Name: A3 Value: d=AQABBKgr-2MCEEBdXfV2oV5--mkBibMWyXoFEgEBAQF9_GMFZAAAAAAA_eMAAA&S=AQAAAipWqRbv-S-4gTwLV5Hyxvg
.media.net/	1970-01-20 18:42:21	Name: visitor-id Value: 3204066969171875000V10
.media.net/	1970-01-20 10:39:57	Name: data-c-ts Value: 1677405096
.media.net/	1970-01-20 10:39:57	Name: data-c Value: k-1auzJ8BL0YT6eNn9ZvOfudPRkZ9_yJv38NZZXg~~3
.adnxs.com/	1970-01-20 12:06:21	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E>1m=Kra!]tbPl@/D!9hy6]/Cr+Sk[!#Ekzd<[4?pet3D+HVg[n6i/u7Xy1h+Y84z)s$1dVEl>lm=<5yTbNbpRzqF1`bc7W+o.$
.id5-sync.com/	1970-01-20 09:56:45	Name: cf Value:
.id5-sync.com/	1970-01-20 09:56:45	Name: cip Value:
.id5-sync.com/	1970-01-20 09:56:45	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:56:45	Name: car Value:
.id5-sync.com/	1970-01-20 09:56:45	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:56:45	Name: callback Value:
.analytics.yahoo.com/	1970-01-20 18:42:21	Name: IDSYNC Value: 18zh~2a7l
.casalemedia.com/	1970-01-20 18:42:21	Name: CMID Value: Y-srqHTHEscYCqoi37Gh9wAA
.casalemedia.com/	1970-01-20 12:06:21	Name: CMPS Value: 1216
.casalemedia.com/	1970-01-20 12:06:21	Name: CMPRO Value: 1216
exchange.mediavine.com/	1970-01-20 10:16:54	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2228fa0860-b5bb-11ed-8cc8-13aae523bf5b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:16:54	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2228fa0860-b5bb-11ed-8cc8-13aae523bf5b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:16:54	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2228fa0860-b5bb-11ed-8cc8-13aae523bf5b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:16:54	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2228fa0860-b5bb-11ed-8cc8-13aae523bf5b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:16:54	Name: criteo Value: %7B%22id%22%3A%22k-iIFufsBL0YT6eNn9ZvOfudPRkZ_HIB3Ii3klug%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/	1970-01-20 14:15:57	Name: demdex Value: 30496851023045780862287491902813267764
.360yield.com/	1970-01-20 12:06:21	Name: tuuid Value: dfc9a5e9-65c9-4be3-b8e2-f4e6e246d48a
.360yield.com/	1970-01-20 12:06:21	Name: tuuid_lu Value: 1677405097
.pubmatic.com/	1970-01-20 10:39:57	Name: KRTBCOOKIE_97 Value: 3385-uid:k-_uxyMsBL0YT6eNn9ZvOfudPRkZ_ICPZNihR7HQ&KRTB&23144-uid:k-_uxyMsBL0YT6eNn9ZvOfudPRkZ_ICPZNihR7HQ&KRTB&23286-uid:k-_uxyMsBL0YT6eNn9ZvOfudPRkZ_ICPZNihR7HQ&KRTB&23287-uid:k-_uxyMsBL0YT6eNn9ZvOfudPRkZ_ICPZNihR7HQ
.pubmatic.com/	1970-01-20 10:39:57	Name: PugT Value: 1677405096
.360yield.com/	1970-01-20 12:06:21	Name: um Value: !38,Qg4PbWTj6fzru9pl0hVGIJPqiGUIwZh-R4ajo0Ha8xgck.5ucedhHXWPawdAVCbk40N9z80l,1685181097
.360yield.com/	1970-01-20 12:06:21	Name: umeh Value: !38,0,1739613097,-1
.dpm.demdex.net/	1970-01-20 14:15:57	Name: dpm Value: 30496851023045780862287491902813267764
.krxd.net/	1970-01-20 14:15:57	Name: _kuid_ Value: PZwRBNck

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
api.unitednaturals.com
bat.bing.com
beacon.krxd.net
browser.sentry-cdn.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d378si5bqq748t.cloudfront.net
dev.visualwebsiteoptimizer.com
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
events.unitednaturals.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
js.verygoodvault.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
o453484.ingest.sentry.io
payment.unitednaturals.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.unitednaturals.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tools-api.veyl.com
upbio.s3.amazonaws.com
ups.analytics.yahoo.com
vgs-collect-keeper.apps.verygood.systems
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.18.25.185
104.96.129.75
13.224.189.113
13.32.121.4
141.226.228.48
141.95.98.64
142.250.181.226
142.251.39.2
178.250.0.157
178.250.0.163
178.250.1.9
18.156.0.31
18.198.123.15
18.66.97.18
185.255.84.153
185.64.189.110
185.86.138.154
185.89.210.180
185.89.211.12
2001:4860:4802:32::36
23.203.125.36
2600:1f18:612b:4232:851e:f269:97b5:da7b
2600:9000:20eb:9a00:1d:e8c0:cf40:21
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:400c:c07::9c
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::2004
2a02:2638::1c
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::729
3.135.167.46
3.248.76.150
3.74.185.105
34.117.157.22
34.120.195.249
34.250.114.170
34.96.102.137
37.157.2.234
52.0.64.183
52.203.83.237
52.222.236.9
52.31.4.222
52.59.191.188
52.59.64.86
54.231.233.97
64.202.112.31
69.173.144.139
74.119.119.150
76.223.111.18
76.76.21.93
85.215.5.31
92.123.38.97
0065c9b502f75f9fef9e258f4753ef85686a3de3a1ea0c8ae1391a1519bdbf8f
00fd0a9648fd96fcf387171ce923306d15528887d87bc6bcdb6c0603e03414f9
03cc0faa7038eaf8fbbfc696b793e795dd0bfdf24980faf888195664f000192e
0b5c6c3731464514cfea7fb3fbe17c8e3aa5792c39eda56a4ff2dcd5563fc67b
1133de1a1f3848aa953f5dc44dbc58801e5888d87557ca5090e5510527eeef60
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
1fe72b632606dfea100be1d6f33d03f25be24b753df7d0beec17f29b7aa53c55
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
31bac14720d2aef8116ebb345619f9e624c23aa95eeb48c3a8a9106e07f17c4f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33657dbaa7b3e6b2d27761a0e4a9099fce2244ae0f6b3cce4250b325600fd8ab
381a65f50fd1004554fd6edf3cf90f2800bc2f876b6faa91ca89bf7e811482c6
3d6ed564bdbd0cb42833acac8cae3f99b0d690bdbd08de4950f8ab090d0babfb
3e7985636ec6979eddc7e02f1a06a2ec67b5c51d02fec37c29a3946cbd004452
3e8ffdbb04c4fcd300db98f16cf0c651e546a9f602a6fc5629e225e4c0e77a7a
3f60b5126056c40dd3f9ca4b1353bc8e2389e378822ea9f19b532aaeca23d7dc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf4b6157be20313955db5a3e5be8a16517ea142625956ce3759412d721afefd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ff41625f9d1e150a371ac721c45aefb3be794cd4149116c86d399b34a69e14b
505a626ca0acc0bea98b2bca98ca60f4dcdf5fdb675a7805348f6c64c1c425af
5408d7ba9bf988c4c32a6de9f5f25f5f3946a412d9f39031a706aa6ae8ea2449
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5f3cb838ad6b6f1c4ca4336432280db9c5900b521ac8dcf4d52b6364a3fb4a6a
602e5b930023c8d4e07a85a806e568690030d02584be04c91c11f1b925ff578e
658faa7ad4cd09a7640fb7a16b692b4534ea5df3139b5ac38181f6e650255d7f
6adf99814d85927e276911b2412a56598b3b96a01ca0ccd43ddc31f3a1f4d7b2
6bbbb08331a704b49d5722330df53dfdd25e31d225d01d892ceda55339880731
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7092c0972df0d40549cd448a4e2939b0a6bc2abc23f8529f5d0b5478829e1985
73d0ab973d91badb4a5614c064410c6d7bf8ac6b7afb9e537623b7c276c2a26b
742c45b9baa47c7bce5ea81fed0b896a881e1cc7ce3d2d3f6571cdf99d8861a3
7c464df24df8b56fa2398b903fc1e87fcdd0e55d5c3ebae7ff171031b9208a47
7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d083e40e96085fe9ca903e6115531e26872a73fe430ed7fa1ecd872958a97a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
959e14671a55387cc39ef236c66109391faed412503aa9731fa1f455b5e651ae
9ceea15fb8d3d0bf107573de237f8a14abf29e19d343727addc866abe50309f3
9f44a79b26f236828cb73bf838e85e3bd732dfa032fd2674c3d7c1e3b9a095a9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a5638758ebafa6b913fc2584a945ea6fd3230da946f3fecbd409d70ed144e93a
a750825f4193e8135744e23c2c4afc85db8c29b852c09097655fd552a973619a
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b785f69480d3a6a5b26726b2fae085affca37d0e222a5e58e47eed34210f53be
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2de22b87d1d1db91b238dafa7d4d296d26b8af9c0dc04e7f18bbc3ca8cc4454
c4c70177fb66e2dc7c8b045d5fc783b410d478ed57d3f5c0a9607ad371630c43
c95b783c2c42f562a93c12c456542530258a3ea75ecf98a3329bb8fbecf842cd
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cb4cfd056bb1880ed1a18dd01cca8a7917bb0e9d61acd5075ff61c66232adf0c
cc6c7d1563826e3687d086d63ef13aac94117b97cdd177006cc301c8e5ff063a
cfc53c34fa5d360258dbfb740eff621130a2dccd4e7999569d568d256beb0295
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1fd072e783699bfba0822512b7011c6b18d924969d4de3e4051a804f4dbce51
d735ec1c58132cdeb07505c4237bba455794fb5e9384740b5bcde3b815986c96
db7359118c0fb1b79a832df20b45e61ca13327f2500bfb677ff7814b1bb1471f
dbfca0899cfde672e0fc109a6cf61d71f7cebc054afce521c0af15555fe4905d
dcb31a0100f3b1281a4cc6f83f700a2177360fbd5d6f15339d7031c3d937bb31
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e249d86c3b0513ca50fa4461016fcc13123673521df9b7e6fd6ada11930ac28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70e40710e1f59cc5b8b8f67afba3bd1161b51d4e699a66713fde85f6b59ed9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e9fbd027b31cb9672f4b6ce7f1803727b8e5d62e17d7bc2bbe13545869c2d4
f737184a532228d93b19ad2e026aeb229f4770e933ab129e28c6c25307c78d59
f7dbdd3dda15d7529c9a19f47e9f12c12613d6264bff8915ecfb42d79427011d
f8aee292865c8b62eb733ad3ad9df064a6a8de5cb488a5e1703e18af6a4f4f01
fc1c5ddf43f6688bf2b15e1acd634e22aee94bb5a08666a9a82e31f725774ad5
fdd3b5cdd1792b376bda3ff4ebfa4be17f4a0d9ffaea1fe34acdf2b081cc5671
fe5f8d4505ce040cc22d858aa7636262168e3449787dd05f75ea7050ff8ce06f

payment.unitednaturals.com Open in urlscan Pro 76.76.21.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

148 Requests

91 %HTTPS

29 %IPv6

48 Domains

59 Subdomains

57 IPs

10 Countries

2091 kBTransfer

6658 kBSize

55 Cookies

2 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

payment.unitednaturals.com Open in urlscan Pro
76.76.21.93 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

91 %
HTTPS

29 %
IPv6

48
Domains

59
Subdomains

57
IPs

10
Countries

2091 kB
Transfer

6658 kB
Size

55
Cookies

148 HTTP transactions
1 data transactions