floraspring.com Open in urlscan Pro
149.28.34.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.truthaboutabs.com/a/90/click/9495633/743524746/_63b18d7e6b3c038e2860e87c09b5cf0142470c29/140644d4f9df088da49ff903e...
Effective URL:
https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkN...
Submission: On April 17 via api (April 17th 2023, 5:51:36 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 53 IPs in 10 countries across 47 domains to perform 122 HTTP transactions. The main IP is 149.28.34.111, located in Piscataway, United States and belongs to AS-CHOOPA, US. The main domain is floraspring.com.
TLS certificate: Issued by R3 on March 11th 2023. Valid for: 3 months.

This is the only time floraspring.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	18.192.108.151 18.192.108.151	16509 (AMAZON-02) (AMAZON-02)
11	149.28.34.111 149.28.34.111	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.105.158 52.217.105.158	16509 (AMAZON-02) (AMAZON-02)
2 2	3.122.44.180 3.122.44.180	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.175.18 3.123.175.18	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
30	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:6400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	107.178.211.97 107.178.211.97	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	35.190.27.197 35.190.27.197	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:d... 2600:1901:0:df23::	15169 (GOOGLE) (GOOGLE)
1 3	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 2	3.67.205.213 3.67.205.213	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 2	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.158.28.31 35.158.28.31	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.151 185.86.138.151	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.23.197.36 2.23.197.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	54.154.173.64 54.154.173.64	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1 2	18.203.73.89 18.203.73.89	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.156.206.68 35.156.206.68	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.127 70.42.32.127	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4280:b7e4:703:4793:ce15	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	2.22.155.103 2.22.155.103	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.77.251.116 54.77.251.116	16509 (AMAZON-02) (AMAZON-02)
1	52.211.68.60 52.211.68.60	16509 (AMAZON-02) (AMAZON-02)
1	3.130.203.157 3.130.203.157	16509 (AMAZON-02) (AMAZON-02)
122	53

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.truthaboutabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.108.151 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-151.eu-central-1.compute.amazonaws.com

treach-tutters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 149.28.34.111 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.34.111.vultrusercontent.com

floraspring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.105.158 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.44.180 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-44-180.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.175.18 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-175-18.eu-central-1.compute.amazonaws.com

rtb-eu.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 151.101.1.91 (United States)

ASN54113 (FASTLY, US)

quick.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:6400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.211.97 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.211.178.107.bc.googleusercontent.com

stats.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.190.27.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.27.190.35.bc.googleusercontent.com

analytics-ingress-global.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:df23:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

licensing.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.205.213 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-205-213.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.28.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-28-31.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.36 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-36.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.173.64 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-173-64.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.73.89 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-73-89.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.206.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-206-68.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:b7e4:703:4793:ce15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.22.155.103 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-155-103.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.251.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-251-116.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.68.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-68-60.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.130.203.157 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-203-157.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	vidalytics.com quick.vidalytics.com — Cisco Umbrella Rank: 264776 stats.vidalytics.com — Cisco Umbrella Rank: 132774	17 MB
11	bitmovin.com analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 27362 licensing.bitmovin.com — Cisco Umbrella Rank: 8071	1 KB
11	floraspring.com floraspring.com	126 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2685 sslwidget.criteo.com — Cisco Umbrella Rank: 1775 widget.us.criteo.com — Cisco Umbrella Rank: 18816 dis.criteo.com — Cisco Umbrella Rank: 731	14 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4135 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 cm.g.doubleclick.net — Cisco Umbrella Rank: 220	7 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6074	885 B
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 227 secure.adnxs.com — Cisco Umbrella Rank: 424	4 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	13 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1040 rtb-eu.mfadsrvr.com — Cisco Umbrella Rank: 149376	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 674	876 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 204	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1344	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 296	509 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 314	880 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	234 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	137 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1074 pixel.quantserve.com — Cisco Umbrella Rank: 820	9 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	178 KB
2	treach-tutters.com 1 redirects treach-tutters.com	5 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1862	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 622	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2238	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4547	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 29967	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2293	406 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 692	583 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 774	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1348	886 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2642	275 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 443	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 878	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1264	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 379	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1892	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1302	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 614	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 550	357 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 351	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 612	802 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 953	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	15 KB
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 865	311 B
1	amazonaws.com s3.amazonaws.com	56 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	1 KB
1	truthaboutabs.com 1 redirects links.truthaboutabs.com — Cisco Umbrella Rank: 889382	759 B
122	47

	Domain	Requested by
30	quick.vidalytics.com	floraspring.com quick.vidalytics.com
11	floraspring.com	floraspring.com
9	analytics-ingress-global.bitmovin.com	floraspring.com
5	gum.criteo.com	4 redirects static.criteo.net
5	www.google.de	floraspring.com
4	stats.vidalytics.com	floraspring.com
4	www.google.com	floraspring.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com floraspring.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	licensing.bitmovin.com	floraspring.com
2	www.facebook.com	floraspring.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	floraspring.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	floraspring.com www.googletagmanager.com
2	rtb.mfadsrvr.com	2 redirects
2	treach-tutters.com	1 redirects floraspring.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com	floraspring.com
1	sslwidget.criteo.com	1 redirects
1	pixel.quantserve.com	floraspring.com
1	mug.criteo.com	floraspring.com
1	rules.quantcount.com	secure.quantserve.com
1	static.criteo.net	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	ce.lijit.com	floraspring.com
1	rtb-eu.mfadsrvr.com	1 redirects
1	s3.amazonaws.com	floraspring.com
1	fonts.googleapis.com	floraspring.com
1	links.truthaboutabs.com	1 redirects
122	59

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
treach-tutters.com
partners.pineapple.co

Subject Issuer	Validity	Valid
floraspring.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-25` - `2023-04-25`	3 months	crt.sh
treach-tutters.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-25`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.vidalytics.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-30` - `2023-12-31`	a year	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.bitmovin.com Go Daddy Secure Certificate Authority - G2	`2022-05-03` - `2023-06-04`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-01`	5 months	crt.sh

This page contains 4 frames:

Primary Page: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Frame ID: 8AAEC6A0B87C7EF4D993C65B4E2CE8D3
Requests: 93 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=floraspring.com&origin=onetag
Frame ID: C677C8DDA299ADD8A464811B5383A909
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 834BDE5870BA30BCBDBEE69BA2B5A2FA
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-F5ECT-OrYnGq6t8xvPIduuPuq6numCBw_rJ_rQ&expires=30
Frame ID: A7AECFD89541ACD12978745DD363B913
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Video - Limited Time Only!

Page URL History Show full URLs

https://links.truthaboutabs.com/a/90/click/9495633/743524746/_63b18d7e6b3c038e2860e87c09b5cf0142470c29/14064... HTTP 302
https://treach-tutters.com/531b55b2-6106-4265-929d-17563ec0c13d?a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie HTTP 302
https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLv... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

122
Requests

89 %
HTTPS

30 %
IPv6

47
Domains

59
Subdomains

53
IPs

10
Countries

18054 kB
Transfer

20815 kB
Size

62
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://vidalytics.com/?utm_source=Powered%20By&utm_medium=Player&utm_content=KwmJQD4K
Title: Powered by Vidalytics

Search URL Search Domain Scan URL

URL: https://vidalytics.com/contact/?subject=Report%20an%20issue
Title: Report an issue

Search URL Search Domain Scan URL

URL: https://treach-tutters.com/click/1?cep=aO0KXpEM4TMTJ7z5YX6HOs9rIXg4jLSNQYw0B-gRbGf0Qcswnqg-HtaOLaa6cRb7uR_hvDwRjD5kL_og1FMohiImgw1XyFJ5Th8XGFO2Cg0UEA9k08MhFBG-5I5UnQgR61k1AIXCD9fxZmETSLLn-0ENXHv_iN87dVkTYb7roAmLCeDMt_8YorClNag3i7yCVdNV5yf3kwqBCyUYNl8By6rdonUGhLHY7Hxvw5qeyDhJsZrj7roH5N5wkDvu_hAXjKwOB2HWUVCGulDF4-rkqArje7eb8chzs5RGZAGdgZJv63digOM-SBYWnWb4BeuFz6-djNhJUaOJ0LiP63ud_76UvVD9jxkV4hlj_Uu3pdJKw3rOXd6UZ_HWbD4-WCjnF2ppvdN2lZxg4c_C4iy_6gFgJvcDd25CYWijJvrfchaCGRqEB2TM4hHZjbV3MCiU1xByMCbyhY0zXhFiPAQl89SFrVu1bzQ0wVQuxPwVnsg&voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Title: See If You Qualify

Search URL Search Domain Scan URL

URL: https://partners.pineapple.co/affiliate-signup/
Title: Affiliate Signup

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.truthaboutabs.com/a/90/click/9495633/743524746/_63b18d7e6b3c038e2860e87c09b5cf0142470c29/140644d4f9df088da49ff903eaf6d2b9c18ea763 HTTP 302
https://treach-tutters.com/531b55b2-6106-4265-929d-17563ec0c13d?a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie HTTP 302
https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://rtb.mfadsrvr.com/pixel?id=521041&type=img HTTP 302
https://rtb.mfadsrvr.com/ul_cb/pixel?id=521041&type=img HTTP 302
https://rtb-eu.mfadsrvr.com/sync?ssp=sovrn&initiator=me HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=9bd668a1-12bc-4a36-9b72-e93aa7d84e75

Request Chain 43

https://gum.criteo.com/sid/json?origin=onetag&domain=floraspring.com&sn=ChromeSyncframe&so=0&topUrl=floraspring.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=pDGtsXw1bDB0WnphRjBoa05SejlLc1pqWmxqdWZJMU9UWEQ5RmlVbENYUVd3M0VoME42RkhIV1F0bG5tVjJSVzZuZkZ6a0t5VkwwTGdGY1VkS1JuSTExYnpEMFYvWEhGQTFPdHJXZVNiczlhS0p4TGlOV0hvaEMveXdCYnI5M3dqMkE0NXJHMnFkMWpUQyt3SVJqVlFYVWpERnVFL3BJcVJqQnVtTGlBRU4wRGNpZ3ZNU0ZzS28xV0RkMVFGclpud0VLVXg4TzQxQlViTm5XWVVnQUoxZFpZVFRJT3hMNzduQVQwbjFKNGVUMDlUNFNvSER5MGIwVm1rYnYwb25CYmpORkhxZjFacTRyK1FFSmc5NUJjajRSK25BUT09fA&cppv=2

Request Chain 52

https://sslwidget.criteo.com/event?a=77723&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=gwzbxl9hMXNON3ZTY1ZNM1RqenhCQ0hLYWFhbEZ2Qmppdk01TkdDVG03YzY1d0xzc25OdGNWMmRFOWwwQk1aSjZFekZZeThoNU45OW1jT0lXeFp0R1BVQVdXOVMlMkZ4Z0FDRjZqdkslMkJDeWVHbjZRN1NQbmRtbGpKS2d6dU9ndXFMbVFDdkQzT2Ewb2hIQ2IxVmhZOG8lMkJmTDJLbUElM0QlM0Q&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fvoltrk%253D1%2526cep%253DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%2526lptoken%253D167e81f375bc56038709%2526a%253D2104%2526s1%253DNW_WL%2526s3%253Dv10_sE26%2526s4%253Dirollie&ceid=741ba54c-701e-4c43-a913-b0a97d36294b&dtycbr=40419 HTTP 302
https://widget.us.criteo.com/event?a=77723&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=gwzbxl9hMXNON3ZTY1ZNM1RqenhCQ0hLYWFhbEZ2Qmppdk01TkdDVG03YzY1d0xzc25OdGNWMmRFOWwwQk1aSjZFekZZeThoNU45OW1jT0lXeFp0R1BVQVdXOVMlMkZ4Z0FDRjZqdkslMkJDeWVHbjZRN1NQbmRtbGpKS2d6dU9ndXFMbVFDdkQzT2Ewb2hIQ2IxVmhZOG8lMkJmTDJLbUElM0QlM0Q&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fvoltrk%253D1%2526cep%253DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%2526lptoken%253D167e81f375bc56038709%2526a%253D2104%2526s1%253DNW_WL%2526s3%253Dv10_sE26%2526s4%253Dirollie&ceid=741ba54c-701e-4c43-a913-b0a97d36294b&dtycbr=40419

Request Chain 65

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-F5ECT-OrYnGq6t8xvPIduuPuq6numCBw_rJ_rQ&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-F5ECT-OrYnGq6t8xvPIduuPuq6numCBw_rJ_rQ&expires=30

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-xa5w7OOrYnGq6t8xvPIduuPuq6lsIVBRy_b3ug&google_cm&google_hm=ay14YTV3N09PclluR3E2dDh4dlBJZHV1UHVxNmxzSVZCUnlfYjN1Zw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xa5w7OOrYnGq6t8xvPIduuPuq6lsIVBRy_b3ug&google_gid=CAESEBkPmtqkK0BE5J5z-CuOZ-c&google_cver=1&google_ula=913071,0

Request Chain 67

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3131620286781372695

Request Chain 68

https://secure.adnxs.com/setuid?entity=52&code=k-onYeNOOrYnGq6t8xvPIduuPuq6lWIQdxwESB_Q HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-onYeNOOrYnGq6t8xvPIduuPuq6lWIQdxwESB_Q

Request Chain 76

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8Amx9eOrYnGq6t8xvPIduuPuq6nywPAzmcx82Q HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8Amx9eOrYnGq6t8xvPIduuPuq6nywPAzmcx82Q&verify=true

Request Chain 79

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gr5RGOOrYnGq6t8xvPIduuPuq6mZ6e6O0-Bkzg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gr5RGOOrYnGq6t8xvPIduuPuq6mZ6e6O0-Bkzg&C=1

Request Chain 80

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ifMXYfMh9oQTqcxQ2Tyn0bJJruXZ1Y4l HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ifMXYfMh9oQTqcxQ2Tyn0bJJruXZ1Y4l

Request Chain 82

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-nJ1QieOrYnGq6t8xvPIduuPuq6naS10izefKyQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-nJ1QieOrYnGq6t8xvPIduuPuq6naS10izefKyQ

Request Chain 98

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GVbD-b-8ZQfbd8AVb-zTgJjdpwiSk6wO

Request Chain 100

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=0pWDcZ20MT68yx3cJm7rIJebfsonNblU

122 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request aff_special20.php Show response
floraspring.com/z/
Redirect Chain

https://links.truthaboutabs.com/a/90/click/9495633/743524746/_63b18d7e6b3c038e2860e87c09b5cf0142470c29/140644d4f9df088da49ff903eaf6d2b9c18ea763
https://treach-tutters.com/531b55b2-6106-4265-929d-17563ec0c13d?a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5...

22 KB
7 KB

621ms
99ms

Document
text/html

149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

597d02d4f5a05cc796f278969cc5ae9a48262787ae2f6bbbb8e0c45425015bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 6721
content-type: text/html; charset=UTF-8
date: Mon, 17 Apr 2023 17:51:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx-rc
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Mon, 17 Apr 2023 17:51:27 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
pragma: no-cache
server: nginx

GET
H2 200 bootstrap.min.css
floraspring.com/z/inc/ 110 KB
17 KB 88ms
87ms Stylesheet
text/css 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/inc/bootstrap.min.css

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

1d1974b2deb775a420838749b71e19bb7824e685a28fa1a50e21907c5fd7e7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-1b9ac"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2023 17:51:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 48ms
18ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37d1d818e031f1762b00e3a53170580e4aaa448dcb34a34d1f865dcf84038da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 17:28:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 17:51:28 GMT

GET
H2 200 buy-safe.css
floraspring.com/z/inc/ 534 B
428 B 88ms
88ms Stylesheet
text/css 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/inc/buy-safe.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

5c7358b97d06c77f1641108420df9b72caf8353bf02c1e7545c12ffe8ff20bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-216"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2023 17:51:28 GMT

GET
H2 200 jquery-ui.min.css
floraspring.com/css/ 28 KB
7 KB 89ms
88ms Stylesheet
text/css 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/css/jquery-ui.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

4de78f7ae6064851c4a6d700dff1e471596d28d44518f81e2cc91b07817267f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-718e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2023 17:51:28 GMT

GET
H2 200 ouibounce.min.css
floraspring.com/z/css/ 2 KB
844 B 89ms
88ms Stylesheet
text/css 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/css/ouibounce.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

16356413bcc5c5d4366a5b4f690fe0182fa7a242cb1cf7496e042b28d428c662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-98c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2023 17:51:28 GMT

GET
H2 200 vsl.css
floraspring.com/css/ 3 KB
1 KB 89ms
88ms Stylesheet
text/css 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/css/vsl.css?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

4469009ea5a9afd7a865fc77d1f50af984a04457eb295ae43feaa221d4352757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 17:21:19 GMT
server: nginx-rc
etag: W/"626c1e8f-ca6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2023 17:51:28 GMT

GET
H/1.1 200
OK thumb6.jpg
s3.amazonaws.com/flora-spring/ 56 KB
56 KB 386ms
156ms Image
image/jpeg 52.217.105.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/flora-spring/thumb6.jpg
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f47e9f7f2e9c4ec05f86a82619d6c487110bc34703658a68345545e96b9e7b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 17:51:29 GMT
Last-Modified: Fri, 19 Jun 2020 14:28:38 GMT
Server: AmazonS3
x-amz-request-id: 8S4H3SRYBBJN6KZX
ETag: "5903f97d5c1477d254c8f417bdd6cdd3"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 57352
x-amz-id-2: j2THmpYRnDpMgnKB2T5/MruIhPFAPi9QtsmGgFOPlBPy8xzh7lNYiy1+s4M3N5zm+N6X0psioR4=

GET
H2 200 jquery.js Show response
floraspring.com/z/inc/ 82 KB
28 KB 128ms
127ms Script
application/javascript 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/inc/jquery.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

411226d65b1f2d52d634a32a1df97297c6bc9696fbe21565e731033432902523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-147a2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2023 17:51:28 GMT

GET
H2 200 jquery-ui.min.js Show response
floraspring.com/js/ 246 KB
63 KB 128ms
127ms Script
application/javascript 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/js/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

ea18565a7caf6a465d9b9eb73d217f9c1942c2e9b86f4e985c9de2ab4e810fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-3d8ad"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2023 17:51:28 GMT

GET
H2 200 ouibounce.min.js Show response
floraspring.com/z/js/ 2 KB
969 B 129ms
128ms Script
application/javascript 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/js/ouibounce.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-658"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2023 17:51:28 GMT

GET
H2 200 fadeInOut.js Show response
floraspring.com/z/inc/ 118 B
350 B 129ms
128ms Script
application/javascript 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/z/inc/fadeInOut.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

97343db10774f87a60e4c76c6fc51da9f1165e52d036694328bbb6dee539ae2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-76"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2023 17:51:28 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://rtb.mfadsrvr.com/pixel?id=521041&type=img
https://rtb.mfadsrvr.com/ul_cb/pixel?id=521041&type=img
https://rtb-eu.mfadsrvr.com/sync?ssp=sovrn&initiator=me
https://ce.lijit.com/merge?pid=87&3pid=9bd668a1-12bc-4a36-9b72-e93aa7d84e75

0
311 B

298ms
15ms

Image
text/plain

216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=9bd668a1-12bc-4a36-9b72-e93aa7d84e75
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: HTTP/1.1
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Mon, 17 Apr 2023 17:51:29 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=9bd668a1-12bc-4a36-9b72-e93aa7d84e75
Date: Mon, 17 Apr 2023 17:51:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 328 KB
99 KB 61ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

807a6b0d8e78e705b80e119e889c5f3749fa8187a553300e63d678de36b80343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101168
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:05:35 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Apr 2023 17:51:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Apr 2023 16:35:42 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4546
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 17 Apr 2023 18:35:42 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 97ms
13ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 24 Apr 2023 17:51:28 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/ 3 KB
2 KB 124ms
53ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/?random=1681753888736&cv=11&fst=1681753888736&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsq&hn=www.googleadservices.com&frm=0&tiba=Free%20Video%20-%20Limited%20Time%20Only!&auid=1818830292.1681753889&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce393603cb15180fdcf9a370abd6637b3f36e200696ac06fdf4031e43fa5da58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1626
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 111ms
40ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 17 Apr 2023 17:51:28 GMT
last-modified: Thu, 13 Apr 2023 18:46:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF55649DA457401790743E3EB148B1D5 Ref B: FRA31EDGE0113 Ref C: 2023-04-17T17:51:28Z
etag: "8013f653386ed91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12030

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/ 3 KB
2 KB 122ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/?random=1681753888742&cv=11&fst=1681753888742&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsq&hn=www.googleadservices.com&frm=0&tiba=Free%20Video%20-%20Limited%20Time%20Only!&auid=1818830292.1681753889&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b57ec36b8c0197cb51e5c02be2f2262ca7043867889f482275ef9b5e209b36a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1625
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/332385166/ 3 KB
2 KB 122ms
52ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/332385166/?random=1681753888743&cv=11&fst=1681753888743&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsq&hn=www.googleadservices.com&frm=0&tiba=Free%20Video%20-%20Limited%20Time%20Only!&auid=1818830292.1681753889&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57b04a5b9fa8c77ceb14fffc791db876e27cb93887de9e9f45430e3be51777d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1624
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 44 KB
15 KB 159ms
27ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

6d1eadaea40a2f254cd8467e61254c36f506788d237ab6cb64cb575a5b7aab0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 30 Mar 2023 09:08:39 GMT
server: nginx
etag: W/"64255197-aff6"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 18 Apr 2023 17:51:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 68ms
2ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Apr 2023 17:51:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: CIWiKQ3b+78k7RtoQq/z262Hpx43TPUzOqu2v1UxW98Qls/S7juG2Y28MQY9+TCMJuiyqZhv/GrwcYUXxD6Z6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
78 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1525d309743634d1e6d47fda69f98e750485cbbffb3d0539f849e1b1cce1d24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80151
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Apr 2023 17:51:28 GMT

GET
H2 200 .js Show response
treach-tutters.com/d/ 3 KB
3 KB 158ms
137ms Script
application/javascript 18.192.108.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://treach-tutters.com/d/.js?lpref=&lpurl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%26lptoken%3D167e81f375bc56038709%26a%3D2104%26s1%3DNW_WL%26s3%3Dv10_sE26%26s4%3Dirollie&lpt=Free%20Video%20-%20Limited%20Time%20Only!&vtm=1681753888787
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.192.108.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-108-151.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a16407d197ce52d3cbccd4e4d63ea01b6c9e6159af4ea021e728c1b3216a9479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
server: nginx
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3132
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 38ms
32ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=216466619&t=pageview&_s=1&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%26lptoken%3D167e81f375bc56038709%26a%3D2104%26s1%3DNW_WL%26s3%3Dv10_sE26%26s4%3Dirollie&ul=en-us&de=UTF-8&dt=Free%20Video%20-%20Limited%20Time%20Only!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1947773895&gjid=1157726331&cid=1091778365.1681753889&tid=UA-113385709-1&_gid=277881799.1681753889&_r=1&_slc=1&gtm=45He34c0n81MR9ZK4G&cd4=2104&z=1284494139

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 57ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JM1YLT9HG3&gtm=45je34c0&_p=216466619&_gaz=1&cid=1091778365.1681753889&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%26lptoken%3D167e81f375bc56038709%26a%3D2104%26s1%3DNW_WL%26s3%3Dv10_sE26%26s4%3Dirollie&sid=1681753888&sct=1&seg=0&dt=Free%20Video%20-%20Limited%20Time%20Only!&en=page_view&_fv=1&_ss=1&epn.page_height=749&ep.fb_pixel_id=875470023133343&ep.event_id=1681754677062_16817542548431&ep.a_affiliate_id=2104
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 70ms
21ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JM1YLT9HG3&cid=1091778365.1681753889&gtm=45je34c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 92ms
47ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JM1YLT9HG3&cid=1091778365.1681753889&gtm=45je34c0&aip=1&z=958004923

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 54ms
19ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113385709-1&cid=1091778365.1681753889&jid=1947773895&gjid=1157726331&_gid=277881799.1681753889&_u=YEBAAEAAAAAAACAAI~&z=442138966

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 17 Apr 2023 17:51:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 875470023133343 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 223ms
222ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/875470023133343?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

297419996bdc9dd8998d9b21244fdca2feb386d0681543b5fcc10511d92b2b50

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Apr 2023 17:51:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: lFa/9jAm2LHyzbjNgY9ZSN7Dv0KdCzpuDXc4MvyR80EVwscQInrRS8QFj+f2gPtrkNzOl+YwFxISZ8aFx7EH2w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 stop-pop.min2.js Show response
floraspring.com/js/ 3 KB
1 KB 88ms
86ms Script
application/javascript 149.28.34.111
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://floraspring.com/js/stop-pop.min2.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.34.111.vultrusercontent.com

Software

nginx-rc /

Resource Hash

58e85ec5782a9ddd2bdb1398acd024726fbf206df3ddb6745b10f2a4224fa187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 13:12:45 GMT
server: nginx-rc
etag: W/"626006cd-ae7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 May 2023 17:51:28 GMT

GET
H2 200 loader.min.js Show response
quick.vidalytics.com/embeds/KwmJQD4K/OvEB6FVZrV20oq_j/ 41 KB
11 KB 252ms
159ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/embeds/KwmJQD4K/OvEB6FVZrV20oq_j/loader.min.js
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b6dbdd4656483b17e06e45f35c609c203a7d3ae3042d29490c17c091fe5d4b2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Mon, 17 Apr 2023 17:51:29 GMT
date: Mon, 17 Apr 2023 17:51:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 0
x-guploader-uploadid: ADPycdvmqk2aiMuAvHMfj0UwUHxQEPtHMLMkkIuOMvh14gpGc6RapY2K8CCecBvvNPKzExpMtZjgY3ELMO8B0RoIYeRaEA
x-cache: MISS, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10449
x-served-by: cache-iad-kiad7000044-IAD, cache-fra-eddf8230108-FRA
last-modified: Thu, 15 Dec 2022 10:16:29 GMT
server: UploadServer
x-timer: S1681753889.013959,VS0,VE132
x-cdn-info: loader
etag: "454fe68f62adae939012a331815be094"
vary: Accept-Encoding
x-goog-generation: 1671099389080239
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=j1ju0w==, md5=RU/mj2KtrpOQEqMxgVvglA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=180, s-maxage=180
x-goog-stored-content-length: 10449
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 rules-p-rXRXmwZSu3n0s.js Show response
rules.quantcount.com/ 1 KB
1 KB 504ms
441ms Script
application/javascript 2600:9000:223c:6400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-rXRXmwZSu3n0s.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994e7cba872b1835499be600f85f99d12ae61b38d81ac0429ef39e2f587fd3f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:53:35 GMT
server: AmazonS3
etag: W/"4616f68031e96be3102ecbcf8f921399"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 9UGcMY9Mu9z8EW2YdWDmNKBBxY2jDw9sYTPQNqc_wmDRGsxX2irI4Q==

GET
H2 204 56270944.js Show response
bat.bing.com/p/action/ 0
119 B 104ms
104ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56270944.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 17 Apr 2023 17:51:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B2E2DEDDBF7A4CF496E18546C475AB4C Ref B: FRA31EDGE0113 Ref C: 2023-04-17T17:51:28Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 42ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56270944&Ver=2&mid=f7155534-ab44-4286-ad4b-17f54d83bed5&sid=7b0069c0dd4811edb0a6492bc625c577&vid=7b00b520dd4811ed9abf0b36d4913b29&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20Video%20-%20Limited%20Time%20Only!&p=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%26lptoken%3D167e81f375bc56038709%26a%3D2104%26s1%3DNW_WL%26s3%3Dv10_sE26%26s4%3Dirollie&r=&lt=2148&evt=pageLoad&sv=1&rn=411489

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 17:51:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DD415B8A01FD4BE1982B233AB0E65291 Ref B: FRA31EDGE0113 Ref C: 2023-04-17T17:51:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693528767/ 42 B
455 B 74ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693528767/?random=1681753888742&cv=11&fst=1681750800000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsq&frm=0&tiba=Free%20Video%20-%20Limited%20Time%20Only!&fmt=3&is_vtc=1&random=3655062122&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693528767/ 42 B
108 B 27ms
25ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693528767/?random=1681753888742&cv=11&fst=1681750800000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsq&frm=0&tiba=Free%20Video%20-%20Limited%20Time%20Only!&fmt=3&is_vtc=1&random=3655062122&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/332385166/ 42 B
108 B 74ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/332385166/?random=1681753888743&cv=11&fst=1681750800000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsq&frm=0&tiba=Free%20Video%20-%20Limited%20Time%20Only!&fmt=3&is_vtc=1&random=3572696081&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/332385166/ 42 B
455 B 25ms
24ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/332385166/?random=1681753888743&cv=11&fst=1681750800000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsq&frm=0&tiba=Free%20Video%20-%20Limited%20Time%20Only!&fmt=3&is_vtc=1&random=3572696081&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693528767/ 42 B
108 B 73ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693528767/?random=1681753888736&cv=11&fst=1681750800000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsq&frm=0&tiba=Free%20Video%20-%20Limited%20Time%20Only!&fmt=3&is_vtc=1&random=2576619609&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693528767/ 42 B
108 B 26ms
26ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693528767/?random=1681753888736&cv=11&fst=1681750800000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsq&frm=0&tiba=Free%20Video%20-%20Limited%20Time%20Only!&fmt=3&is_vtc=1&random=2576619609&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 79ms
45ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113385709-1&cid=1091778365.1681753889&jid=1947773895&_u=YEBAAEAAAAAAACAAI~&z=1341562401

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113385709-1&cid=1091778365.1681753889&jid=1947773895&_u=YEBAAEAAAAAAACAAI~&z=1341562401

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C677 15 KB
6 KB 97ms
56ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=floraspring.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://floraspring.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Apr 2023 17:51:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 565667
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame C677
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=floraspring.com&sn=ChromeSyncframe&so=0&topUrl=floraspring.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=pDGtsXw1bDB0WnphRjBoa05SejlLc1pqWmxqdWZJMU9UWEQ5RmlVbENYUVd3M0VoME42RkhIV1F0bG5tVjJSVzZuZkZ6a0t5VkwwTGdGY1VkS1JuSTExYnpEMFYvWEhGQTFPdHJXZVNiczlhS0p4TGlOV0hvaEMveXdCYn...

420 B
669 B

157ms
24ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pDGtsXw1bDB0WnphRjBoa05SejlLc1pqWmxqdWZJMU9UWEQ5RmlVbENYUVd3M0VoME42RkhIV1F0bG5tVjJSVzZuZkZ6a0t5VkwwTGdGY1VkS1JuSTExYnpEMFYvWEhGQTFPdHJXZVNiczlhS0p4TGlOV0hvaEMveXdCYnI5M3dqMkE0NXJHMnFkMWpUQyt3SVJqVlFYVWpERnVFL3BJcVJqQnVtTGlBRU4wRGNpZ3ZNU0ZzS28xV0RkMVFGclpud0VLVXg4TzQxQlViTm5XWVVnQUoxZFpZVFRJT3hMNzduQVQwbjFKNGVUMDlUNFNvSER5MGIwVm1rYnYwb25CYmpORkhxZjFacTRyK1FFSmc5NUJjajRSK25BUT09fA&cppv=2

Requested by

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3ddc70311a348318343800efc5ae331b7c559d57f73a233a26a19325d0d29bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1394775
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=pDGtsXw1bDB0WnphRjBoa05SejlLc1pqWmxqdWZJMU9UWEQ5RmlVbENYUVd3M0VoME42RkhIV1F0bG5tVjJSVzZuZkZ6a0t5VkwwTGdGY1VkS1JuSTExYnpEMFYvWEhGQTFPdHJXZVNiczlhS0p4TGlOV0hvaEMveXdCYnI5M3dqMkE0NXJHMnFkMWpUQyt3SVJqVlFYVWpERnVFL3BJcVJqQnVtTGlBRU4wRGNpZ3ZNU0ZzS28xV0RkMVFGclpud0VLVXg4TzQxQlViTm5XWVVnQUoxZFpZVFRJT3hMNzduQVQwbjFKNGVUMDlUNFNvSER5MGIwVm1rYnYwb25CYmpORkhxZjFacTRyK1FFSmc5NUJjajRSK25BUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 387367
content-length: 0
expires: 0

GET
H3 200 player-dash-mse.min.js Show response
quick.vidalytics.com/embeds/KwmJQD4K/OvEB6FVZrV20oq_j/ 2 MB
498 KB 34ms
12ms XHR
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/embeds/KwmJQD4K/OvEB6FVZrV20oq_j/player-dash-mse.min.js?hash=hlpsjzei
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/OvEB6FVZrV20oq_j/loader.min.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 021a49ce08e0220356b9875ad59dd99b126e8e24d01df205919e4d5e6a3b2651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sat, 06 May 2023 08:17:04 GMT
date: Mon, 17 Apr 2023 17:51:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 984864
x-guploader-uploadid: ADPycduLBA16XZHBO1lfO0lpSU68IqHAJjovHVFzb-ir2MYBPCcFnzNXHsb5oh7QF0cRr907pbSPMM30tjz1Ft2WMpQsLQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 508795
x-served-by: cache-iad-kiad7000142-IAD, cache-fra-eddf8230047-FRA
last-modified: Thu, 15 Dec 2022 10:16:29 GMT
server: UploadServer
x-timer: S1681753889.206035,VS0,VE3
etag: "35d1f366a38ade6eee03619290a5a408"
vary: Accept-Encoding
x-goog-generation: 1671099389474886
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=sdVjjw==, md5=NdHzZqOK3m7uA2GSkKWkCA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=300, s-maxage=2592000
x-goog-stored-content-length: 508795
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 42ms
11ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=875470023133343&ev=PageView&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%26lptoken%3D167e81f375bc56038709%26a%3D2104%26s1%3DNW_WL%26s3%3Dv10_sE26%26s4%3Dirollie&rl=&if=false&ts=1681753889210&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681753889209.1548130425&it=1681753888908&coo=false&eid=1681754677062_16817542548431&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 17:51:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 awesome-log Show response
stats.vidalytics.com/ 43 B
373 B 376ms
133ms XHR
image/gif 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/awesome-log?cid=KwmJQD4K
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:29 GMT
server: istio-envoy
etag: "KwmJQD4K/dnVTBAIGBce9VRu1"
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: no-cache, public, max-age=2592000
x-envoy-upstream-service-time: 15
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
content-length: 43

POST
H2 200 licensing Show response
analytics-ingress-global.bitmovin.com/ 117 B
378 B 51ms
22ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/licensing
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 117
alt-svc: clear

POST
H2 200 licensing Show response
licensing.bitmovin.com/ 165 B
451 B 267ms
237ms XHR
application/json 2600:1901:0:df23::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/licensing
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 google
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 165

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 21ms
20ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 17:51:28 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H2 200 pixel;r=79558483;source=gtm;labels=_fp.event.Default;rf=0;a=p-rXRXmwZSu3n0s;url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRL...
pixel.quantserve.com/ 35 B
372 B 45ms
19ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=79558483;source=gtm;labels=_fp.event.Default;rf=0;a=p-rXRXmwZSu3n0s;url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%26lptoken%3D167e81f375bc56038709%26a%3D2104%26s1%3DNW_WL%26s3%3Dv10_sE26%26s4%3Dirollie;uht=2;fpan=1;fpa=P0-1353968974-1681753888931;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=floraspring.com;dst=0;et=1681753889539;tzo=0;ogl=;ses=45ee0011-d82b-46c2-bc7e-7563604e08e0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 stream.mpd Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/ 6 KB
6 KB 11ms
10ms XHR
application/dash+xml 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/stream.mpd
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b552c41452c73a75231ffb2bc6d7e14a6182e0d1e1800f68753e8f6d6e67ed50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 11:32:59 GMT
date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 541111
x-guploader-uploadid: ADPycduEQdXaPzKmFRVs_dI25ssW6ZiH-8oR2rkKQsUQygsYRx5KxndBibAo94DykaY_keg4cn3JkYl9BeByQz2a5nGyU6eHKGyA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5841
x-served-by: cache-iad-kiad7000081-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:52:17 GMT
server: UploadServer
x-timer: S1681753890.554039,VS0,VE1
etag: "18e6a25085dceb81070af1b56735493a"
x-goog-generation: 1652291537378848
content-type: application/dash+xml
access-control-allow-origin: *
x-goog-hash: crc32c=LRUdAw==, md5=GOaiUIXc64EHCvG1ZzVJOg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 5841
accept-ranges: bytes
x-cache-hits: 40, 1

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=77723&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=gwzbxl9hMXNON3ZTY1ZNM1RqenhCQ0hLYWFhbEZ2Qmppdk01TkdDVG03YzY1d0xzc25OdGNWMmRFOWwwQk1...
https://widget.us.criteo.com/event?a=77723&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=gwzbxl9hMXNON3ZTY1ZNM1RqenhCQ0hLYWFhbEZ2Qmppdk01TkdDVG03YzY1d0xzc25OdGNWMmRFOWwwQk1...

8 KB
4 KB

405ms
113ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=77723&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=gwzbxl9hMXNON3ZTY1ZNM1RqenhCQ0hLYWFhbEZ2Qmppdk01TkdDVG03YzY1d0xzc25OdGNWMmRFOWwwQk1aSjZFekZZeThoNU45OW1jT0lXeFp0R1BVQVdXOVMlMkZ4Z0FDRjZqdkslMkJDeWVHbjZRN1NQbmRtbGpKS2d6dU9ndXFMbVFDdkQzT2Ewb2hIQ2IxVmhZOG8lMkJmTDJLbUElM0QlM0Q&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fvoltrk%253D1%2526cep%253DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%2526lptoken%253D167e81f375bc56038709%2526a%253D2104%2526s1%253DNW_WL%2526s3%253Dv10_sE26%2526s4%253Dirollie&ceid=741ba54c-701e-4c43-a913-b0a97d36294b&dtycbr=40419

Requested by

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

fa4339bbacfb4be2bb3e9b887570ab0b61acb8e9036c459da1f042ac0f7dc5a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 20108583
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=77723&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=gwzbxl9hMXNON3ZTY1ZNM1RqenhCQ0hLYWFhbEZ2Qmppdk01TkdDVG03YzY1d0xzc25OdGNWMmRFOWwwQk1aSjZFekZZeThoNU45OW1jT0lXeFp0R1BVQVdXOVMlMkZ4Z0FDRjZqdkslMkJDeWVHbjZRN1NQbmRtbGpKS2d6dU9ndXFMbVFDdkQzT2Ewb2hIQ2IxVmhZOG8lMkJmTDJLbUElM0QlM0Q&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fvoltrk%253D1%2526cep%253DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%2526lptoken%253D167e81f375bc56038709%2526a%253D2104%2526s1%253DNW_WL%2526s3%253Dv10_sE26%2526s4%253Dirollie&ceid=741ba54c-701e-4c43-a913-b0a97d36294b&dtycbr=40419
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13662210
timing-allow-origin: *
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ 696 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 init.mp4 Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/640x360_h264_420624/ 673 B
1 KB 10ms
10ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/640x360_h264_420624/init.mp4
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 27736a2d115a9af0a0692cb562dccca0615258de0ca24102e8c90d24b1c9f276

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 11:59:07 GMT
date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 539543
x-guploader-uploadid: ADPycdvwH7LuZuhIJ6Xs_-EMzzQwCcOSYbUeaWSnqub-kHxVDOpigjqxKjAoP0-BWBeGbNkQuaM5mrb81Mr6imWzye4sFvQojpKa
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 673
x-served-by: cache-iad-kiad7000125-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:02 GMT
server: UploadServer
x-timer: S1681753890.611216,VS0,VE1
etag: "8abf77226e6973a9c9023c52592f91b3"
x-goog-generation: 1652290982033416
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=K+N+bA==, md5=ir93Im5pc6nJAjxSWS+Rsw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 673
accept-ranges: bytes
x-cache-hits: 15, 1

GET
H3 200 init.mp4 Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 606 B
1 KB 11ms
10ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/init.mp4
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sun, 31 Mar 2024 08:17:08 GMT
date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 984862
x-guploader-uploadid: ADPycdtIACYcOmIsNh1PCDTmzD6PdlkFuBDY79w2JGb1wahcESqD941Ql82fxzupJfIkXnlqExjwwwWa_1HN1NJrL5cPU8v4lfkj
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 606
x-served-by: cache-iad-kjyo7100026-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:00 GMT
server: UploadServer
x-timer: S1681753890.611388,VS0,VE1
etag: "af3d86596c83ba8ac236796a59f6d6dc"
x-goog-generation: 1652291040020148
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 606
accept-ranges: bytes
x-cache-hits: 77, 1

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 834B 0
49 B 12ms
11ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://floraspring.com
Referer: https://floraspring.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://floraspring.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 17 Apr 2023 17:51:29 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
83 B 119ms
118ms XHR
application/json 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 17 Apr 2023 17:51:29 GMT
x-envoy-upstream-service-time: 3
server: istio-envoy
content-length: 16
access-control-allow-methods: POST,OPTIONS
content-type: application/json

GET
H3 200 s_0.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/640x360_h264_420624/ 202 KB
203 KB 13ms
13ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/640x360_h264_420624/s_0.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: aab9cf176aff145f388add98d5acd8b9dd3ba58e7603439e4ab8eb0457a5e4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sun, 07 Apr 2024 23:04:51 GMT
date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 326798
x-guploader-uploadid: ADPycdvxqVwAy8WVJBaVUTTGx8WEmiDqjVgpbKSOLki08j-ZI7gU9XTEXPJlMRvvjk6Lvw9FsB0QRTdw14QFrRXXU1dQUI_BpJBF
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 206613
x-served-by: cache-iad-kcgs7200048-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:02 GMT
server: UploadServer
x-timer: S1681753890.864601,VS0,VE3
etag: "02f7fbfd778d0d5b59fad440efca165f"
x-goog-generation: 1652290982252985
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=0eKONg==, md5=Avf7/XeNDVtZ+tRA78oWXw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 206613
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H3 200 s_0.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 47 KB
48 KB 11ms
10ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_0.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5ed5ee7d2f88513a21b105e38900681e30de2b40d2ff5d97d20b14bde1f2a87b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sat, 23 Mar 2024 14:37:27 GMT
date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 1653243
x-guploader-uploadid: ADPycdvgvrYSJzuAJ5ZxkRjxR5J_-NUJcl_6MJiSQvRN5jvfttII47BKvvRE-Z_RzNai8v2uotl3kVXhp5bZcvK9uUD0CFcBswr2
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 48229
x-served-by: cache-iad-kiad7000078-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:00 GMT
server: UploadServer
x-timer: S1681753890.864791,VS0,VE2
etag: "135b54826bb6e72afeb944dfac225f94"
x-goog-generation: 1652291040227519
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=FWC8tw==, md5=E1tUgmu25yr+uUTfrCJflA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 48229
accept-ranges: bytes
x-cache-hits: 164, 1

GET
H3 200 s_1.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 47 KB
47 KB 11ms
10ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_1.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9d7daba2671a1cb3aa750ea2636543b44a0ced52c7a87608ac6a6b9b4341716d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sun, 31 Mar 2024 21:19:57 GMT
date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 937892
x-guploader-uploadid: ADPycdvDQALipdmewjdka_UStrGileYIRWe870EWVhI4xHhBR2Si_mBshwhnigbVvCpn3SF_wWGlJHEcTpyrGMKbEpsHNQnaQR3y
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47809
x-served-by: cache-iad-kcgs7200102-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:00 GMT
server: UploadServer
x-timer: S1681753890.905578,VS0,VE2
etag: "c786954026d6c2817d26bf16b8667ecb"
x-goog-generation: 1652291040318459
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=HZAPjw==, md5=x4aVQCbWwoF9Jr8WuGZ+yw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47809
accept-ranges: bytes
x-cache-hits: 32, 1

POST
H2 204 impression Show response
licensing.bitmovin.com/ 0
41 B 24ms
23ms XHR
application/json 2600:1901:0:df23::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/impression
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 google
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json

GET
H3 200 init.mp4 Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 672 B
1 KB 9ms
9ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/init.mp4
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 71d7577a1e8ec552b7408e07fb6fb88216d05b9b810514f2a6c297be85c711b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 06:00:16 GMT
date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 561073
x-guploader-uploadid: ADPycdtGuVl5hiCsDB79lVFZxuNRO43gpwLPT9IxIKpCNwiNeNlt124RBCrzLWE7D4s0LctUWuAlCY_unKxxAxTkdoCZXMC5d93c
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 672
x-served-by: cache-iad-kjyo7100121-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:03 GMT
server: UploadServer
x-timer: S1681753890.921813,VS0,VE1
etag: "de0beafa3fb2e7422536c42656474052"
x-goog-generation: 1652290982942256
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=adaXuw==, md5=3gvq+j+y50IlNsQmVkdAUg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 672
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
57 B 117ms
116ms XHR
application/json 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 17 Apr 2023 17:51:29 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
content-length: 16
access-control-allow-methods: POST,OPTIONS
content-type: application/json

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame A7AE
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-F5ECT-OrYnGq6t8xvPIduuPuq6numCBw_rJ_rQ&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-F5ECT-OrYnGq6t8xvPIduuPuq6numCBw_rJ_rQ&expires=30

43 B
345 B

13ms
12ms

Image
image/gif

3.67.205.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-F5ECT-OrYnGq6t8xvPIduuPuq6numCBw_rJ_rQ&expires=30
Protocol: H2
Server: 3.67.205.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-205-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-F5ECT-OrYnGq6t8xvPIduuPuq6numCBw_rJ_rQ&expires=30
date: Mon, 17 Apr 2023 17:51:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame A7AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-xa5w7OOrYnGq6t8xvPIduuPuq6lsIVBRy_b3ug&google_cm&google_hm=ay14YTV3N09PclluR3E2dDh4dlBJZHV1UHVxNmxzSVZCU...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xa5w7OOrYnGq6t8xvPIduuPuq6lsIVBRy_b3ug&google_gid=CAESEBkPmtqkK0BE5J5z-CuOZ-c&google_cver=1&google_ula=913071,0

43 B
369 B

23ms
22ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xa5w7OOrYnGq6t8xvPIduuPuq6lsIVBRy_b3ug&google_gid=CAESEBkPmtqkK0BE5J5z-CuOZ-c&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 624332
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xa5w7OOrYnGq6t8xvPIduuPuq6lsIVBRy_b3ug&google_gid=CAESEBkPmtqkK0BE5J5z-CuOZ-c&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame A7AE
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3131620286781372695

43 B
370 B

22ms
22ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3131620286781372695

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1266039
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 17 Apr 2023 17:51:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.199; 80.255.10.199; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0910852f-9be6-4928-8e46-0e0fd1816fa2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3131620286781372695
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame A7AE
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-onYeNOOrYnGq6t8xvPIduuPuq6lWIQdxwESB_Q
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-onYeNOOrYnGq6t8xvPIduuPuq6lWIQdxwESB_Q

43 B
1 KB

23ms
23ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-onYeNOOrYnGq6t8xvPIduuPuq6lWIQdxwESB_Q

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 17:51:30 GMT
AN-X-Request-Uuid: 5ea9c12e-7337-4ebd-b646-506ee2e5c3c2
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.199; 80.255.10.199; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 17:51:30 GMT
AN-X-Request-Uuid: 8eda8367-3bbf-42fa-9240-177b8d474158
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-onYeNOOrYnGq6t8xvPIduuPuq6lWIQdxwESB_Q
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.199; 80.255.10.199; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame A7AE 61 B
802 B 98ms
47ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-D8YJyuOrYnGq6t8xvPIduuPuq6nP2xUec8QjaQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 17:51:30 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Mon, 17 Apr 2023 17:51:30 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame A7AE 0
239 B 63ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-GP5bVuOrYnGq6t8xvPIduuPuq6nmz5ZJEgiuIQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame A7AE 0
357 B 78ms
7ms Image
text/plain 35.158.28.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-CBQdMuOrYnGq6t8xvPIduuPuq6nN1TxUgNwqkw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.28.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-28-31.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame A7AE 43 B
163 B 143ms
21ms Image
image/gif 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-vEgeDeOrYnGq6t8xvPIduuPuq6nhTwEYU4b4Ow
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:29 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A7AE 0
99 B 836ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-1xJfMeOrYnGq6t8xvPIduuPuq6kF0jCCHLePnw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13013

GET
H2 200 um
criteo-sync.teads.tv/ Frame A7AE 23 B
172 B 101ms
36ms Image
image/gif 2.23.197.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-nlLnwOOrYnGq6t8xvPIduuPuq6n0givZmFXhDQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Mon, 17 Apr 2023 17:51:30 GMT
pragma: no-cache
date: Mon, 17 Apr 2023 17:51:30 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame A7AE 37 B
140 B 84ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-RWqgYeOrYnGq6t8xvPIduuPuq6mW-jHCYT5Shg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame A7AE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8Amx9eOrYnGq6t8xvPIduuPuq6nywPAzmcx82Q
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8Amx9eOrYnGq6t8xvPIduuPuq6nywPAzmcx82Q&verify=true

0
121 B

12ms
12ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8Amx9eOrYnGq6t8xvPIduuPuq6nywPAzmcx82Q&verify=true

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8Amx9eOrYnGq6t8xvPIduuPuq6nywPAzmcx82Q&verify=true
date: Mon, 17 Apr 2023 17:51:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame A7AE 43 B
163 B 82ms
22ms Image
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-FHH4CeOrYnGq6t8xvPIduuPuq6keaKdVnX6hyw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT
last-modified: Fri, 07 Feb 2020 08:03:24 GMT
server: nginx
accept-ranges: bytes
etag: "5e3d19cc-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame A7AE 49 B
235 B 81ms
24ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-8As8p-OrYnGq6t8xvPIduuPuq6k1jsrRJqMBbw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:30 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 6
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame A7AE
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gr5RGOOrYnGq6t8xvPIduuPuq6mZ6e6O0-Bkzg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gr5RGOOrYnGq6t8xvPIduuPuq6mZ6e6O0-Bkzg&C=1

43 B
766 B

10ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gr5RGOOrYnGq6t8xvPIduuPuq6mZ6e6O0-Bkzg&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 17:51:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 17:51:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-gr5RGOOrYnGq6t8xvPIduuPuq6mZ6e6O0-Bkzg&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame A7AE
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ifMXYfMh9oQTqcxQ2Tyn0bJJruXZ1Y4l
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ifMXYfMh9oQTqcxQ2Tyn0bJJruXZ1Y4l

42 B
942 B

140ms
140ms

Image
image/gif

54.154.173.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ifMXYfMh9oQTqcxQ2Tyn0bJJruXZ1Y4l

Protocol

HTTP/1.1

Server

54.154.173.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-173-64.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v047-0f30d8911.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: keFE9cSqTCM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v047-0a9d00a32.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: JhHlh+tKSNw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ifMXYfMh9oQTqcxQ2Tyn0bJJruXZ1Y4l
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame A7AE 43 B
1 KB 41ms
15ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-GD1UGeOrYnGq6t8xvPIduuPuq6lzKoOWMrOLgw

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 17 Apr 2023 17:51:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame A7AE
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-nJ1QieOrYnGq6t8xvPIduuPuq6naS10izefKyQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-nJ1QieOrYnGq6t8xvPIduuPuq6naS10izefKyQ

43 B
447 B

32ms
32ms

Image
image/gif

18.203.73.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-nJ1QieOrYnGq6t8xvPIduuPuq6naS10izefKyQ
Protocol: H2
Server: 18.203.73.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-73-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 17 Apr 2023 17:51:30 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-nJ1QieOrYnGq6t8xvPIduuPuq6naS10izefKyQ
access-control-allow-origin: *
date: Mon, 17 Apr 2023 17:51:30 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame A7AE 42 B
275 B 74ms
36ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-caaR8-OrYnGq6t8xvPIduuPuq6mp_w658mR6Cw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame A7AE 0
886 B 64ms
10ms Image
text/html 35.156.206.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-7Wd8LeOrYnGq6t8xvPIduuPuq6nwS7jZwR96QA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.206.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-206-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame A7AE 0
145 B 476ms
95ms Image
text/plain 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ZDmJ9uOrYnGq6t8xvPIduuPuq6k-4dMGwUSjRQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 17:51:30 GMT
Cache-Control: no-cache
X-TraceId: 39e9a10f69c02799a7ba2ec6ad95ce91
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame A7AE 42 B
583 B 84ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-vcFrPOOrYnGq6t8xvPIduuPuq6lLfcRRuvzKKQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 17 Apr 2023 17:51:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame A7AE 43 B
406 B 316ms
91ms Image
image/gif 2600:1f18:612b:4280:b7e4:703:4793:ce15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-9u5treOrYnGq6t8xvPIduuPuq6nbpcMtHAUmBg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:b7e4:703:4793:ce15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 17 Apr 2023 17:51:30 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame A7AE 43 B
153 B 70ms
21ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-CHyxBOOrYnGq6t8xvPIduuPuq6k9ryz5wCpTaQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 17 Apr 2023 17:51:30 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame A7AE 0
400 B 83ms
36ms Image
text/plain 2.22.155.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-xaZdu-OrYnGq6t8xvPIduuPuq6mPR3Tz189bvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.155.103 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-155-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 17:51:30 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 16 Apr 2023 17:51:30 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame A7AE 0
38 B 201ms
33ms Image
text/plain 54.77.251.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-YV7E4eOrYnGq6t8xvPIduuPuq6nGWel-leFyxg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.251.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-251-116.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT
content-length: 0

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 20ms
19ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 23ms
21ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 22ms
20ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 27ms
26ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 17:51:30 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 23ms
23ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 17:51:29 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H3 200 s_1.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 111ms
111ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_1.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 34e8b99a2574c4748d63c313657e192faaf6be39a42d38868f0d2eb8c5e8a374

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Mon, 08 Apr 2024 05:37:24 GMT
date: Mon, 17 Apr 2023 17:51:30 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 303245
x-guploader-uploadid: ADPycdto7g0_yepdE2BB9ITcxs1u0PuHLpirKMffyYerg-KdyyBYwJfdQabf_bIxXOQhNATiVtqp0CeJmzwWskuny9Kk-WY17PAO
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1526716
x-served-by: cache-iad-kcgs7200045-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:42:41 GMT
server: UploadServer
x-timer: S1681753890.172314,VS0,VE103
etag: "d4cd0af847817be6dc0330817a585c7e"
x-goog-generation: 1652290961682672
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=7deM4A==, md5=1M0K+EeBe+bcAzCBelhcfg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1526716
accept-ranges: bytes
x-cache-hits: 62, 0

GET
H3 200 s_2.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 46 KB
47 KB 15ms
14ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_2.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b8da56041e89fd42f694e6adeeeeb1dec747002cb2df3a1b110ba0f842dcb1b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sat, 23 Mar 2024 14:37:29 GMT
date: Mon, 17 Apr 2023 17:51:30 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 1653241
x-guploader-uploadid: ADPycdu_lAR5z_RTF7rbNdpK063ULA5jeacUgOvLe6Ty2mdydGo69lyGJ3WWrN4SZN9yySOAoUMkShtYIED_Yb0y-mdihg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47444
x-served-by: cache-iad-kjyo7100162-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:00 GMT
server: UploadServer
x-timer: S1681753890.413833,VS0,VE3
etag: "027f5e63597d0cd34bd866926e28682c"
x-goog-generation: 1652291040519076
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=OsyoNQ==, md5=An9eY1l9DNNL2GaSbihoLA==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47444
accept-ranges: bytes
x-cache-hits: 124, 1

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame A7AE
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GVbD-b-8ZQfbd8AVb-zTgJjdpwiSk6wO

0
338 B

148ms
32ms

Image
text/plain

52.211.68.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GVbD-b-8ZQfbd8AVb-zTgJjdpwiSk6wO
Protocol: H2
Server: 52.211.68.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-68-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-served-by: beacon-n006-dub-prod.krxd.net
date: Mon, 17 Apr 2023 17:51:30 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1681753890
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GVbD-b-8ZQfbd8AVb-zTgJjdpwiSk6wO
date: Mon, 17 Apr 2023 17:51:29 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 928851
content-length: 0

GET
H3 200 s_2.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 104ms
104ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_2.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ba014cd60f64ed0c76bde747b1cb6c8e82e809bf3330cd8b73885f50e170df39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sun, 31 Mar 2024 14:01:41 GMT
date: Mon, 17 Apr 2023 17:51:30 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 964189
x-guploader-uploadid: ADPycdvadejFWp406tuIOHVM_TH_jbNB3Wh53y8MaokEZ13FqUAh8d1PpVtoU5wLtF3nhu-woKmtL7FyqQVCKq5Kg6B1YA
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1510441
x-served-by: cache-iad-kcgs7200039-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:02 GMT
server: UploadServer
x-timer: S1681753890.435881,VS0,VE95
etag: "eeb7a95ca685531ee41cb81ccc7be919"
x-goog-generation: 1652290982825996
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=g1UT4w==, md5=7repXKaFUx7kHLgczHvpGQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1510441
accept-ranges: bytes
x-cache-hits: 135, 0

GET
H2

200

cs
s.thebrighttag.com/ Frame A7AE
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=0pWDcZ20MT68yx3cJm7rIJebfsonNblU

35 B
268 B

376ms
107ms

Image
image/gif

3.130.203.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=0pWDcZ20MT68yx3cJm7rIJebfsonNblU
Protocol: H2
Server: 3.130.203.157 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-203-157.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:30 GMT
x-bt-requestid: 7c30f340-dd48-11ed-9b8a-0000ac170312
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=0pWDcZ20MT68yx3cJm7rIJebfsonNblU
date: Mon, 17 Apr 2023 17:51:30 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 3490506
content-length: 0

GET
H3 200 s_3.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 47 KB
47 KB 10ms
9ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_3.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0258a5a4c0ef9a9fb39ed3ea40c13ac2d47e3c7609045023158ee31233e1aaa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Fri, 01 Mar 2024 06:47:21 GMT
date: Mon, 17 Apr 2023 17:51:30 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 3582248
x-guploader-uploadid: ADPycdsvKoFFWEFH8btu29yUTG3mHfZkobA7GX2JmQUt3VEtAnAaDmXsy1VWmrNt6tYkCb7lw6LG06lbbQ8XMLicurq2NG7Q61AO
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47632
x-served-by: cache-iad-kjyo7100176-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:00 GMT
server: UploadServer
x-timer: S1681753891.630057,VS0,VE2
etag: "e83b84a3e3d924d37ecac841a8053733"
x-goog-generation: 1652291040649159
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=KzxaJw==, md5=6DuEo+PZJNN+yshBqAU3Mw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47632
accept-ranges: bytes
x-cache-hits: 39, 1

GET
H3 200 s_3.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 104ms
104ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_3.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: efc301d09208db103d96a40b70934b55ff649ca91802415fe18542deb2465a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sat, 06 Apr 2024 04:53:43 GMT
date: Mon, 17 Apr 2023 17:51:30 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 478667
x-guploader-uploadid: ADPycdu8rv9bJ-S9BcrkEQ6t7wnONnXs_Rh7ZQRj5hj-oMVAjGXghsQRapFP7IPAFB5tc_qwQtOROKa6e9CVonKhB-T2Isemtjjn
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1558281
x-served-by: cache-iad-kiad7000112-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:42:56 GMT
server: UploadServer
x-timer: S1681753891.647202,VS0,VE95
etag: "32dc0f2b35fccab293d3b48e4ebfab5f"
x-goog-generation: 1652290976469524
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=Z1e0ig==, md5=MtwPKzX8yrKT07SOTr+rXw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1558281
accept-ranges: bytes
x-cache-hits: 75, 0

GET
H3 200 s_4.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 46 KB
47 KB 10ms
10ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_4.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e42f6b33db242867f2607350ea7b8804f4cf55e0fa6c677ebf11ee3cf92a9e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Tue, 19 Mar 2024 23:29:55 GMT
date: Mon, 17 Apr 2023 17:51:30 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 1966895
x-guploader-uploadid: ADPycds4rgLu4v8vD22UVUIHfCcBC2odnGzM8Q7KDnXmRV-hg0YN0SXH49JnB72a-x9fbHQPKner4Fu0buWUgDG-3k_nhTiEMWiv
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47559
x-served-by: cache-iad-kcgs7200069-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:00 GMT
server: UploadServer
x-timer: S1681753891.839422,VS0,VE2
etag: "52254416c3e8d1bb3d82d6c38ade92aa"
x-goog-generation: 1652291040844801
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=nOl6lw==, md5=UiVEFsPo0bs9gtbDit6Sqg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47559
accept-ranges: bytes
x-cache-hits: 148, 1

GET
H3 200 s_4.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 111ms
110ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_4.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0fb819ab3895940a9f1f009d6413723d7666f84195c09b2485c9a750b627e081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Thu, 11 Apr 2024 04:06:35 GMT
date: Mon, 17 Apr 2023 17:51:30 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 49496
x-guploader-uploadid: ADPycdtE88YFqUarQncDtC3NCO_sEZBLl8lkEAPXA-1u6aLzvLGp1JcVKu4CLNSfju6DP1PzhU89-UfAv7q3dQotksDy
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1562742
x-served-by: cache-iad-kcgs7200129-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:04 GMT
server: UploadServer
x-timer: S1681753891.855823,VS0,VE95
etag: "785a88136c6985f90a907c2af61006ce"
x-goog-generation: 1652290984040489
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=Z74A5A==, md5=eFqIE2xphfkKkHwq9hAGzg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1562742
accept-ranges: bytes
x-cache-hits: 8, 0

GET
H3 200 s_5.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 47 KB
47 KB 11ms
11ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_5.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ff4b1286e2e445c650dc2d3e315c4294511b9a66de21dfa073d766adee740343

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sun, 31 Mar 2024 08:17:17 GMT
date: Mon, 17 Apr 2023 17:51:31 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 984853
x-guploader-uploadid: ADPycdv7voiU8SZwqWfjLxQ2NoKPf29gu1CXIX9p4delAj0TnKexdTfsM3VFLuNqVifn2X2az2FbZoKsu6-t4Il5Trcju1MEjJiw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47774
x-served-by: cache-iad-kcgs7200162-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:01 GMT
server: UploadServer
x-timer: S1681753891.083071,VS0,VE1
etag: "69a3db45d573c7234179eadc2a8b883d"
x-goog-generation: 1652291041016182
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=ABxFgA==, md5=aaPbRdVzxyNBeercKouIPQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47774
accept-ranges: bytes
x-cache-hits: 70, 1

GET
H3 200 s_5.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 108ms
107ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_5.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 05669f6021b27b1343d566e296264c8311dc89fb5199de61b983d59d97c13d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Tue, 09 Apr 2024 01:40:05 GMT
date: Mon, 17 Apr 2023 17:51:31 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 231086
x-guploader-uploadid: ADPycdvjvKBAopYep8aOG1E1J-HWyGXBiCzmMaFpT26VoT-I9edYMzig2sFUNX2l1smyQ8UpOxHzJcU9GPbWGWsZ9dti67M2sBc_
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1492124
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:03 GMT
server: UploadServer
x-timer: S1681753891.099730,VS0,VE97
etag: "5326ae272f5f3503145bb5f0cb3b3dd9"
x-goog-generation: 1652290983209073
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=ynZyRA==, md5=UyauJy9fNQMUW7Xwyzs92Q==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1492124
accept-ranges: bytes
x-cache-hits: 39, 0

GET
H3 200 s_6.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 46 KB
47 KB 11ms
10ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_6.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7bd06558684581b5c99aab47ebeea622a7eeb4d12db214fdde14985d44f74337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Wed, 03 Apr 2024 17:02:22 GMT
date: Mon, 17 Apr 2023 17:51:31 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 694148
x-guploader-uploadid: ADPycdtZuf821XfAblk0S6hw23uA49o06iTCVs8KeLomZS8JSRZYfFcyTb9kDOpnn1JYtb5qm1AzstjpqP-VMmNqWdiMlx7Jp8jb
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47367
x-served-by: cache-iad-kjyo7100099-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:01 GMT
server: UploadServer
x-timer: S1681753891.343126,VS0,VE2
etag: "d92db29fa571ce2aad9c31b8cb99d7c6"
x-goog-generation: 1652291041156499
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=VsCUXQ==, md5=2S2yn6VxziqtnDG4y5nXxg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47367
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H3 200 s_6.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 105ms
104ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_6.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c562af82db9d8b080006ab0e148911d6e06a7538d537fe0ada31d98408144a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sun, 31 Mar 2024 14:01:42 GMT
date: Mon, 17 Apr 2023 17:51:31 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 964188
x-guploader-uploadid: ADPycdsXL6UFa5cNtecRHb8ksVXkwBzOEJulXFVNioZbDZY3odJkgG8QIK3zlKzHOcirf4USGJ9Usbr005GgMxLIqq0dkw
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1522670
x-served-by: cache-iad-kcgs7200135-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:16 GMT
server: UploadServer
x-timer: S1681753891.360821,VS0,VE96
etag: "726af5b7ff804d29fff63df0df6bc45a"
x-goog-generation: 1652290995993464
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=g6xhWw==, md5=cmr1t/+ATSn/9j3w32vEWg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1522670
accept-ranges: bytes
x-cache-hits: 112, 0

GET
H3 200 s_7.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 47 KB
47 KB 34ms
34ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_7.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a34be781aa9311e3c5703d709bcc2acf352b080a90c7930ba50f3601521394d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sat, 06 Apr 2024 08:56:44 GMT
date: Mon, 17 Apr 2023 17:51:31 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 464086
x-guploader-uploadid: ADPycdtJu0fXTCwhG2qHdxS1eWgDWLje8D8jiiruK7J2Fw-2n4uDg9Md2bBO7XG9Zus45NMpECWFUkdOhnijyavuBfUCeFH0y0_8
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47785
x-served-by: cache-iad-kjyo7100041-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:01 GMT
server: UploadServer
x-timer: S1681753892.577062,VS0,VE25
etag: "ea0b153395311de898b4719520e0562f"
x-goog-generation: 1652291041316804
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=loJ3Uw==, md5=6gsVM5UxHeiYtHGVIOBWLw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47785
accept-ranges: bytes
x-cache-hits: 24, 1

GET
H3 200 s_7.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 406ms
405ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_7.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9cb6ed30b251e4b97ed3f8ed4cab5e913db702397d49c44387cbf61a5bd1aa47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Wed, 10 Apr 2024 18:49:44 GMT
date: Mon, 17 Apr 2023 17:51:32 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 82907
x-guploader-uploadid: ADPycdvXAZJOhELR1IJbIg-4h_y-iAWGWSlu_3_5v9OvcIup0iB3Yt2ZWQhdBodqKJdWCSSKNnMBOIa7ubADAPUf295jPJCWthFL
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1477992
x-served-by: cache-iad-kjyo7100116-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:17 GMT
server: UploadServer
x-timer: S1681753892.617244,VS0,VE395
etag: "a117edb40d163749f6d1a5103f774849"
x-goog-generation: 1652290997110936
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=cZhg5g==, md5=oRfttA0WN0n20aUQP3dISQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1477992
accept-ranges: bytes
x-cache-hits: 10, 0

GET
H3 200 s_8.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 46 KB
47 KB 11ms
11ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_8.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cfabe42281ed2f09322871a326b54dace5174cdb28264838d90df52cc7e5e79b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Fri, 22 Mar 2024 18:52:32 GMT
date: Mon, 17 Apr 2023 17:51:32 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 1724340
x-guploader-uploadid: ADPycds5-FrCxb99LYcJwNG469YaGGPf9FSKS1Q3A2JOizxOfw_aPpUlvGAKFy3W0tzTY-2kIyMV3M8sgWxUGdW1M6-e5w
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47445
x-served-by: cache-iad-kcgs7200090-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:01 GMT
server: UploadServer
x-timer: S1681753892.117908,VS0,VE2
etag: "d71ce9fba6a6b5b9ec0d7e1c6c8e03a9"
x-goog-generation: 1652291041501219
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=0eyPmQ==, md5=1xzp+6amtbnsDX4cbI4DqQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47445
accept-ranges: bytes
x-cache-hits: 152, 1

GET
H3 200 s_8.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 111ms
110ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_8.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bb1727e928e3d066824a2329c7ed02c04e08d37d1484adb237a70f2440675ae9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Mon, 01 Apr 2024 08:33:28 GMT
date: Mon, 17 Apr 2023 17:51:32 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 897484
x-guploader-uploadid: ADPycdtzFowEem3td5Ye6knXRcCo6M5ghfp3IT6pJSV4XRonplhtpyxGUPY_zc1593pxOHtghMHeXb-_lOKB7xmesWQndYksGvIn
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1515519
x-served-by: cache-iad-kiad7000027-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:17 GMT
server: UploadServer
x-timer: S1681753892.138416,VS0,VE102
etag: "1b8489390166b0c6ede357bb9603850a"
x-goog-generation: 1652290997648034
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=Z4f7nw==, md5=G4SJOQFmsMbt41e7lgOFCg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1515519
accept-ranges: bytes
x-cache-hits: 110, 0

GET
H3 200 s_9.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 47 KB
47 KB 12ms
12ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_9.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3de72f5e8a70a2b35ecc16f84c129ade0bfc2f0988062c8c80565f407f71a3af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sat, 23 Mar 2024 14:37:34 GMT
date: Mon, 17 Apr 2023 17:51:32 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 1653238
x-guploader-uploadid: ADPycdt3UIv9rBJtI6JaNa_Uoe1TSI9WkqD_LCkcD3Im5faGHGCTttEQib0XYfzg3e3mI6BHxToeZ_xBTtVYnlpc3-nWrA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47676
x-served-by: cache-iad-kjyo7100106-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:01 GMT
server: UploadServer
x-timer: S1681753892.361452,VS0,VE3
etag: "2d6fce07985004e8a1f629229072961a"
x-goog-generation: 1652291041653572
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=PAfcGQ==, md5=LW/OB5hQBOih9ikikHKWGg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47676
accept-ranges: bytes
x-cache-hits: 140, 1

GET
H3 200 s_9.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 105ms
104ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_9.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e4b2151214890e0a7ac5efa36484785c03d4248700f9fca82f03878b06cb9943

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Wed, 10 Apr 2024 03:37:32 GMT
date: Mon, 17 Apr 2023 17:51:32 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 137640
x-guploader-uploadid: ADPycdshemsG08E109WKbwnw4DpBZRN5YM3j0TLyZm7b5evByQkymwcj68eL-aSnLaUKS0lKbIa12DDcxTiKcnUAjBrRGw
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1527327
x-served-by: cache-iad-kcgs7200048-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:15 GMT
server: UploadServer
x-timer: S1681753892.380000,VS0,VE95
etag: "0783aa90ee132dbce02aedece1be7693"
x-goog-generation: 1652290995479833
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=lH8BfQ==, md5=B4OqkO4TLbzgKu3s4b52kw==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1527327
accept-ranges: bytes
x-cache-hits: 12, 0

GET
H3 200 s_10.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 46 KB
47 KB 11ms
11ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_10.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7218678bd6af304a3e66df37b924fa34d332037f7e789c3f1b4ce9d26ef196fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Fri, 22 Mar 2024 18:52:55 GMT
date: Mon, 17 Apr 2023 17:51:32 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 1724317
x-guploader-uploadid: ADPycds9MR6wkj64VojwbiCg3PK5DL0EI4yGd-IzUB_64oJH9PRNB9w2k0jIMGHzK6ckMGYU9fVmURCIPr_1UDbW2Smmvg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47511
x-served-by: cache-iad-kiad7000070-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:01 GMT
server: UploadServer
x-timer: S1681753893.754243,VS0,VE2
etag: "5d9daf571947cb12600ffe8f1dfc1312"
x-goog-generation: 1652291041828067
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=sCXLiA==, md5=XZ2vVxlHyxJgD/6PHfwTEg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47511
accept-ranges: bytes
x-cache-hits: 112, 1

GET
H3 200 s_10.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 121ms
120ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_10.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6202fdcba1218494bc4513a8742609aacd0a9da3f542ddf5db8e6feeb4ad340c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Tue, 02 Apr 2024 23:30:41 GMT
date: Mon, 17 Apr 2023 17:51:32 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 757252
x-guploader-uploadid: ADPycds0wGhYj7HEnigM0ZhTvD9McNhOf7tfeXlp-tV8gN2KYUZmoXkJNVfjhFL4UpE5d-Rm1qL_3k5bPwJaoLpoqULAHiNiS__V
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1492354
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:07 GMT
server: UploadServer
x-timer: S1681753893.769903,VS0,VE112
etag: "eb3e7cd9ed5f35444fa4a4cd326be4ff"
x-goog-generation: 1652290987164558
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=A6crAw==, md5=6z582e1fNURPpKTNMmvk/w==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1492354
accept-ranges: bytes
x-cache-hits: 86, 0

GET
H3 200 s_11.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 47 KB
47 KB 12ms
11ms XHR
audio/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_11.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1426a2059871d4cd46b4b82bdd2e06e34992a3e4cd79c8b526b781ee6974928b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Tue, 19 Mar 2024 10:02:54 GMT
date: Mon, 17 Apr 2023 17:51:34 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 2015320
x-guploader-uploadid: ADPycdvXoiEuwraLWaWFGhVwAtj0smvWEFuqUaL7Ee7cwa3aLl_YekWH6Syp6iflDMIX41dTzbhOET54yQDaEQ3-7VYvfg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47759
x-served-by: cache-iad-kjyo7100111-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:44:02 GMT
server: UploadServer
x-timer: S1681753894.360616,VS0,VE2
etag: "60d7b622ce800c68e5b6d0072cf4f012"
x-goog-generation: 1652291041985224
content-type: audio/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=cg8TlQ==, md5=YNe2Is6ADGjlttAHLPTwEg==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47759
accept-ranges: bytes
x-cache-hits: 111, 1

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 20ms
19ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 17:51:34 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 20ms
20ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 17:51:34 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
78 B 118ms
117ms XHR
application/json 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 17 Apr 2023 17:51:34 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
content-length: 16
access-control-allow-methods: POST,OPTIONS
content-type: application/json

GET
H3 200 s_11.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 1 MB
1 MB 111ms
110ms XHR
video/mp4 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_11.m4s
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?voltrk=1&cep=VJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs&lptoken=167e81f375bc56038709&a=2104&s1=NW_WL&s3=v10_sE26&s4=irollie
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4e02209fb4ef1df1c689025b232f23cf95f58e8f7ccd05e4f04e1df99441158f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Wed, 10 Apr 2024 18:49:46 GMT
date: Mon, 17 Apr 2023 17:51:34 GMT
via: 1.1 varnish, 1.1 varnish
x-cdn: 5
age: 82908
x-guploader-uploadid: ADPycdund22cmsLCFQqNYwikit7MlCifdmwAf_Ox6nfp_9pwMNyd79EM-_WI6HmeadSZ8M0vn16qNgFs08sS41403H4fDA
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1366977
x-served-by: cache-iad-kiad7000134-IAD, cache-fra-eddf8230047-FRA
last-modified: Wed, 11 May 2022 17:43:12 GMT
server: UploadServer
x-timer: S1681753895.667680,VS0,VE99
etag: "4743b5864204b758195122a524f16d69"
x-goog-generation: 1652290992346452
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=i2Mg0g==, md5=R0O1hkIEt1gZUSKlJPFtaQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=31104000
x-goog-stored-content-length: 1366977
accept-ranges: bytes
x-cache-hits: 8, 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JM1YLT9HG3&gtm=45je34c0&_p=216466619&cid=1091778365.1681753889&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fvoltrk%3D1%26cep%3DVJzlZ7XfrCLAbcTntrxC5OETcN8GBlpiWAXEplTCRLvRlY4dY4ms3MTT0Z1ilkNdGR6ykigb0MGly-ztqpwxg8lcj68vbZC0B3Xt4ZgqmptHa4M_N7Yzf2yUvYIT3tipEQNqH7ZS8Fo5ex2Lsyra0r7e_z3XwQEW22gWiHh_7fvxyUv1N7gM1QnNx-0Gd__uIVdal3c5ytI4I6orGMJ8y4fJnLS_GuvTD2chS6mXH1LJ91_PhmhhvsrI6NJgFcK6Ap3QcuhpePugwZJFOHXinsNqcoO3hk2dSVI_Tq-yf4PdhE3SUKgc3kXrfl6gbsCFc3Dzs-78gMLD6nESUwN4TahPGLh3uJdrDyQf7c23cNHLAZVDZjIPEY9ZN7ElXIf2mRT6McJAaMeGKTSqeEi4I6luEBd9uaQep_VnPWPmgLJdxeeE7FFzWRyuous8lBgZ62awhsqm--CgT6El72FV7iTh33dzRxqMMJACs9mWZrs%26lptoken%3D167e81f375bc56038709%26a%3D2104%26s1%3DNW_WL%26s3%3Dv10_sE26%26s4%3Dirollie&sid=1681753888&sct=1&seg=0&dt=Free%20Video%20-%20Limited%20Time%20Only!&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://floraspring.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 17:51:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
links.truthaboutabs.com/	1970-01-20 11:09:57	Name: _session_id Value: e4b17961800e12707ea758773a03d4a3
.treach-tutters.com/	1970-01-20 11:10:40	Name: 531b55b2-6106-4265-929d-17563ec0c13d-v4 Value: Qy6HFFGyUlhCyEXKobGelCrHPn7qJn55vtTclaE3EMo
.treach-tutters.com/	1970-01-20 11:10:40	Name: cep-v4 Value: al3WIMyKuRFiDZnuSEsCCK7HjE7sqWKs7aOSQ9cAJbjjzN_enLYgYsRXDymKtmhjTkp9ZmOXl9_uCbOj18LXR2Zq7TJvR_nExh4uNhNSz2KGwWzOk9CMJ9RWTBh_S0gVuVLKegQPvAVNdKHWJDjf_j9BK0II15YT8F66XFy3vEepM4m6IovqwZ-rrHodVd_-Yy7av63Byni96D2nV1oJ8t2l-3GlN4CwxpECENWxia_ORkwL2jcl1A1UCcc1-_BKEbXfGyg15TUrPqsc_sGkA4XbMfPy6F6xhFwPeMJtAdlJvS3jWB9VFc8149wg02Rm4_nO98c4B2Bv2xgzL00w5BVUU4z5bm51AnYdyYkxD-VjO86QoNifndC_d-kqAyAKxCOtHoO4__uejMua4ZtuMme7JOgZz9tq8GoKUEzF1irWYrgrZaPDtmBliLZW_7qCJ4Nt5IAWgfOTFgw499yrg1Nhfc9-LSy949n9ShoPJ2I
floraspring.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: hb17v3nfp09aq6bpdhcm9jmnvc
floraspring.com/	1970-01-20 12:14:01	Name: affid Value: 2104
floraspring.com/	1970-01-20 13:18:49	Name: fraff1 Value: yeahaff20
.floraspring.com/	1970-01-20 13:18:49	Name: _gcl_au Value: 1.1.1818830292.1681753889
.floraspring.com/	1970-01-20 11:10:40	Name: _gid Value: GA1.2.277881799.1681753889
.floraspring.com/	1970-01-20 11:09:13	Name: _gat_UA-113385709-1 Value: 1
.floraspring.com/	1970-01-20 20:45:13	Name: _ga Value: GA1.1.1091778365.1681753889
.mfadsrvr.com/	1970-01-20 20:45:13	Name: tuuid Value: 9bd668a1-12bc-4a36-9b72-e93aa7d84e75
.mfadsrvr.com/	1970-01-20 20:45:13	Name: c Value: 1681753888
.mfadsrvr.com/	1970-01-20 20:45:13	Name: tuuid_lu Value: 1681753888
.floraspring.com/	1970-01-20 11:10:40	Name: _uetsid Value: 7b0069c0dd4811edb0a6492bc625c577
.floraspring.com/	1970-01-20 20:30:49	Name: _uetvid Value: 7b00b520dd4811ed9abf0b36d4913b29
.bing.com/	1970-01-20 20:30:49	Name: MUID Value: 2D13A5D23A4460802BB0B7243BE861F4
floraspring.com/	1970-01-20 11:10:40	Name: vl-cep Value: cep=aO0KXpEM4TMTJ7z5YX6HOs9rIXg4jLSNQYw0B-gRbGf0Qcswnqg-HtaOLaa6cRb7uR_hvDwRjD5kL_og1FMohiImgw1XyFJ5Th8XGFO2Cg0UEA9k08MhFBG-5I5UnQgR61k1AIXCD9fxZmETSLLn-0ENXHv_iN87dVkTYb7roAmLCeDMt_8YorClNag3i7yCVdNV5yf3kwqBCyUYNl8By6rdonUGhLHY7Hxvw5qeyDhJsZrj7roH5N5wkDvu_hAXjKwOB2HWUVCGulDF4-rkqArje7eb8chzs5RGZAGdgZJv63digOM-SBYWnWb4BeuFz6-djNhJUaOJ0LiP63ud_76UvVD9jxkV4hlj_Uu3pdJKw3rOXd6UZ_HWbD4-WCjnF2ppvdN2lZxg4c_C4iy_6gFgJvcDd25CYWijJvrfchaCGRqEB2TM4hHZjbV3MCiU1xByMCbyhY0zXhFiPAQl89SFrVu1bzQ0wVQuxPwVnsg
.criteo.com/	1970-01-20 20:30:49	Name: uid Value: c922b054-911b-49d0-93b1-cdd26b74075a
.floraspring.com/	1970-01-20 13:18:49	Name: _fbp Value: fb.1.1681753889209.1548130425
floraspring.com/	1970-01-20 20:45:13	Name: bitmovin_analytics_uuid Value: 9a668a1f-231d-44a0-adef-674dfff04af0
.floraspring.com/	1970-01-20 20:38:37	Name: cto_bundle Value: gwzbxl9hMXNON3ZTY1ZNM1RqenhCQ0hLYWFhbEZ2Qmppdk01TkdDVG03YzY1d0xzc25OdGNWMmRFOWwwQk1aSjZFekZZeThoNU45OW1jT0lXeFp0R1BVQVdXOVMlMkZ4Z0FDRjZqdkslMkJDeWVHbjZRN1NQbmRtbGpKS2d6dU9ndXFMbVFDdkQzT2Ewb2hIQ2IxVmhZOG8lMkJmTDJLbUElM0QlM0Q
.quantserve.com/	1970-01-20 20:39:28	Name: mc Value: 643d8721-8b319-7863e-76fff
.floraspring.com/	1970-01-20 20:33:42	Name: __qca Value: P0-1353968974-1681753888931
.mfadsrvr.com/	1970-01-20 20:45:13	Name: ssh Value: !sovrn,1681753889
.floraspring.com/	1970-01-20 20:45:13	Name: _ga_JM1YLT9HG3 Value: GS1.1.1681753888.1.0.1681753890.58.0.0
.doubleclick.net/	1970-01-20 20:30:49	Name: IDE Value: AHWqTUlUwjqSkfDMKpZ-KQ_jkC7XRxnTEAs90VOFt9RskyaHDTLLxro-2yHybTn7qWY
.bidswitch.net/	1970-01-20 19:54:49	Name: tuuid Value: c45e6ac6-52af-4eb3-be0d-f452fa764fda
.bidswitch.net/	1970-01-20 19:54:49	Name: c Value: 1681753890
.bidswitch.net/	1970-01-20 19:54:49	Name: tuuid_lu Value: 1681753890
match.sharethrough.com/	1970-01-20 11:19:18	Name: AWSALBCORS Value: XMeYcle9WM/Lja5f8C04cpb4tgMD6FE1JufHFcNgr1IE2TnxQvmctxCs8aOuLUFfwiQTUJ+fuEYfQzq4cRWes9prLKzi3Px15YvNzXlN7e57A8Gd8832Ko7KNpE6
.adnxs.com/	1970-01-20 13:18:49	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E>4hG?c9!]tbPl@/D!9hy6]/Cr+p32H+*msPUuhg:b/e4ny[cgdlt4sd8(24=723ZyR!5>xCE>li2]`yW[5%nugO%v4VB%nrrI+w>Tu
.adnxs.com/	1970-01-20 13:18:49	Name: uuid2 Value: 3131620286781372695
.media.net/	1970-01-20 19:54:49	Name: visitor-id Value: 3247554909171943000V10
.media.net/	1970-01-20 11:52:25	Name: data-c-ts Value: 1681753890
.media.net/	1970-01-20 11:52:25	Name: data-c Value: k-D8YJyuOrYnGq6t8xvPIduuPuq6nP2xUec8QjaQ~~3
.id5-sync.com/	1970-01-20 11:09:14	Name: cf Value:
.id5-sync.com/	1970-01-20 11:09:14	Name: cip Value:
.id5-sync.com/	1970-01-20 11:09:14	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:09:14	Name: car Value:
.id5-sync.com/	1970-01-20 11:09:14	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:09:14	Name: callback Value:
.demdex.net/	1970-01-20 15:28:25	Name: demdex Value: 48463794688040836703505647054560180091
exchange.mediavine.com/	1970-01-20 11:29:23	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%227bce87f0-dd48-11ed-8548-0f7fa63048db%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:29:23	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%227bce87f0-dd48-11ed-8548-0f7fa63048db%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:29:23	Name: am_tokens Value: %7B%22mv_uuid%22%3A%227bce87f0-dd48-11ed-8548-0f7fa63048db%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:29:23	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%227bce87f0-dd48-11ed-8548-0f7fa63048db%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:29:23	Name: criteo Value: %7B%22id%22%3A%22k-7Wd8LeOrYnGq6t8xvPIduuPuq6nwS7jZwR96QA%22%2C%22version%22%3A%22criteo%22%7D
.yahoo.com/	1970-01-20 19:55:11	Name: A3 Value: d=AQABBCKHPWQCEFnEEv2SGDR7XVFcRs-np7wFEgEBAQHYPmRHZAAAAAAA_eMAAA&S=AQAAAhJLiyRD3Sl16L5Z9pJjvS4
.analytics.yahoo.com/	1970-01-20 19:54:49	Name: IDSYNC Value: 18zh~2b55
.pubmatic.com/	1970-01-20 11:52:25	Name: KRTBCOOKIE_97 Value: 3385-uid:k-vcFrPOOrYnGq6t8xvPIduuPuq6lLfcRRuvzKKQ&KRTB&23144-uid:k-vcFrPOOrYnGq6t8xvPIduuPuq6lLfcRRuvzKKQ&KRTB&23286-uid:k-vcFrPOOrYnGq6t8xvPIduuPuq6lLfcRRuvzKKQ&KRTB&23287-uid:k-vcFrPOOrYnGq6t8xvPIduuPuq6lLfcRRuvzKKQ
.pubmatic.com/	1970-01-20 11:52:25	Name: PugT Value: 1681753889
.360yield.com/	1970-01-20 13:18:49	Name: tuuid Value: 12a7673b-72e8-4cd2-8213-d9b8d0a0ede9
.360yield.com/	1970-01-20 13:18:49	Name: tuuid_lu Value: 1681753890
.360yield.com/	1970-01-20 13:18:49	Name: um Value: !38,jfp16LU0aXEl2Gs91kUTVQ.Pfog4oVBglbGnLdRHKRFKKsuAm6e4VIXkR7j8f55zstoMcAui,1689529890
.360yield.com/	1970-01-20 13:18:49	Name: umeh Value: !38,0,1743961890,-1
.dpm.demdex.net/	1970-01-20 15:28:25	Name: dpm Value: 48463794688040836703505647054560180091
.tremorhub.com/	1970-01-20 19:55:10	Name: tvid Value: caa5ebdbef8b4c719be8e2d3c8a50907
.tremorhub.com/	1970-01-20 11:52:25	Name: tv_UICR Value: k-9u5treOrYnGq6t8xvPIduuPuq6nbpcMtHAUmBg
.krxd.net/	1970-01-20 15:28:25	Name: _kuid_ Value: PgFR2N_Q
.casalemedia.com/	1970-01-20 19:54:49	Name: CMID Value: ZD2HIkYmfRAL4JYCR74adAAA
.casalemedia.com/	1970-01-20 13:18:49	Name: CMPS Value: 1194
.casalemedia.com/	1970-01-20 13:18:49	Name: CMPRO Value: 1194

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
analytics-ingress-global.bitmovin.com
bat.bing.com
beacon.krxd.net
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
floraspring.com
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
licensing.bitmovin.com
links.truthaboutabs.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.quantserve.com
pixel.rubiconproject.com
quick.vidalytics.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb-eu.mfadsrvr.com
rtb.mfadsrvr.com
rules.quantcount.com
s.thebrighttag.com
s3.amazonaws.com
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
stats.vidalytics.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
treach-tutters.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
107.178.211.97
141.226.228.48
149.28.34.111
151.101.1.91
162.19.138.83
172.217.16.194
178.250.7.11
178.250.7.13
18.192.108.151
18.203.73.89
184.30.24.22
185.255.84.152
185.64.189.110
185.80.39.216
185.86.138.151
2.22.155.103
2.23.197.36
2001:4860:4802:34::36
216.52.2.39
2600:1901:0:df23::
2600:1f18:612b:4280:b7e4:703:4793:ce15
2600:9000:223c:6400:6:44e3:f8c0:93a1
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c07::9c
2a02:2638:3::3
2a02:2638:d::d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.44.180
3.123.175.18
3.130.203.157
3.67.205.213
3.75.62.37
34.117.157.22
35.156.206.68
35.158.28.31
35.190.27.197
35.238.129.105
37.157.3.30
37.252.171.22
37.252.173.215
52.211.68.60
52.217.105.158
54.154.173.64
54.77.251.116
69.173.144.138
70.42.32.127
74.119.119.150
76.223.111.18
85.215.5.31
021a49ce08e0220356b9875ad59dd99b126e8e24d01df205919e4d5e6a3b2651
0258a5a4c0ef9a9fb39ed3ea40c13ac2d47e3c7609045023158ee31233e1aaa9
05669f6021b27b1343d566e296264c8311dc89fb5199de61b983d59d97c13d42
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0fb819ab3895940a9f1f009d6413723d7666f84195c09b2485c9a750b627e081
1426a2059871d4cd46b4b82bdd2e06e34992a3e4cd79c8b526b781ee6974928b
1525d309743634d1e6d47fda69f98e750485cbbffb3d0539f849e1b1cce1d24d
16356413bcc5c5d4366a5b4f690fe0182fa7a242cb1cf7496e042b28d428c662
1d1974b2deb775a420838749b71e19bb7824e685a28fa1a50e21907c5fd7e7d0
27736a2d115a9af0a0692cb562dccca0615258de0ca24102e8c90d24b1c9f276
297419996bdc9dd8998d9b21244fdca2feb386d0681543b5fcc10511d92b2b50
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34e8b99a2574c4748d63c313657e192faaf6be39a42d38868f0d2eb8c5e8a374
37d1d818e031f1762b00e3a53170580e4aaa448dcb34a34d1f865dcf84038da3
3ddc70311a348318343800efc5ae331b7c559d57f73a233a26a19325d0d29bea
3de72f5e8a70a2b35ecc16f84c129ade0bfc2f0988062c8c80565f407f71a3af
411226d65b1f2d52d634a32a1df97297c6bc9696fbe21565e731033432902523
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac
4469009ea5a9afd7a865fc77d1f50af984a04457eb295ae43feaa221d4352757
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4de78f7ae6064851c4a6d700dff1e471596d28d44518f81e2cc91b07817267f6
4e02209fb4ef1df1c689025b232f23cf95f58e8f7ccd05e4f04e1df99441158f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57b04a5b9fa8c77ceb14fffc791db876e27cb93887de9e9f45430e3be51777d2
58e85ec5782a9ddd2bdb1398acd024726fbf206df3ddb6745b10f2a4224fa187
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
597d02d4f5a05cc796f278969cc5ae9a48262787ae2f6bbbb8e0c45425015bcf
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5c7358b97d06c77f1641108420df9b72caf8353bf02c1e7545c12ffe8ff20bb5
5ed5ee7d2f88513a21b105e38900681e30de2b40d2ff5d97d20b14bde1f2a87b
6202fdcba1218494bc4513a8742609aacd0a9da3f542ddf5db8e6feeb4ad340c
6d1eadaea40a2f254cd8467e61254c36f506788d237ab6cb64cb575a5b7aab0a
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
71d7577a1e8ec552b7408e07fb6fb88216d05b9b810514f2a6c297be85c711b9
7218678bd6af304a3e66df37b924fa34d332037f7e789c3f1b4ce9d26ef196fc
7bd06558684581b5c99aab47ebeea622a7eeb4d12db214fdde14985d44f74337
807a6b0d8e78e705b80e119e889c5f3749fa8187a553300e63d678de36b80343
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
97343db10774f87a60e4c76c6fc51da9f1165e52d036694328bbb6dee539ae2f
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
994e7cba872b1835499be600f85f99d12ae61b38d81ac0429ef39e2f587fd3f0
9cb6ed30b251e4b97ed3f8ed4cab5e913db702397d49c44387cbf61a5bd1aa47
9d7daba2671a1cb3aa750ea2636543b44a0ced52c7a87608ac6a6b9b4341716d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a16407d197ce52d3cbccd4e4d63ea01b6c9e6159af4ea021e728c1b3216a9479
a34be781aa9311e3c5703d709bcc2acf352b080a90c7930ba50f3601521394d4
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aab9cf176aff145f388add98d5acd8b9dd3ba58e7603439e4ab8eb0457a5e4d7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b552c41452c73a75231ffb2bc6d7e14a6182e0d1e1800f68753e8f6d6e67ed50
b57ec36b8c0197cb51e5c02be2f2262ca7043867889f482275ef9b5e209b36a6
b6dbdd4656483b17e06e45f35c609c203a7d3ae3042d29490c17c091fe5d4b2c
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
b8da56041e89fd42f694e6adeeeeb1dec747002cb2df3a1b110ba0f842dcb1b2
ba014cd60f64ed0c76bde747b1cb6c8e82e809bf3330cd8b73885f50e170df39
bb1727e928e3d066824a2329c7ed02c04e08d37d1484adb237a70f2440675ae9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c562af82db9d8b080006ab0e148911d6e06a7538d537fe0ada31d98408144a2a
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ce393603cb15180fdcf9a370abd6637b3f36e200696ac06fdf4031e43fa5da58
cfabe42281ed2f09322871a326b54dace5174cdb28264838d90df52cc7e5e79b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42f6b33db242867f2607350ea7b8804f4cf55e0fa6c677ebf11ee3cf92a9e4a
e4b2151214890e0a7ac5efa36484785c03d4248700f9fca82f03878b06cb9943
ea18565a7caf6a465d9b9eb73d217f9c1942c2e9b86f4e985c9de2ab4e810fa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc301d09208db103d96a40b70934b55ff649ca91802415fe18542deb2465a49
f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f47e9f7f2e9c4ec05f86a82619d6c487110bc34703658a68345545e96b9e7b2a
fa4339bbacfb4be2bb3e9b887570ab0b61acb8e9036c459da1f042ac0f7dc5a3
ff4b1286e2e445c650dc2d3e315c4294511b9a66de21dfa073d766adee740343

floraspring.com Open in urlscan Pro 149.28.34.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

89 %HTTPS

30 %IPv6

47 Domains

59 Subdomains

53 IPs

10 Countries

18054 kBTransfer

20815 kBSize

62 Cookies

4 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

floraspring.com Open in urlscan Pro
149.28.34.111 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

89 %
HTTPS

30 %
IPv6

47
Domains

59
Subdomains

53
IPs

10
Countries

18054 kB
Transfer

20815 kB
Size

62
Cookies

122 HTTP transactions
2 data transactions